Chris Niggel, director of security and compliance at San Francisco-based identity management services provider Okta (Nasdaq: OKTA), has said government agencies seeking to protect information systems from cyber threats should adopt security controls “that match the level of risk.”
Niggel wrote that choosing such controls begins with the process of examining the types of data employees handle and establishing threat models that seek to determine how potential threat actors might misuse or alter that information.
“The future of information security is inextricably tied to identity management,” he noted.
He called on agencies to control the amount of data that can be accessed by personnel and standardize the types of controls used by cloud service providers to facilitate cloud modernization and adoption.
“The cloud has dramatically changed the way we work, and when we view access holistically with identity and risk, we can enable both better security and productivity,” Niggel added.