Identity at the Center

In this episode of the Identity at the Center Podcast, Jeff and Jim tackle questions from listeners around the world, including: "What certifications or skills would you recommend focusing on in 2025?" "What are some of the most common mistakes companies make when rolling out MFA, and how can they avoid them?" and "How should small and mid-sized businesses approach IAM when they don’t have the same resources as large enterprises?" Thanks to Ryan, Diego, and Omar for sending these in!Chapters00:00 The Unsustainable Strategy of Heroism01:48 Introducing the Identity at the Center Podcast02:04 Travel Tales and Tech Tips09:57 Listener Mailbag: Career Advice for IAM Professionals19:20 Global Listener Stats and MFA Rollout Mistakes24:30 Exploring MFA Options24:56 Common MFA Mistakes25:13 The Importance of Coverage25:44 Humorous Interlude26:00 Understanding MFA Factors26:29 Avoiding Knowledge-Based Authentication26:50 Self-Serve MFA Resets27:31 Productizing IAM28:35 Listener Question: SMB IAM Strategies31:35 Balancing Security Investments32:07 Staffing and Technology Considerations35:54 The Role of Cyber Insurance43:10 Historical Figure Swap47:10 Wrapping Up and Listener AppreciationConference Discounts!Gartner IAM Summit - Code IDAC425 saves 425€: https://www.gartner.com/en/conferences/emea/identity-access-management-ukEuropean Identity and Cloud Conference 2025 - Use code idac25mko for 25% off: https://www.kuppingercole.com/events/eic2025?ref=partneridacIdentiverse 2025 - Use code IDV25-IDAC25 for 25% off: https://identiverse.com/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.com

This episode is sponsored by Beyond Identity. Visit https://www.beyondidentity.com/idac to learn more.In this sponsored episode of the Identity at the Center podcast, Jeff and Jim host Sarah Cecchetti, Director of Product Strategy at Beyond Identity. They discuss the transition away from password-based systems to more secure, passwordless authentication methods. Sarah explains the unique differentiators of Beyond Identity, their integration with security tools, and how they leverage cryptographic keys stored in device secure enclaves. The conversation covers user resistance to biometrics, deployment strategies, and the importance of shared security signals. Sarah also shares personal anecdotes about her backpacking trip across Spain and informs listeners about upcoming events like BeyondCon, featuring live demos and a private performance of Broadway hits.Chapters00:00 Introduction to Passwordless Authentication00:34 What Makes Beyond Identity Unique?01:35 Welcome to the Identity at the Center Podcast02:01 Introduction of Sarah Cecchetti03:04 Beyond Identity's Approach to Authentication09:31 Balancing Security and Usability16:00 Use Cases and Customer Success Stories19:15 Technical Insights and Future Directions24:32 Understanding Customer Policy Changes24:48 Real-World Scenarios of Shared Signals25:10 Implementing Shared Signals in Security27:47 Policy Simulation and Auditing28:31 Addressing Identity-Based Threats29:57 The Future of Passwordless Security33:56 Challenges in Identity Deployment37:49 BeyondCon and Industry Events41:12 Personal Adventures and Reflections46:42 Final Thoughts and FarewellConnect with Sarah: https://www.linkedin.com/in/sarahcecchetti/Learn more about Beyond Identity: https://www.beyondidentity.com/idacBeyond Con: https://insights.beyondidentity.com/beyondcon-west-2025/aboutConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.com and watch at https://www.youtube.com/@idacpodcast

Get an insider's look at Identiverse with special guest Andi Hindle, the conference chair, on this episode of 'Identity at the Center.' Andi joins Jeff and Jim to discuss the upcoming Identiverse 2025 in Las Vegas, highlighting key sessions, workshops, and keynote speakers. They explore the significance of industry conferences, delve into non-human identities, and more. Plus, tips for maximizing your conference experience and enjoying Las Vegas!Chapters00:00 Engaging with Industry Experts01:26 Welcome to the Identity at the Center Podcast01:38 Morning Banter and LinkedIn Insights02:13 Gartner's Framework on Non-Human Identities06:14 Conferences and Networking Opportunities06:43 Upcoming Identity and Cloud Conferences08:42 Identiverse 2025 Preview with Andi Hindle15:53 The Importance of New Voices in Identity20:44 Navigating the Identiverse Agenda36:19 AI Experimentation and Side Projects37:12 Pre-Registration and Conference Workshops39:44 Key Workshop Topics and Industry Trends48:00 Keynote Speakers and Main Stage Highlights54:33 After Hours and Networking Events58:07 Exploring Las Vegas: Tips and Recommendations01:08:32 Final Thoughts and Wrap-UpConnect with Andi: https://www.linkedin.com/in/ahindleIdentiverse 2025 - Use code IDV25-IDAC25 for 25% off: https://identiverse.com/Conference Discounts!Gartner IAM Summit - Code IDAC425 saves 425€: https://www.gartner.com/en/conferences/emea/identity-access-management-ukEuropean Identity and Cloud Conference 2025 - Use code idac25mko for 25% off: https://www.kuppingercole.com/events/eic2025?ref=partneridacConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.com

