The horrific news of the attacks in Belgium last week have resulted in predictable calls for increased security by pushing the perimeter back to the airport door. Security-weary air travelers may now be looking forward to outdoor queues to gain access to terminals, in addition to screening already in place.
This pattern of reaction is typical for air travel. We must remove an ever-increasing amount of clothing to get through security screening. We x-ray people now, not just luggage. We can no longer transport normal-sized tubes of toothpaste or hairspray. All thanks to creative attackers who are constantly scheming to find new ways to hide explosives in shoes, underwear or water bottles.
It’s been said that the military is always preparing to fight the last war. Are we doing the same in IT security? Are we doomed to always react to the threat?
A shift towards identity governance and administration
With the Pre-Check Program, the US Transportation Security Administration (TSA) has already started using identity as a means of filtering threats, or rather reducing the resources focused on low-risk travelers. This is one example of using identity and a risk-based approach to focus resources more proactively.
