ITWire

The traditional security stance has failed - as demonstrated by the success of "surgical" attacks in the wake of Stuxnet - and he claims that CA Technologies is one of a few vendors that can provide clients with everything that's necessary in today's security environment.

He's not suggesting that traditional security tools are no longer relevant - far from it. But they are no longer sufficient.

The problem stems from a variety of factors, including the growing need for mobility, the increasing popularity of BYOD, the widespread use of social media, and the fact that there's an online element to practically every business.

Consequently, organisations need to take care of identity management, authentication, data classification (and given current data volumes, classification needs to be automatic), location and device identity.

Identity needs to be the foundation of the way people exchange information, Mr Mankotia told iTWire.

He drew a parallel with the way a passport and a boarding pass are needed to board an international flight - they represent different aspects of identity (eg, nationality vs the 'right' to transportation on that flight), but they do need to be correlated.

And even when identity is confirmed, individuals are still liable to be screened for the items they are carrying into or out of a country.

So some sort of federation and/or single sign on mechanism might be needed (eg, to link an individual's in-house identity with that on external services such as Salesforce.com), and data flows still need to be checked (eg to prevent malware getting in, or confidential data from getting out).

"It's about how we exchange information, what are the identities we trust... and how we keep the good stuff in," Mr Mankotia said.

CA's platform for this is highly scalable, he said, having been tested to 100 million users.

"The time [to adopt such systems] is now, before everything is connected," he said.