In this episode of the Identity as a Center podcast, Jeff and Jim interview Andrew Cameron, Technical Fellow in Identity and Access Management at General Motors. The discussion covers the importance of speed and security in mission-critical automotive applications, the evolution and impact of identity standards, and the integration of modern identity solutions in vehicles. Andrew also shares insights on the challenges of customer identity management, the complexity of B2B environments, and the role of AI in the future of identity. The conversation touches on GM's move towards passkeys, the centralized management of customer profiles, and the rise of car accounts.Chapters00:00 Introduction to Mission-Critical Identity02:03 Welcome to the Identity as a Center Podcast02:20 The Value of IDPro Membership06:18 Upcoming Conferences and Discount Codes11:39 Introducing Andrew Cameron from General Motors12:26 Andrew Cameron's Journey in Identity17:22 The Evolution of Identity Standards19:09 Adopting Passwordless Authentication at GM23:10 Challenges and Benefits of Passwordless Adoption24:55 Role and Responsibilities of a Technical Fellow28:32 Customer Identity Management at GM30:00 Establishing a Scalable Authentication Platform31:09 Centralizing Profile Information32:05 Challenges and Benefits of Centralized Profiles33:18 Mentorship and Collaboration in Tech34:50 Complexities of B2B Identity Management38:56 Global Privacy and Language Challenges41:32 Enhancing Vehicle User Experience with Identity46:50 Speed and Security in Vehicle Identity Systems53:52 Future of AI in Automotive Industry57:28 Detroit Pride and Personal Insights01:02:20 Conclusion and Final ThoughtsConnect with Andrew: https://www.linkedin.com/in/kandrewcameron/Conference Discounts!Gartner IAM Summit - Code IDAC425 saves 425€: https://www.gartner.com/en/conferences/emea/identity-access-management-ukEuropean Identity and Cloud Conference 2025 - Use code idac25mko for 25% off: https://www.kuppingercole.com/events/eic2025?ref=partneridacIdentiverse 2025 - Use code IDV25-IDAC25 for 25% off: https://identiverse.com/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.com

This episode is sponsored by IAMONES. Visit https://iamones.ai/idac to learn more.In this sponsored episode of the Identity at the Center podcast, Jim welcomes Andrea Rossi from IAMONES, an innovative conversational identity governance platform. They discuss the revolutionary approach IAMONES takes in simplifying identity and access management (IAM) using large language models (LLM). Andrea explains how IAMONES aims to eliminate the need for complex roles and middle layers by providing business users with direct and comprehensible access to system functions. The discussion dives into the practical applications of LLM in enhancing existing IAM systems, particularly focusing on making permissions and entitlements more understandable and manageable for business users, auditors, and administrators. The episode also highlights the ease of integrating IAMONES with existing identity infrastructures and offers insights into reducing the burden of maintaining multilingual UIs. Tune in to learn more about the potential of AI in transforming IAM.Chapters00:00 Introduction to Simplifying Access Management02:11 Welcome to the Identity at the Center Podcast02:23 Sponsor Spotlight: Andrea Rossi from IAMONES05:04 The Story Behind the Name 'IAMONES'08:16 Conversational Identity and Large Language Models12:35 Revolutionizing IGA with AI17:22 The Future of AI in Identity Management23:08 Enhancing IGA Configuration with Natural Language31:37 Understanding Outcomes in Identity Governance32:09 The Shift from RBAC to PBAC33:35 Challenges with Role Explosion34:02 Introducing Temporal Identity Graph35:27 Simplifying Access for Business Users39:36 Ensuring Proper Data Visibility46:06 Implementing the Identity Gateway48:45 Customer Feedback and Success Metrics52:07 Future of AI in Identity Management56:21 Travel Tips for Visiting ItalyConnect with Andrea: https://www.linkedin.com/in/arossi67Learn more about IAMONES: https://iamones.ai/idacRamones - Blitzkrieg Bop (Official Music Video): https://www.youtube.com/watch?v=268C3N2dDYkMicrosoft’s Satya Nadella on the evolution of SaaS: https://www.youtube.com/watch?v=a_RjOhCkhvQ&t=22sConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.com and watch at https://www.youtube.com/@idacpodcast

