Access Management , Governance & Risk Management , Identity & Access Management
Better Identity Coalition: A Project UpdateJeremy Grant, Coalition Coordinator, Discusses Identity Management Progress
Jeremy Grant, coordinator of the Better Identity Coalition, offers a progress report on the 3-year-old organization's efforts to help prevent breaches with better identity management.
See Also: Live Webinar | Breaking Down Security Challenges so Your Day Doesn’t Start at 3pm
Among the group's key accomplishments so far, he says, are pushing for changes in the way the U.S. uses Social Security numbers as identifiers, prioritizing the development of next-generation remote identity proofing and verification systems and pursuing international coordination and standardization of identity systems
The coalition, formed in the wake of the massive Equifax breach, includes representatives of the financial services, healthcare, technology and identity/security sectors.
“Given, unfortunately, how many Social Security numbers have been breached, it's not really useful to pretend that it's a secret or to use it as an asset,” Grant says. “As an authenticator, if I call my bank and they asked for the last four of my Social Security number to authenticate me, the only logical answer is, “Don't you realize that the Russians have that, the Chinese have that, about 47 well-organized criminal gangs do, and any mediocre teenage hacker can probably get my SSN on the dark web for 87 cents? So what's the point?”
Grant says Congress has begun to get beyond the idea of replacing or restricting the use of the SSN "and more to thinking how it should be used and where we shouldn't use it.”
In a video interview with Information Security Media Group, Grant discusses:
- Objectives that the coalition has met and where there is still work to do;
- Challenges of tracking COVID-19 vaccine records;
- Key initiatives for the coalition for 2021.
Grant, coordinator of the coalition, is Venable's managing director of technology business strategy. He has more than 20 years' experience at the intersection of identity, privacy and cybersecurity, having served in a range of leadership positions spanning government and industry. He also serves as a member of the Commonwealth of Virginia’s Identity Management Standards Advisory Council and on the advisory board of the European Payment Summit.