1. Dashboards
  2. Companies
October 21, 2021updated 20 Oct 2021 5:04pm

CTO Talk: Q&A with ForgeRock’s Eve Maler

By Eric Johansson

Eve Maler is the CTO at ForgeRock, an identity and access management software company.

While she stepped into her role as CTO of Forgerock in April 2020, amidst the Covid-19 pandemic, the ForgeRock CTO is a long-term veteran at the company.

The San Francisco-headquartered enterprise was founded in 2010 and is creating solutions that make it easier for businesses to manage their digital identities. This includes providing solutions that are part of the ongoing trend of getting rid of passwords all together, a trend highlighted in a recent thematic research report from GlobalData.

ForgeRock’s solutions includes its Identity Platform. It leverages a DevOps approach, using multi-cloud and hybrid cloud environments for digital identity services.

This enables developers to easily build and maintain a production-grade, cloud-ready architecture. It also uses Kubernetes, an open-source container-orchestration system, to automate deployment, scaling, and management of applications.

In the latest Q&A in our weekly CTO Talk series, ForgeRock CTO and self-proclaimed “protocol wonk” Maler reveals why she believes passwords are a thing of the past, tells us about that time she ate a rattlesnake and what her biggest advice to other CTOs are.

Eric Johansson: Tell us a bit about yourself – how did you end up in your current role?

Eve Maler: I’m an identity, security, and privacy techie, and a “protocol wonk”. I’ve been fortunate enough to have a hand in designing several of the standards being used today for giving people a secure and smooth experience for getting into their digital stuff, so to speak. These days I head up the innovation labs at ForgeRock, where a lot of exciting things are happening. I’ve been with ForgeRock for seven years, starting out in the team that I’m running right now and focusing on privacy and consent.

We’ve always had a big emphasis on standards leadership and interoperability, and when I originally joined, it was early days for the standard I was concentrating most heavily on, user-managed access, known as UMA. We were the first to implement it for consumer use cases. It’s now popping up in a variety of places, some expected, like financial services, and some surprising, like agricultural IoT.

Which emerging technology do you think holds the most promise once it matures?

There are oh-so-many, but a huge one that’s right in front of us is passwordless authentication. Password-based authentication is by far the most common authentication method – but it fails at actually securing accounts, and preserving a smooth user experience. Not ideal to say the least! But there’s a difference between a one-off passwordless experience and a persistent authentication method that involves zero memorisable secrets, but if we get the latter right – wow.

How do you separate hype from genuine innovation?

Something is hyped when it claims to check off every single box no matter what you throw at it whereas genuine innovation tries to solve real problems. That means it picks and chooses which problems to optimise for.

What’s the biggest technological challenge facing humanity?

When you put it that way – suggesting we’re in the digital realm and focusing on humans versus businesses – I’d say the biggest challenge right now is ensuring that people can retain their autonomy in the face of data privacy and security encroachments.

What’s the most important thing happening in your field at the moment?

There are so many! But an interesting one is the movement to deliver identity solutions in the form of “wallets” akin to digital payment wallets. For many years people used the metaphor of the driver’s license as the ideal for delivering identity attributes to online services in a privacy-sensitive way. Apple has recently been taking steps to make this happen for real.

A ton of standards work has been under way to make it happen in a more vendor-neutral way, known as ‘decentralised identity’, which will one day allow consumers to fully reclaim ownership and control of their data.

Where did your interest in tech come from?

I studied linguistics at university – not computational, but sort of adjacent – and that led to hanging out with the geeks and, I guess, an analytical mindset. The rest I picked up as I went along!

What one piece of advice would you offer to other CTOs?

Alternative views make the world go round! Innovation thrives on the unexpected, so you may need to welcome a little bit of conflict.

What’s the most surprising thing about your job?

It’s surprising how much time I’m able to dedicate to spending time with the members of my team. I’m grateful that many managerial housekeeping and logistical tasks have been made more efficient through modern technology. It gives us a chance to be better leaders.

What’s the strangest thing you’ve ever done for fun?

At a standard offsite in Arizona, I ordered rattlesnake for lunch. And then bought a T-shirt saying “I ate rattlesnake”.

In another life you’d be?

I already have another life! A bunch of “identerati” formed a band called ZZ Auth and the Love Tokens and we spent a number of years playing parties at the annual Identiverse conference. Hopefully Covid won’t have ended our streak for good. But in a third life, I would have been a pool shark.

Verdict deals analysis methodology

This analysis considers only announced and completed deals from the GlobalData financial deals database and excludes all terminated and rumoured deals. Country and industry are defined according to the headquarters and dominant industry of the target firm. The term ‘acquisition’ refers to both completed deals and those in the bidding stage.

GlobalData tracks real-time data concerning all merger and acquisition, private equity/venture capital and asset transaction activity around the world from thousands of company websites and other reliable sources.

More in-depth reports and analysis on all reported deals are available for subscribers to GlobalData’s deals database.