The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017

Lisa O’Connor

Accenture Labs

Cybersecurity Research and Development

ForgeRock

Austin, TX

May 2, 2017

Copyright 2017 Accenture. All rights reserved. 2

NAVIGATING COMPLEX

ECOSYSTEMS

Businesses operate in a digital ecosystem that is becoming

ever more connected, collaborative and complex.

Think about your ecosystem as a neighborhood…


WHO IS IN YOUR

NEIGHBORHOOD?


A SELF-SUSTAINING

ENTERPRISE

UNDERSTANDS AND

RESPONDS TO WHO’S

MOVING IN AND OUT,

WHAT THEY’RE DOING,

AND WHAT THREATS

THEY PRESENT.

Has the agility to

sense & respond to

threats and vulnerabilities

as they present themselves

THE SELF-SUSTAINING ENTERPRISE


Infrastructure shifts

security postures

in response to

ecosystem changes.

Uses predictive

analytics and cognitive

modeling to automate how

enterprise security “thinks”

about threats or risks.

Infrastructure

paradigms such as network

functions virtualization (NFV)

and serverless architectures

introduce the agility needed

to “react”.


Proliferation of

insecure devices

Merging of personal

and professional lives

and data

Attackers “weaponizing”

the internet

CYBER RISKS IN A NEW

BUSINESS ECOSYSTEM

Businesses operate in a digital ecosystem that is

becoming ever more connected, collaborative and complex.


THE NECESSARY FUNDAMENTALS

OF SELF-SUSTAINING ENTERPRISES

Continuous discovery

and classification

of new assets (user,

device or data)

Trust-based

authentication assigns a

“trust-level”

to each device

An adaptive, intelligent

security platform will

streamline security

operations and reduce

complexity


THE

EVOLUTION

OF TRUST

PRINCIPLES

Digital Trust

Think digital trust is cornerstone of digital economy

33% Proactively brought ethics into Tech Vision discussion

83%

A self-sustaining approach enhances existing cybersecurity

capabilities through automation, machine learning, software-defined

networking and new approaches to infrastructure.

ENABLING THE SELF-SUSTAINING

ENTERPRISE


An adaptive, intelligent platform that can deliver

a self-healing, scalable security environment

A self-sustaining approach enhances existing cybersecurity

capabilities through automation, machine learning, software-defined

networking and new approaches to infrastructure.


ENTERPRISE


An adaptive, intelligent platform that can deliver

a self-healing, scalable security environment

More sophisticated identity methods for seamless integration

Consistent user experience across applications, devices and internet-connected

things to manage persistent identity.

Going serverless

Applications built within a serverless architecture exist as individual functions, with a

strong definition for how data needs to flow between them. It required operational

discipline--triggers and microservices--which can be leveraged for cyber defense.

Thinking about infrastructure and security as code

Software-defined security has controls designed independently of the physical

infrastructure. Virtualizing in this way provides the flexibility and agility to control and

quarantine small parts of the network/device.

Becoming dynamic

As threats or risks change, the self-sustaining enterprise responds by segmenting,

moving and morphing assets with a much more fluid and unpredictable approach to

managing business risks, protecting assets or containing incidents.


ENTERPRISE



Continuous Integration through DevOps

Continuous/Persistent Authorization

Microservices/Serverless

Customer Driven Authentication Experiences

Data Privacy

Device/Phone as Token

Robotic Provisioning

Biometrics

Blockchain

IOT Asset and Trust

IDENTITY

“By 2020, a typical small enterprise's IAM program will span a million people, 10 million things and billions of relationships, driving significant simplification of its approach to IAM.”Source: Gartner (May 2015)

Trends that promise to disrupt how we think about Identity

THE OPPORTUNITY

Rapid enablement of cloud, mobile and IoT Digital Identity service delivers a

richer, seamless user experience across applications, devices and internet-

connected things.

New Channels

Single View

Personalization

Relationships Privacy

Regulatory Compliance

Operational Efficiencies

Security

Seamless User Experience

RETURN ON IDENTITY

The business challenge: getting the math right on ROICopyright 2017 Accenture. All rights reserved.

Integrate products

and/or techniques that

“think” and “react”

with minimal human

effort (for example, AI

and advanced analytics)

to enable the self-sustaining

environment.

THE JOURNEY TO AGILE

CYBERSECURITY


Understand the

availability and

sustainability goals

for key business

processes based on

acceptable levels of risk.

Identify applications

that can be logically

separated from their

operational components

into microservices

and events.

Consider how security

services can be shared

for reuse/consistency,

evaluate how they could be

more effectively applied to

microservices and events,

and revisit security

requirements for business

functions and services.

Identify security functions

that can be provided as a virtual

service through serverless and

network virtualized functions of

software-defined networking.

Build a robust identity and

access management system

to detect and manage new and existing

assets—including users, devices, data

and communications—to dynamically

and continuously determine how trusted

they are.

ACCENTURE LABS

NEW. APPLIED. NOW


Learn more at www.accenture.com/labs

30 YEARS

of technology innovation

Applied R&D projects that deliver

BREAKTHROUGH

SOLUTIONS

Dedicated

INNOVATION

Labs in Washington D.C. and Israel

CYBERSECURITY

http://www.accenture.com/labs