Join Jeff and Jim on the Identity at the Center podcast as they speak with Matt Franko, Principal at RSM, about the critical role of identity in cybersecurity. Matt discusses how risk management and digital identity intersect, providing insights into top attack vectors like phishing and weak passwords. They delve into the importance of strong identity practices and share real-world examples of risk scenarios. The episode also touches on the organizational structure of IAM, the significance of user awareness, and the potential of AI and cloud in enhancing security. As a special treat, Matt shares his passion for coaching youth sports, highlighting the values and lessons learned from the field.Chapters00:00 Simplifying Tech for Executives00:46 Top Attack Vectors in Cybersecurity02:07 Podcast Introduction and Big News02:34 CyberArk Acquires Zilla Security04:25 Guest Introduction: Matt Franko07:05 Matt’s Journey into Cybersecurity12:28 Understanding Cyber Strategy14:06 Risk Management in Digital Identity26:29 The Role of Identity in Cybersecurity31:29 Buzzwords and Trends in Cybersecurity36:51 The Risk of Excessive Access38:33 Minimizing the Attack Surface39:37 The Holy Wars of Identity Management40:02 Where Should IAM Reside?41:08 The Importance of Leadership in IAM43:38 Shared Ownership Model in IAM47:52 The Role of the CISO56:05 Coaching and Leadership in Sports01:08:00 Closing Thoughts and FarewellConnect with Matt: https://www.linkedin.com/in/matthew-franko-20b6bb7/Learn more about RSM: https://rsmus.com/services/risk-fraud-cybersecurity/cybersecurity-business-vulnerability/identity-and-access.html?cmpid=ola:45559-idac:bb01Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.com

In this episode of the Identity at the Center Podcast, hosts Jeff and Jim dive deep into group management, AI, and organizational governance with David Johnson, Principal PM Architect at Microsoft. Join the conversation as David shares his extensive experience managing Microsoft 365, Entra, and SharePoint permissions, and provides best practices for guest management and labeling sensitive data. David also discusses how these paradigms shift with the introduction of AI-driven tools like Copilot. Tune in to understand the essential steps to secure your IT infrastructure and ensure efficient data management.Chapters00:00 Introduction to AI and Permissions00:29 Reflecting on SharePoint Innovations00:59 Group Membership Management01:49 Podcast Introduction and Baseball Talk04:25 Upcoming Conferences and Discount Codes08:19 Interview with David Johnson12:40 Managing Microsoft 365 Groups24:29 Understanding Guest Invitations in Microsoft Environments25:09 Defining Guests and Their Access26:45 Common Mistakes in Guest Setup28:22 Lifecycle Management for Guests29:53 Delegated Authority and Guest Management32:28 SharePoint and Teams Integration38:50 Future Trends in Identity and Access Management43:29 Reflections on Microsoft Leadership45:16 Personal Insights and Travel Tips49:22 Conclusion and FarewellConnect with David:https://www.linkedin.com/in/david-johnson-a12909196/GMM GitHub repo is available to the public:  Https://github.com/microsoftgraph/group-membership-management-tenantLearn more or for installation support: Contact GMM inquiries atGMMinquiries@microsoft.comConference Discounts!Gartner IAM Summit - CodeIDAC425 saves 425€:https://www.gartner.com/en/conferences/emea/identity-access-management-ukEuropean Identity and Cloud Conference 2025 - Use codeidac25mko for 25% off:https://www.kuppingercole.com/events/eic2025?ref=partneridacIdentiverse 2025 - Use code IDV25-IDAC25 for 25% off:https://identiverse.com/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web athttp://idacpodcast.com

In this episode of the Identity at the Center podcast, hosts Jeff and Jim discuss the vital role of user access reviews, device identity, and the evolving landscape of Identity Access Management (IAM) with guest Stephen Washington, Head of IAM at Discover Financial. The conversation delves into regulatory compliance, the use of AI in IAM, and practical steps for improving user access certifications. They also explore the importance of managing service accounts, innovations in IGA, and the role of identity in modern cybersecurity frameworks. The episode wraps up on a lighter note with a chat about fitness challenges like Tough Mudder and personal cheese preferences for grilled cheese sandwiches. Chapters 00:00 Introduction to Regulatory Compliance in Financial Services 01:54 Welcome to the Identity at the Center Podcast 02:07 Exploring Device Identity 03:19 The Role of Identity in Modern Security 06:44 Engaging with the IAM Community 10:31 Upcoming Conferences and Events 13:58 Interview with Stephen Washington 25:36 The Importance of User Access Reviews 33:55 Backend Changes in IGA Systems 35:04 The Concept of Identity Data Lake 36:37 AI and Identity Fatigue 37:22 Importance of Identity Hygiene 38:32 Challenges with Access Reviews 39:42 Regulatory Compliance and Policy Changes 41:06 Advice for Practitioners on Access Reviews 45:47 NYDFS and User Access Reviews 47:41 The Role of NIST Cybersecurity Framework 52:35 Training Auditors and Policy-Based Access Control 57:38 Fitness and Stress Relief 01:05:38 Grilled Cheese and Final Thoughts Connect with Stephen: https://www.linkedin.com/in/stephen-washington-jr-5569b57/ Gartner IAM Summit - Code IDAC425 saves 425€: https://www.gartner.com/en/conferences/emea/identity-access-management-uk European Identity and Cloud Conference 2025 - Use code idac25mko for 25% off: https://www.kuppingercole.com/events/eic2025?ref=partneridac Identiverse 2025 - Use code IDV25-IDAC25 for 25% off: https://identiverse.com/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com

