Omada A/S - Experts & Thought Leaders

Omada A/S, a global pioneer of Identity Governance and Administration (“IGA”) software and cloud delivered IGA services, announced the appointment of Michael Garrett as CEO. IGA services improve compliance and IT security, manage secure access across all corporate systems, ensure employee access is compliant with access policies and help to automate IT processes for better efficiency. Michael joins Omada with extensive software and services experience and was most recently CEO at Workshare, a UK-based provider of secure enterprise file sharing and collaboration applications. Prior to this he spent 15 years at Hewlett Packard where he led the Global Software Services Division. Michael will bring deep global software experience to the existing leadership team enabling the acceleration of Omada’s growth. Michael takes over as CEO from founder Morten Boel Sigurdsson, who is taking on a new role as President of the rapidly expanding North American region where his knowledge and experience will be vital. Significant growth and investment plan IGA is one of the fastest evolving requirements of digital transformation, compliance and IT security" The appointment forms part of a significant growth and investment plan following the acquisition of Omada by two leading private equity firms, CVC Capital Partners and GRO Capital. Michael’s appointment is the latest of a number of key leadership and Board changes over the last year, including; adding industry leading technology executives, Kevin Hickey (President & CEO of Prevalent and previously President & CEO of Beyond Trust) and Franck Cohen (previously President SAP Digital Core & Industry Solutions and previously President SAP EMEA) as Non-Executive Board Directors and Jim Ousley (Senior Operating Partner at CVC Growth Partners, previously CEO at Savvis, and several other global technology companies) as Chairman of the Board, as well as new leaders in the Services and US Sales teams (Lars Bell and Jim Voloumanos). Identity and access governance Jim Ousley, Chairman, says: “We are excited to have Michael join the leadership team at Omada. His extensive and proven industry expertise in leading global software and services organisations will be a great addition to the company, coupled with the other on-going positive enhancements we are making as we embark on our next stage of global growth.” IGA leadership position was named as Leader in 2019 Gartner Magic Quadrant for Identity Governance and Administration “I am very pleased to join Omada at this pivotal time in the company’s history”, said Michael Garrett. “IGA is one of the fastest evolving requirements of digital transformation, compliance and IT security. Organisations across the globe are currently in a transition to the next generation of identity and access governance and this is exactly what Omada provides today,” Michael continues. “I believe Omada is perfectly positioned with a superior enterprise grade IGA SaaS solution in combination with the unique best practice IGA process framework. Flexible compliance products “This combination differentiates Omada in the market, accelerating adoption and return on investment for its customers. I look forward to working with the broader Omada team to execute on our transformational growth strategy.” Morten Boel Sigurdsson adds, “Omada is experiencing strong demand for its software and services offerings driven by increasing market demand for efficient, flexible compliance products and services. Our IGA leadership position was recently highlighted by being named as a Leader in the 2019 Gartner Magic Quadrant for Identity Governance and Administration. I look forward to working with Michael and our team in this exciting new chapter for the company.”

