CIO Influence Interview with Dan Mountstephen, Senior Vice President – APJ, Saviynt

Dan Mountstephen, Senior Vice President – APJ, Saviynt discussed building a zero-trust framework, strengthening IAM strategies, the future of cybersecurity, and more in this Q&A:

———

Hi Dan, you have over 20 years of experience in software, sales, and cybersecurity. Can you share about your journey and role at Saviynt?

I’ve spent over 20 years in software, sales, and cybersecurity, building and scaling businesses across the APJ region. I moved here in 2009 with networking giant Cisco, thinking I’d stay for just a year. 15 years later, I’m still here, happily married with two kids, and we are a true tech family. My wife works in channels for Adobe, so conversations in our house are usually about our boys’ sports or tech. As SVP at Saviynt, I lead our APJ regional efforts, helping enterprises modernize their identity security strategies.

Over the years, I realized what truly excites me about cybersecurity is its role as a business enabler. It’s not just about defense; it’s about driving innovation, enabling growth, and solving high-impact challenges. Cybersecurity is constantly evolving, offering a space where I can merge my passion for strategy, business, and technology.

Saviynt is experiencing record growth, surpassing $200M in recurring revenue in 2024, a 35% YoY increase. Our platform is replacing legacy on-prem solutions, serving over 500 customers and protecting more than 60 million identities. With AI-powered innovations like our Intelligence Suite, we’re redefining identity security. Our strong partner ecosystem, from Accenture to EY, reinforces our market leadership as CIOs and CISOs prioritize identity-first security. It’s an exciting time to be on this rocket ship!

Also Read: CIO Influence Interview with Seva Vayner, Product Director of Edge Cloud and Edge AI at Gcore

Zero Trust is a key focus for modern enterprises. How does Saviynt help organizations build a zero-trust framework effectively?

Zero Trust architecture is a focus for several organizations today, and Saviynt plays a pivotal role in helping organizations build an effective Zero Trust framework. We help organizations build a robust Zero Trust framework by focusing on identity as the new perimeter and ensuring that only the right people have the right level of access to the right resources at the right time.

Saviynt’s approach to Zero Trust is comprehensive and multifaceted:

• Identity-Centric Security: We secure every identity within the organization, whether it’s human, machine, or application. By enforcing least privilege and just-in-time access, we ensure that identities have the right level of access at the right time, and controls are enforced consistently across all environments—whether on-premises, in the cloud, or hybrid—reducing the attack surface.
•  Enforcing the Principle of Least Privilege Access: Our product’s foundation is built on the principle of least privilege by providing just-in-time and just-enough access. This means users are granted the minimum level of access necessary to perform their tasks, reducing the attack surface and minimizing the risk of insider threats.
• Integration and Interoperability: Our platform integrates seamlessly with various endpoint security, network security, and identity-based micro-segmentation tools. This interoperability ensures that organizations can leverage their existing security investments while embracing the principles of Zero Trust.
• Automated Governance: Saviynt automates identity governance processes, such as provisioning and de-provisioning, access reviews, and compliance reporting. This automation not only enhances security but also improves operational efficiency and reduces administrative overhead.
• Continuous Monitoring and Analytics: Saviynt provides unparalleled visibility into all identities and their activities across ecosystems through advanced analytics and continuous monitoring to detect and respond to unusual behaviors or potential security breaches in real-time. This proactive approach helps organizations stay ahead of threats and maintain a robust identity security posture.

In essence, Saviynt’s approach empowers organizations to adopt a Zero Trust framework to secure their identity perimeter effectively, ensuring robust protection without compromising productivity or agility.

What advice would you give to CISOs and IT leaders looking to strengthen their identity and access management strategies?

The cybersecurity landscape has fundamentally shifted, demanding CISOs adopt an identity-first approach. Legacy IAM systems that only meet compliance requirements are no longer enough. We’ve entered an era where identity is the new security perimeter, necessitating a paradigm shift in how we perceive and manage access. 

Modernizing with cloud-native, AI-driven platforms like Saviynt is no longer optional; it’s imperative. Zero Trust and least privilege must become the baseline, enforced through continuous verification and granular access controls. AI and automation are far from being luxuries. They are essential for reducing risk, detecting anomalies, and simplifying governance. Identity security is not just an IT issue; it’s key to a strong security strategy and resilience in today’s multi-cloud world.

This shift in thinking is crucial. Strong security depends on managing both human and non-human identities. Organizations must move away from reactive, compliance-focused IAM and adopt proactive, risk-based strategies. Investing in tools that offer full visibility and control, along with promoting identity hygiene, helps CISOs prevent security risks. Large enterprises have proven this: identity security isn’t just part of a strong defense, it’s the foundation.

With the increasing complexity of cloud, hybrid, and on-premises environments, how does Saviynt ensure seamless security and compliance across these infrastructures?

At Saviynt, we understand the challenges that come with managing security and compliance across diverse IT environments. Our platform is designed to provide a unified approach to identity governance and administration, ensuring seamless security and compliance across cloud, hybrid, and on-premises infrastructures.

•  Unified Identity Governance: Saviynt’s platform centralizes identity governance, enabling consistent enforcement of granular access control policies across all environments. Whether it’s cloud, on-premises, or hybrid, our solution ensures that identity’ access is uniformly applied, reducing the risk of security gaps
• Flexible Deployment Options: Our flexible deployment models cater to the unique needs of each organization. Whether an organization is fully cloud-based, on-premises, or operating in a hybrid setup, Saviynt integrates seamlessly with the existing infrastructure, ensuring a tailored solution that meets specific security and compliance requirements
•  Automated Compliance Management: Our platform automates compliance management processes, including access reviews, provisioning, and de-provisioning. This automation not only enhances security but also ensures that organizations remain compliant with regulatory requirements, reducing administrative overhead and the risk of manual error
•  Seamless Integration: Saviynt integrates with a wide organization’s existing security tools, including endpoint security, network security, and identity-based micro-segmentation tools. This integration capability provides a single pane of glass to manage identities, access, and compliance across all environments

Ultimately, our goal is to simplify identity access through a single comprehensive converged platform while maximizing identity security effectiveness. By offering a unified platform with uniform security controls, we help organizations of all sizes achieve seamless security and compliance across their cloud, hybrid, and on-premises environments.

Also Read: CIO Influence Interview with Jason Merrick, Senior VP of Product at Tenable

APAC is a rapidly growing region for cybersecurity investments. What are the top challenges and priorities for businesses in this region when it comes to identity security?

I discuss this with CIOs and CISOs all the time, identity security sits at the intersection of cyber, compliance, and digital transformation. Done right, it’s a business enabler that drives competitive advantage.

APAC businesses face challenges with legacy IAM, complex regulations, rapid cloud adoption, and the explosion of machine identities. Outdated systems can’t keep up, making automating compliance with out-of-the-box reporting a top priority. The focus now is modernizing with a converged, AI-driven platform, enabling Zero Trust, automation, and intelligent analytics. Companies that get identity security rights will be more secure, compliant, and ahead of the competition.

Finally, what excites you most about the future of cybersecurity and identity governance?

What excites me most about the future of cybersecurity and identity governance is that it never stops, it’s a constantly evolving space. Identity security has become a board-level initiative, with senior leaders realizing its critical role in overall business success. When done right, it’s a true business enabler that drives digital transformation, compliance, and security in one go. What’s most exciting is that most companies are just getting started. As they begin to adopt more advanced, AI-driven identity solutions, we’ll see tremendous growth in how businesses leverage identity governance to stay secure, resilient, and competitive. 

[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]