Jeff and guest co-host Sean O'Dell, an identity expert from Disney, discuss the importance of knowing and cleaning data to optimize identity and access management. They delve into topics like Shared Signals Framework (SSF) and Continuous Access Evaluation Profile (CAEP), and how these standards are paving the way for event-driven IAM. They also touch on the complexities of verifying identities, role management, and session management in a zero-trust environment. The episode includes insights into the future of identity practices, emphasizing the shift from runtime to event-driven models and the critical role of accurate data. Chapters 00:00 Introduction: The Importance of Data Integrity 02:16 Welcome to the Identity at the Center Podcast 03:12 Catching Up with Sean O'Dell 09:23 The Role of Identity in Business 12:36 Understanding Shared Signals Framework (SSF) and CAEP 20:49 The Future of Identity and Access Management (IAM) 32:36 Continuous Management and Identity Verification 33:33 Contextual Signals and Security Regulations 34:44 Data Hygiene and Business Process Challenges 37:52 Centralizing Data for Better Identity Management 44:08 Session Management and Access Control 50:04 Zero Trust and Ephemeral Access 55:51 Defining Continuous Identity 56:50 Fun and Lighter Notes Connect with Sean: https://www.linkedin.com/in/seanodentity/ European Identity and Cloud Conference 2025 - Use code idac25mko for 25% off: https://www.kuppingercole.com/events/eic2025?ref=partneridac Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com

This episode is sponsored by Andromeda Security. Learn more at https://www.andromedasecurity.com/idac⁠ Join Jeff and Jim on the Identity at the Center podcast as they chat with Ashish Shah, co-founder and Chief Product Officer of Andromeda Security. In this sponsored episode, Ashish dives deep into the importance of solving identity security problems, especially in cloud and SaaS environments. He explains how Andromeda's AI-powered platform focuses on both human and non-human identities, offering use case-driven solutions for security maturity. The discussion covers challenges, AI and machine learning applications, and practical insights into permissions management, risk scoring, just-in-time access, and more. Stay tuned for interesting takes on identity security and some fun recommendations for your reading/listening list. Chapters 00:00 Introduction to Identity as a Data Problem 00:41 Overview of Andromeda's Capabilities 01:27 Welcome to the Identity at the Center Podcast 02:03 Meet Ashish Shah, Co-Founder of Andromeda 02:37 The Genesis of Andromeda 03:33 Addressing Identity Security Challenges 05:29 Andromeda's Approach to Identity Security 09:44 Measuring Success with Andromeda 12:21 Andromeda's Market Position and Ideal Customers 18:35 The Rise of Non-Human Identities 28:42 Understanding Identity and Accounts in AWS 28:54 The Concept of Incarnations in Identity Management 29:42 Human and Non-Human Identities 32:13 Challenges in Authorization and Access Control 32:44 Implementing Zero Trust and Least Privilege 35:10 Role of AI and Machine Learning in Identity Management 36:21 Risk Scoring and Behavioral Analysis 39:04 Customer Data and Model Training 41:08 Explainability and Security of AI Models 46:14 Customer Influence on Model Tuning 49:03 Andromeda's Offer and Final Thoughts 51:34 Book Recommendations and Closing Remarks Connect with Ashish: https://www.linkedin.com/in/ashishbshah/ Learn more about Andromeda: https://www.andromedasecurity.com/idac⁠ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and watch at https://www.youtube.com/@idacpodcast Keywords: Identity security, IAM, cybersecurity, artificial intelligence, AI, machine learning, ML, non-human identities, NHI, just-in-time access, JIT, IGA, privileged access management, PAM, identity threat detection and response, ITDR, cloud security, SaaS security, Andromeda Security, Ashish Shah, IDAC, Identity at the Center, Jim McDonald, Jeff Steadman

