For more information on how cognitive computing supports security, read the more recent blog post, “Elementary, My Dear Watson: Identifying and Understanding Malware With Cognitive Security.” 

A few days ago, IBM CEO Ginni Rometty announced the Cognitive Business initiative. This journey is supported by IBM Watson, the cognitive computing system that understands and learns from natural language.

The name Watson is not an homage to Sherlock Holmes’ friend and assistant Dr. John Watson, but rather to Thomas J. Watson, IBM’s first CEO and industrialist. Thomas Watson once said, “Thought has been the father of every advance since time began,” which became the inspiration behind IBM’s THINK trademark.

How Cognitive Computing Will Impact Identity Governance and Management Practices

My own personal view is simple. I’ve been in the identity management space since its inception. And in my personal experience, regardless of the product you use (and I’ve seen many), for every dollar spent on identity governance software today, there are more than $2 spent on consulting and implementation services. And the overall project risk sits at least 60 to 70 percent in the project execution rather than in the identity governance tool the client selects.

In the future, thanks to cognitive computing, I believe this ratio will change dramatically. Every dollar spent on software — in all probability, on software-as-a-service (SaaS) — will maybe be matched up to $1 on consulting and implementation services. As a result of that shift, project risk will also dramatically decrease.

Today, implementing identity governance focuses on getting different stakeholders aligned on the semantics of their own data. Businesspeople speak their specific function or line-of-business language. Security teams talk about security policies; compliance and risk officers talk about regulations; application owners speak mostly of their beloved applications; and finally, IT people speak the cryptic language of OS, databases and so forth.

We’ve All Seen It, Done It and Know It By Heart

Every stakeholder has knowledge somewhere in natural language: documents, process modeling tools, IT service management tools, technical data sheets, etc. Projects are all (or largely) about first getting everyone on the same page, followed by reading existing documentation, matching the semantics, producing additional documentation and then finally moving everything into a new product.

In essence, we’re reinventing the wheel every time, no matter which identity governance and management product is being used. Right now, this is a definite technology limitation.

Can We Simplify This?

Cognitive computing is all about finding natural language patterns among different content. I do believe that in the next three to five years, IBM will see enormous benefits from our cognitive business solutions and could deliver cognitive-enabled identity governance and intelligence to our customers.

It’s not going to be a fast journey, but only a company this size has the intellectual and financial strength to lead this revolution within security and, more specifically, in the identity governance space. For more information on identity and access management, watch the on-demand webinar, “Protect Your Business-Critical Assets: How to Govern and Audit Access for SAP and the Mainframe.”

Now isn’t that elementary, my dear Cognitive Identity Watson?