How can CISOs balance user experience with stringent security controls, particularly in highly regulated industries?

Combining security and usability has always been a challenge, I would say it is the most common challenge that everybody is facing in security.

In highly regulated industries, if you put a blanket security policy that demands everybody to do manual MFA every single time, you fatigue your users, and it can actually decrease security, not increase it. So, the balance that needs to be struck is enhanced through the AI-powered adaptive MFA.

With Okta, you don’ t have to choose between security and user experience anymore. Okta’ s AI algorithm builds a unique dynamic behavioral profile for every single identity in your organisation. For example, when a bank employee logs in, the AI calculates the risk score in milliseconds based on dozens of signals and behaviours. If the behaviour is typical, the experience is invisible. We only introduce friction and additional security only when the AI flags an anomaly.

What trends are you seeing in compliance requirements across the Middle East when it comes to identity governance, and how can CISOs futureproof their identity programmes?

We are actually seeing huge progress in the region regarding governance. Regulators across the Middle East, especially in Saudi Arabia and the UAE, are pushing heavily for continuous compliance.

As a CISO, to future proof yourself, you must converge access management with an AI driven governance. By adopting a platform like OIG( Okta Identity Governance), governance is natively embedded into the identity platform.

Okta AI transformed this process by generating intelligent access recommendations. Instead of a manager blindly approving a massive list of access requests, the AI analyses peer usage, historical data and behavioural patterns, informing the manager exactly who should or should not have access. It essentially automates the compliance and removes all human guesswork.

Looking ahead, what strategic shifts should Middle East CISOs prepare for in identity security?

SEE FULL VIDEO INTERVIEW HERE:

The most strategic shift is preparing for the explosion of what we call nonhuman identities, or as they are more commonly known, AI agents. As more organisations embrace GenAI agents, soon the number of AI agents will drastically outnumber human employees. CISOs must bring all of their nonhuman identities under control wihthin the same control panel.

Furthermore, as attackers weaponise AI for deepfakes and hyperscale attacks, CISOs must lean on defensive AI to survive – fighting AI with AI.

Okta’ s vision is continuous AI driven protection where machine learning acts as an autonomous security analyst, constantly mapping the behaviour of both human and nonhuman identities, instantly isolating threats at the identity layer before they breach the network.

WWW. INTELLIGENTCISO. COM 17