In this episode of the Identity at the Center podcast, hosts Jeff and Jim welcome Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, for his fifth appearance. The discussion delves into the evolving intersection of AI and identity, emphasizing the critical need for reliable identity verification as technology advances. The conversation also touches on the future of identity systems, including the potential of decentralized identity solutions and the role of AI in enhancing identity management. Martin shares insights on the European identity landscape, promoting reusable identity verification and highlighting emerging trends such as policy-based access and natural language interfaces. The episode wraps up with travel tips for Berlin and a look ahead at the European Identity and Cloud Conference (EIC) 2025. Chapters 00:00 Introduction to AI and Identity 02:09 Welcome to the Identity at the Center Podcast 02:15 Upcoming Events and Personal Anecdotes 06:18 Guest Introduction and Main Discussion 07:03 Identity Verification Trends and Challenges 10:04 The Future of Identity Verification 23:27 Enterprise Use Cases and Solutions 28:05 AI Agents and the Future of SaaS 28:59 Introduction to Martin the Chatbot 29:23 The Role of AI in Enhancing Search Functionality 31:05 AI's Impact on Various Industries 31:49 Challenges and Limitations of AI 34:10 The Future of AI in Identity Management 40:40 Leadership Compass for Access Governance 45:28 Microsoft's Strategy in Identity and Security 56:19 Travel Tips for Germany 01:03:01 Conclusion and Final Thoughts Connect with Martin: https://www.linkedin.com/in/martinkuppinger/ The 2025 Identity Fabric and IAM Reference Architecture: https://www.kuppingercole.com/research/an80978/the-2025-identity-fabric-and-iam-reference-architecture Webinar Recording: Identity Fabric and Reference Architecture 2025: Future-Proofing your IAM Access may require registration and maybe a KC membership (for the report). Information about KC Memberships: Membership Packages | KuppingerCole European Identity and Cloud Conference 2025 - Use code idac25mko for 25% off: https://www.kuppingercole.com/events/eic2025?ref=partneridac Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Keywords Identity Verification, AI, EIC 2025, Digital Identity, Trust, Decentralized Identity, User Experience, Onboarding, Security, Technology Trends, AI, identity management, access governance, data extraction, future trends, Germany travel tips, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Martin Kuppinger

Welcome to the Identity at the Center podcast! In this episode, hosts Jeff and Jim dive deep into modern identity architecture with guest Ian Glazer. They discuss topics such as the importance of policy, data orchestration, and the evolving landscape of identity and access management (IAM). Ian shares his thoughts on the future of IAM, the integration of various data sources, the role of events in IAM, and the potential for real-time identity solutions. They also touch on upcoming conferences, the European Identity and Cloud Conference 2025, and the significance of engaging with the identity community. Tune in for a thought-provoking discussion on the advancements and future directions of digital identity! Chapters 00:00 Introduction and Podcast Overview 00:11 Upcoming Plans and Challenges 01:03 Guest Invitation and Podcast Dynamics 03:31 Conference Announcements and Discounts 06:05 Welcoming the Guest: Ian Glazer 06:46 Fido Feud and Conference Experiences 16:29 Identity Market Trends and Innovations 19:19 Modern Identity Architectures 33:51 Identity First Security: A New Approach 34:50 Unified Data Tiers: Breaking Down Silos 36:14 Modern IAM: Opportunities and Challenges 37:02 Ephemeral Access and Zero Standing Privilege 39:18 Understanding Identity Data 41:30 Workforce Identity Data Platforms 47:14 Orchestration and Execution in IAM 51:09 Real-Time Event-Based Identity Systems 54:45 Future Directions and Community Engagement 59:03 Teaching and Sharing Knowledge 01:05:33 Closing Thoughts and Recommendations Connect with Ian: https://www.linkedin.com/in/iglazer/ Notional architecture for modern IAM: Part 3 of 4 (blog): https://weaveidentity.com/blog/notional-architecture-for-modern-iam/ 2025: The year we free our IAM data: https://weaveidentity.com/blog/2025-the-year-we-free-our-iam-data/ Learn more about Weave Identity: https://weaveidentity.com/ Digital Identity Advancement Foundation: https://digitalidadvancement.org/ Avoid the Noid! - https://en.wikipedia.org/wiki/The_Noid Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Keywords: IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Ian Glazer, Weave Identity, Identity and Access Management, IAM, Modern Identity Architectures, Modern IAM, Data Tier, Events, Orchestration, Zero Trust, ZTNA, Shared Signals Framework, EIC, Gartner, Black Hat, RSA, Identibeer, Data Lake, OIDs, IANS

