Access Management , Governance & Risk Management , Identity & Access Management

Putting Identity at Center of Cybersecurity Programs

Rebecca Archambault of Blue Cross Blue Shield and Jeremy Grant of Venable on IAM Issues
Jeremy Grant of Venable and Rebecca Archambault of Blue Cross Blue Shield

The security challenges presented by the COVID-19 pandemic, including managing a remote workforce, point to the need to prioritize identity management, say Rebecca Archambault of Blue Cross Blue Shield and Jeremy Grant of the law firm Venable.

See Also: Reducing Complexity in Healthcare IT

”Put identity is at the center of your cybersecurity program. Make sure identity is sitting in the middle, and not at the outside of it,” Archambault says.

“Make sure your security team is involved in all of your implementations and all of your maintenance,” she says in a video interview with Information Security Media Group. ”Remember that every application, every piece of infrastructure [contains] an identity and access component. Anytime you’re onboarding new apps or changing existing apps, there is an identity piece of that. So identity teams need to be at the center of everything.”

Grant points out that one recent survey found that less than 50% of CISOs control or influence identity management.

“There are a lot of organizations where [identity] is considered part of HR – tied to hiring, firing and promotions – or is part of IT operations. And if that’s a case, then they’re not taking a security-focused approach,” he contends. “Certainly if you’re in the information security function in an organization and if you don’t own identity, figure out a way to take it over.”

In this joint video interview, Archambault and Grant also discuss:

Archambault is the trusted identities leader of Blue Cross Blue Shield of Western New York and Blue Shield of Northeastern New York. She’s responsible for setting overall identity strategy for the enterprise, including expanding identity governance to consumers and business partners. Archambault also leads the identity working group for H-ISAC and founded the Western New York Identities Working Group. Previously, she was the global identity and access management operations head for HSBC Bank.

Grant is managing director for technology business strategy at the law firm Venable. He previously served as a managing director at The Chertoff Group and established and led the National Program Office for the National Strategy for Trusted Identities in Cyberspace housed in the National Institute of Standards and Technology. Earlier in his career, Grant served as a vice president for Maximus.

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.