VIDEO | State of Ohio Cybersecurity Strategy Advisor, Office of the Governor: Identity and Access Management Must Evolve With Risk and Technology

(US and Canada) Kirk Herath, Cybersecurity Strategy Advisor at the Office of the Governor, State of Ohio, speaks with Jenna Fullenkamp, Senior Account Executive at GuidePoint Security, in a video interview about risks, security posture, and identity access management.

Herath, emphasizing how his strong legal background impacts his approach to cybersecurity, notes that being a counselor of law requires building collaborative relationships. It is the same for cybersecurity. Specifically, he stresses that the issue of cybersecurity is about tolerances and reasonable risks. There may be more risk in not doing something, Herath says.

He adds that cybersecurity is also about transparency. When making decisions, everybody has to understand the risks and the opportunities.

When asked to name the most critical foundation of a security posture, Herath highlights identity management. He says that organizations need good authentication and identity access management in addition to understanding the inventory of assets. He further explains that most organizations need help creating complete data inventories, leading back to the need for good identity access management.

Elaborating, Herath says the identity and access management system has to evolve with risk and technology.

When developing a cybersecurity strategy, Herath advises newer professionals to do the following:

• Establish a baseline of what the network looks like and the maturity of the capabilities used to protect and manage it. Some businesses will have different tolerances for risk than others.
• Meet a lot of people. Identify the leaders and the people who will be the most helpful because it is a team sport.

CDO Magazine appreciates Kirk Herath for sharing his insights and data success stories with our global community.

See more from Kirk Herath

There Is No Perfect Cybersecurity