#324 - RSM & IDAC Present - The Intersection of Cybersecurity and Digital Identity with Tauseef Ghazi In this episode of the Identity at the Center podcast, Jeff and Jim discuss the growing importance of digital identity in cybersecurity. Joined by Tauseef Ghazi, the Security and Privacy practice lead at RSM, the conversation explores the challenges and opportunities within the sector. They delve into the apprenticeship model in cybersecurity, the skills gap, and the impact of new technologies like AI and blockchain. The episode also touches on the relevance of frameworks, the concept of zero trust, and the importance of staying curious and continually investing in one's skills. Ghazi shares his professional journey, insights on building effective cyber teams, and the importance of balancing personal passions with professional growth. 00:00 The Importance of Apprenticeship in Cybersecurity 01:51 Introduction to the Identity at the Center Podcast 03:10 The Intersection of Cybersecurity and Digital Identity 05:47 Welcoming Ghazi: Insights from a Cybersecurity Leader 08:02 Ghazi's Origin Story in Cybersecurity 13:05 The Role of Identity in Modern Cybersecurity 17:35 Challenges and Strategies in Cybersecurity 31:31 The Skills Gap and Apprenticeship Model in Cybersecurity 40:13 Applying the NIST Cybersecurity Framework 40:41 Compliance and Governance in Cybersecurity 41:22 Understanding Both Sides of Cybersecurity 43:44 Challenges in Hybrid Cloud Environments 45:33 Middle Market Companies and Cybersecurity 48:19 The Concept and Challenges of Zero Trust 54:01 The Future of Passwordless Authentication 56:49 Blockchain and Decentralized Identity 01:01:08 AI in Cybersecurity: Predictions for 2025 01:12:12 Balancing Work, Family, and Personal Passions 01:16:08 Conclusion and Future Series Connect with Ghazi: https://www.linkedin.com/in/tauseef-ghazi-48b49b7 Ghazi the Band: https://www.facebook.com/ghazimusic/ Learn more about RSM: https://rsmus.com/services/risk-fraud-cybersecurity/cybersecurity-business-vulnerability/identity-and-access.html?cmpid=ola:45559-idac:bb01 Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com

In this special episode of the Identity at the Center Podcast, hosts Jeff and Jim sit down with Hed Kovetz, CEO and co-founder of Silverfort, at the Gartner IAM Summit in Texas. Hed shares insights on the evolution of identity security, the interplay between legacy and modern IT systems, and the importance of securing non-human identities. They also delve into the role of AI in cybersecurity and the challenge of maintaining innovation in a growing company. Tune in for a thought-provoking conversation about the future of identity security and the booming impact of AI. 00:00 The Importance of Identity in Modern Security 01:23 Welcome to the Identity of the Center Podcast 01:44 Live from the Gartner IAM Summit 03:08 Interview with Hed Kovetz, CEO of Silverfort 03:48 Silverfort's Recent Achievements and Innovations 05:15 Challenges and Insights in Identity Security 08:00 The Evolution of Identity Security 21:20 Securing Legacy and Modern IT Systems 29:52 The Rise of Service Account Protection 30:31 Challenges in Securing Non-Human Identities 31:02 Real-World Examples and Governance Issues 31:40 Strategies for Securing Non-Human Identities 32:56 The Evolution of Identity Security 45:49 The Role of AI in Identity Security 50:33 The Future of Identity Security 53:44 Personal Insights and Reflections 01:01:25 Conclusion and Final Thoughts Connect with Hed: https://www.linkedin.com/in/hed-kovetz-910ba5b9/ Learn more about Silverfort: https://www.silverfort.com/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com

In this episode of the Identity at the Center podcast, hosts Jeff and Jim dive into the concept of Identity Security Posture Management (ISPM) with Henrique Teixeira, Senior Vice President of Strategy at Saviynt and former Gartner analyst. Henrique explains ISPM as an Apple Watch for your identity program, focusing on preventive measures before an attack occurs. The discussion also covers the upcoming Gartner IAM Summit, AI's impact on identity management, and the anticipated trends for 2025. Additionally, they explore the differences between AI copilot, agent, and bot, and the future of non-human identity management. Henrique shares insights on balancing ITSM front ends with IGA systems and emphasizes the importance of continuous security investment. Tune in for a comprehensive look at ISPM, AI, and the evolving identity security landscape. Chapters 00:00 Welcome to the Podcast 01:47 Gartner IAM Summit Preview 04:48 Guest Introduction: Henrique Teixeira 05:28 Henrique's Career Transition 10:12 Conference Experiences and Insights 14:10 Understanding ISPM and ITDR 29:16 AI in Identity Management 35:58 Debating the Future of AI in IGA Systems 37:09 Evolution of Access Request Systems 37:59 The Rise of ChatOps in Identity Management 40:26 Multi-Channel Identity and Access Management 45:54 Influencers and Inspirations in Identity Strategy 49:06 Reflecting on 2024: Trends and Predictions 54:31 Looking Ahead: Identity and AI in 2025 01:02:50 Boxing Talk: Mike Tyson vs. Jake Paul 01:08:17 Wrapping Up: Final Thoughts and Farewells Connect with Henrique: https://www.linkedin.com/in/bernardes Learn more about Saviynt: https://saviynt.com/ Prevention + ITDR Venn Diagram - https://www.linkedin.com/posts/rezasoltani_identitysecurity-ispm-itdr-activity-7203522819014500353-8Kv_/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Keywords: Identity Security, IAM, Digital Identity, AI, Artificial Intelligence, ISPM, ITDR, IGA, Gartner IAM Summit, Cybersecurity, Cloud Security, Machine Identity, Non-Human Identity, Podcast, Interview, Saviynt, Henrique Teixeira, Jim McDonald, Jeff Steadman

