As CEO of the newly created Global Identity Foundation and co-founder of the Jericho Forum, a global security group for CISOs, Simmonds says the core security challenge every organization faces is how to authenticate identity.
"Right now, with the systems we have in place, we don't have any connection to the person," he says during an interview at RSA Conference 2013.
The digital connection between the entity confirming the identity and the individual who possesses the identity has to be solid, Simmonds adds. "Banks and others need that information so they can make a risk-based decision, based on the identity," he says. Without that information, they are building risk profiles about identities, based on information that is not reliable, Simmonds explains.
"There is a challenge around doing this globally and doing this around bring-your-own-identity," he says. "So, one of the things that Jericho came to the conclusion about is that you and I need to be in control of our own identity. It's how humans operate. And doing anything else doesn't work."
Computer networks and systems get hacked, Simmonds says, making them unreliable for the management or authentication of identities. "Fundamentally, you and I need to bring our own identity to the game," he says.
At RSA 2013, Simmonds hosted a presentation about Jericho's plans for the new identity management group, as well as steps organizations should take now to educate themselves about what to expect in the future.
In this interview, Simmonds discusses:
- The role of the Jericho Forum and the role it envisions for the newly established Global Identity Foundation;
- Challenges current mindsets and infrastructure pose for global identity management and authentication;
- How a global network can help to improve financial and national security.
In addition to his roles as a board member on the Jericho Forum and head of the new Global Identity Foundation, Simmonds also is an independent security consultant who formerly served as the CISO of AstraZeneca, a global biopharmaceutical research company. He also previously oversaw information security for a high security European Web hosting company and was the global information security manager for Motorola.