Security Information Governance Archives - Security Information Governance

Is your Zero Trust strategy stuck in a spreadsheet?

If it is, there’s a big risk your governance is to. Most Zero Trust projects don’t fail at the policy engine. They fail at what the engine reads. The identity side of this is mostly solved. If you have run an IGA program over the past ten years, with SailPoint, Saviynt, Okta or Omada, you […]

Identity Visibility & Intelligence: turning fragmented data into reliable decisions

Over the last few years, security leaders have learned a hard truth: you can’t govern what you can’t see and you can’t act confidently on what you don’t trust. That’s the gap Identity Visibility & Intelligence Platforms (IVIP) were created to fill: a robust, analytics-driven visibility layer across identity programs that consolidates data, surfaces risk, […]

Pathway to climb the Zero Trust Maturity mountain

I’ve always appreciated the architectural models, governance guidelines, and best practices developed by U.S. agencies like NIST and CISA. These frameworks play a critical role in shaping an organization’s cybersecurity posture and reducing exposure to threats. One concept gaining momentum is Zero Trust Architecture (ZTA), as defined by NIST. It serves as a strategic lens […]

Helios Aegis – personell security (Swedish only)

Beyond the Four Pillars of IAM: Why an Identity Information Mindset Matters

In most organizations, we’ve come to think of Identity and Access Management as a four-legged stool: authentication ensures we know who’s logging in,

White Paper: Security Information Governance

Executive summary */BAC refers to the domain of attribute-based access control that enables organizations to meet a broad set of regulatory requirements using an access control where authorization is based on information dynamically evaluated at runtime. Before the */BAC revolution, organizations statically assigned permissions and entitlements to users and stored them in a common, central […]