In this special Sponsor Spotlight episode of the Identity at the Center podcast, host Jim McDonald welcomes Chris Steinke from MightyID. Chris shares insights into identity as a valuable asset and its versatility as a security mechanism. The discussion delves into MightyID's unique features, focusing on IAM resilience including backup, recovery, migration, failover, and the Change360 capability. Jim and Chris also touch on the importance of resilience learned from personal experiences like youth sports coaching. The episode wraps up with a look at MightyID’s plans for future development and their presence at the upcoming Gartner IAM Summit. Chapters 00:00 Welcome to the Identity at the Center Podcast 01:02 Sponsor Spotlight: MightyID 02:35 Chris Steinke's Journey into IAM 04:32 Understanding MightyID's Solutions 06:57 The Importance of Resiliency in IAM 10:29 Exploring MightyID's Unique Features 25:15 Change360: A Powerful Investigative Tool 27:45 Measuring Success with MightyID 30:39 MightyID's Resiliency and Future Plans 36:53 Gartner IAM Summit and Closing Remarks Connect with Chris: https://www.linkedin.com/in/chris-steinke-exec/ Learn more about MightyID: https://www.mightyid.com/idac Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and watch at https://www.youtube.com/@idacpodcast

In this special episode of Identity at the Center, hosts Jim McDonald and Jeff Steadman kick off the inaugural FIDO Feud—a game show packed with fun and informative challenges about digital identity. Team Glitterati, led by Megan Shamas, and Team Identifriends, led by Jim, face off in a series of rounds centered around common passwords, identity trends, and future threats to IAM. Enjoy witty banter, audience interaction, and a spirited competition, all while diving deep into the world of Identity and Access Management. Special thanks to the FIDO Alliance and RSM US LLP for making this special event possible! 00:00 Introduction to Identity at the Center 00:20 Welcome to FIDO Feud 01:18 Meet the Team Captains 01:47 Team Names and Random Members 02:46 Game Rules and Setup 04:22 Round 1: Easy-to-Guess Passwords 07:37 Round 2: Tired Trends in IAM 11:44 IAM Metrics Showdown 12:22 Successful Logins and Password Resets 13:04 User Satisfaction and Breaches 13:44 Enrollment and Abandon Rate 14:33 Final IAM Metrics 15:45 Biggest Future Threats to IAM 17:29 Unexpected Answers and Final Round 21:16 Winners and Closing Remarks Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com

In this episode of the Identity at the Center podcast, Jim McDonald is joined by guest David Mahdi, CIO at Transmit Security and former Gartner analyst. The discussion delves into the challenges of identity security and the necessity of transitioning from IAM to identity security to mitigate privacy, fraud, and scam risks. They explore the convergence of cybersecurity and identity, the rise of non-human identities, and the importance of cyber resilience. David shares insights from his global experiences and highlights the importance of behavior-based monitoring for both human and non-human identities. The episode wraps up with a lighter note as they discuss the perfect trail mix ingredients. 00:00 Welcome to the Identity at the Center Podcast 01:12 Guest Introduction: David Mahdi 02:35 The Evolution of Identity Security 04:13 The Importance of Identity Security 05:26 David Mahdi's Journey in Identity Security 07:20 Challenges in Identity and Access Management 10:10 The Role of Machine Learning in Identity Security 12:19 The Future of Identity Security 22:52 The Need for Convergence in Identity and Security Teams 33:01 Non-Human Identities and Their Management 41:00 Defining Roles and Responsibilities 41:46 Ignoring Non-Human Accounts 42:38 Emerging Threats and Risk Management 44:33 The Importance of Identity Security 46:46 Cyber Resilience in Modern Organizations 49:24 Cloud Services and Backup Plans 51:26 Ransomware and Data Access Governance 54:27 The Future of Identity Security 01:07:53 Trail Mix and Lighter Notes 01:14:32 Closing Remarks and Upcoming Events Connect with David: https://www.linkedin.com/in/dmahdi/ Learn more about Transmit Security: https://transmitsecurity.com/ Gartner IAM Summit - Save $375 on registration using our exclusive code IDAC375: https://www.gartner.com/en/conferences/na/identity-access-management-us Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Keywords: Identity Security, IAM, Cyber Resilience, Machine Identity, Non-Human Identity, Digital Transformation, Cloud Security, Zero Trust, Data Breach, Risk Management, ITDR, MFA Fatigue, Deepfakes, Gen AI, Copilot, Claude AI, Decentralized Identity, Quantum Computing, Ransomware, Data Access Governance, Transmit Security, Gartner IAM Summit, FIDO Authenticate Conference.