These days, business is more collaborative, adaptable and connected than ever before. In addition to offering new identities and access privileges, new applications and data also increase the attack surface available to cyber criminals, hacktivists, state actors and disgruntled insiders. These new identities need to be handled carefully. CISOs must develop an identity management strategy that is consistent across on-premises, hybrid and cloud systems. Good security is built on solid identity governance and administration (IGA) principles. From ransomware to supply chain intrusions, high-profile cybersecurity events frequently take advantage of weak identity and access management procedures. The Identity Defined Security Alliance found that 84% of organisations experienced an identity-related breach during its one-year study period. Robust IGA system Consequently, organisations need to find best-of-breed solutions for each section of the fabric Some of the most well-known cyber-attacks have not been made possible by a nation-state exploiting a remote zero-day vulnerability; rather, they have been made possible by something as basic as a hacked orphaned account. This resulted in lateral movement from an insecure platform to a high-value system, illegitimate privilege escalation or unsanctioned access to a computer system. To safeguard against such attacks, organisations must be aware of who has access to their systems and apps, and guarantee that access is revoked when it is no longer required. Here, a robust IGA system is helpful. It is not the whole picture, though; IGA is part of a larger identity fabric. A report by KuppingerCole noted that “Identity Fabrics are not necessarily based on a technology, tool or cloud service, but a paradigm for architecting IAM within enterprises.” The report pointed out that the paradigm is created using several tools and services. That’s because, contrary to marketing claims, no one vendor has a platform that provides all the needed elements. Consequently, organisations need to find best-of-breed solutions for each section of the fabric. Threats to the new corporate landscape Due to their exclusion from the corporate firewall and the security culture that comes with working on-site, remote employees and third parties are desirable targets for hackers. The transition to online office suites is another vulnerability that hackers are taking advantage of–for instance, through bogus authentication login dialogues. Additionally, hackers are using technologies like machine learning and artificial intelligence to circumvent current security tactics. A cyberattack powered by AI will imitate human behaviour and develop over time. Even publicly available information might be used by this "weaponised AI" to learn how to get past a target’s defences. CISO and the business users Attackers will finally find an entryway, but firms can protect the new perimeter–their identities It's no longer possible to secure the traditional perimeter. Attackers will eventually find an entryway, but businesses can protect the new perimeter–their identities. To defeat these threats, organisations must look again at identity and access management tools and how they are weighed against the impact on the organisation. Should you mandate multi-factor authentication (MFA) more often and earlier? Should only company-owned devices have access to networks, or should access be restricted to specific business hours or regions? Should access to sensitive information and critical systems be given just temporarily or should it be offered on a task-by-task basis? Both the CISO and the business users they assist should be asking these questions. Staying ahead of threats with identity Access control limits decrease dangers but can come with a cost. If you give your users too much access, your organisation becomes susceptible; if you give them too little, productivity suffers. But there are ways to strike a balance with security, compliance and productivity. More CISOs are turning to Zero Trust–which is based on the principle of maintaining strict access controls and not trusting anyone by default–to protect their systems from new attack types. However, Zero Trust is reliant upon having a thorough and baked-in strategy that underpins it.  Other actions that companies can take include implementing automation for identity management, such as automating workflows for approval. This would significantly lessen the administrative burden and friction that security solutions like multifactor authentication (MFA) or time-restricted access to critical systems have on business users. This might include restricting access to particular devices, capping access hours during the day or enforcing MFA based on user behaviour. Identity fabric: Putting it all together Make sure your identity architecture is scalable, secure, and provides a seamless user experience These are just two elements of the identity fabric approach. Most organisations today have implemented pieces of an identity fabric, which is basically an organisation’s identity and access management (IAM) infrastructure and typically includes a mix of modular IAM solutions for multi-cloud and/or hybrid environments. Now, organisations need to define, enhance and develop this infrastructure. They must also institute guiding principles for how it should operate, meet current and future business requirements as well as identity-related cybersecurity challenges. In doing so, businesses can move past identity platforms and adopt an identity fabric perspective. The key is to make identity governance the starting point of your identity fabric strategy, ensuring seamless interoperability within your identity ecosystem. Make sure your identity architecture is scalable, secure, and provides a seamless user experience. Aligning security with business Due to the increase in knowledge workers using the cloud and working remotely, attackers are focusing on this group. These employees are easier to compromise, give access to valuable data and offer more attack targets. Knowledge workers also lack an administrator’s level of security expertise. Therefore, as part of their security fabric strategy, enterprises require a scalable IGA system. It is easier to comply with security and access regulations and takes less time for IT teams to do normal administrative activities when they invest in IGA, a crucial tenet of identity security. CISOs and boards, though, are currently looking at more than identity management. IGA is at the centre of the debate about security and governance. Taking an identity fabric-based approach, with a foundation built on modern, cloud-based IGA, will safeguard identities, increase productivity, and make staff adherence to organisational procedures easier.