In this episode of the Identity at the Center podcast, hosts Jim McDonald and Jeff Steadman delve into the significance of shared signals in identity and access management (IAM). Featuring Mike Kiser, Director of Strategy and Standards at SailPoint, the discussion spans Kiser's career journey from IBM to SailPoint, the importance of standards and security in IAM, and the influence of AI on authenticity. The episode highlights the Shared Signals Framework, drawing parallels to cooperative dolphins and fishermen, and underscores the benefits of a standardized approach to signal sharing. The conversation also touches on the challenges and potential of event-based architectures and the evolving role of identity in cybersecurity. 00:00 Introduction and Initial Thoughts 02:50 Conference and Discount Codes 05:33 Guest Introduction and Background 11:31 AI and Authenticity 15:21 Shared Signals Framework 25:40 Decentralized Identity Management 26:28 Real-Time Identity Data Sharing 27:55 Developing Identity Standards 29:19 Vendor Collaboration and Challenges 31:28 Event-Based Identity Architectures 33:03 The Role of Big Tech in Identity Security 39:22 Customer Demand for Identity Solutions 40:49 Identity Security and Digital Identity 42:47 Technology vs. Humanity: A Musical Perspective 48:41 Conclusion and Final Thoughts Connect with Mike: https://www.linkedin.com/in/mike-kiser/ Learn more about SailPoint: https://www.sailpoint.com/ SailPoint Navigate 2024 London - Use code IDAC for a £300 discount - https://www.sailpoint.com/navigate/london Semperis’ Hybrid Identity Protection Conference (HIP Conf) - Use code IDACpod for 20% off: https://www.hipconf.com/ Gartner IAM Summit - Save $375 on registration using our exclusive code IDAC375: https://www.gartner.com/en/conferences/na/identity-access-management-us Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com 🔑 Episode Keywords Identity Management, Shared Signals Framework, Continuous Access Evaluation Protocol, Risk Assessment, Information Sharing, Identity Security, Authentication, AI And Identity, Digital Identity, Identity Fabric, Identity Ecosystem, IAM Standards, Cybersecurity, Technology And Humanity, Event-Based Architecture, RSM, SailPoint Navigate 2024, Gartner IAM Summit, Authenticate Conference, Identity Backstories

In this sponsored episode of the Identity at the Center podcast brought to you by Strivacity, Jeff and Jim welcome Stephen Cox, co-founder and CTO of Strivacity, to discuss the evolving landscape of identity management. The conversation covers Strivacity's unique approach to customer identity and access management (CIAM), the importance of isolation by design for security, and the integration of generative AI into their platform. Stephen shares insights on how Strivacity differentiates itself in the market, the recognition from Gartner, and the challenges of implementing AI in identity management systems. They discuss the evolving landscape of AI, particularly in relation to data access, security, and identity management. Also explored is the balance between leveraging AI for business insights and the potential threats it poses to data security. The discussion also touches on the future of AI technology, the challenges of governance in a rapidly changing environment, and an unexpected segue into astrophotography, highlighting the intersection of AI technology and personal interests. Chapters 00:00 Introduction to the Identity at the Center Podcast 01:37 Meet Steven Cox from Strivacity 02:34 Strivacity's Unique Approach to CIAM 09:27 Differentiating Consumer and Customer IAM 11:49 Strivacity's Recognition and Achievements 14:05 The Importance of Isolation by Design 15:38 Generative AI in IAM Products 21:45 Implementing AI in Strivacity's Platform 29:25 Addressing AI Hallucinations and Security Concerns 30:56 Cost Implications of AI Systems 31:50 Leveraging AI for Business Insights 34:03 Implementing AI with Security in Mind 38:53 Future of AI in Identity Space 44:48 Astrophotography Adventures 53:52 Conclusion and Final Thoughts Connect with Stephen: https://www.linkedin.com/in/stephencox/ Learn more about Strivacity: https://strivacity.ai Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and watch at https://www.youtube.com/@idacpodcast Keywords Identity Management, Customer IAM, Strivacity, AI Integration, Cybersecurity, Digital Identity, Gartner Recognition, Isolation by Design, Generative AI, User Experience, AI, data security, identity management, astrophotography, technology governance