Mistaken Identity

On this episode of Mistaken Identity, Mike Kiser is joined by Katherine Teitler, VP of Research and Advisory at TAG Cyber. Her recent research illustrates the shifting role of identity—from an IT process to a foundational approach for security. While that’s the starting point, the conversation roams into disinformation, “sources of truth,” identity profiling via personal musical history, and, of course, the oldest instrument in the world: a neanderthal flute. Identity, as always, is a richer topic than we imagine.

Many people assume that there is some magic formula for success in identity. Is it having the right degree? Is it knowing the right people? Is it having a ”Particular set of skills?" Today on Mistaken Identity, we interview three sets of people who are imminently unqualified at first glance. They’ve come from outside the expected backgrounds, the expected channels: their stories vary widely, but they have all found themselves thriving within the identity space. Three pairs of people. Three sets of stories. Six unique journeys into identity. All on this single episode of Mistaken Identity.

A new season of Mistaken Identity is here with a special focus on election security, voting systems, and their impact on democracy. We have a range of guests coming to explain the ins and outs of election observing, online voting, and the current state of election security both in the United States and throughout the world. (Yes, that’s a big topic—and one that has surprising parallels to other forms of identity and security.) In this episode, Dr. Susan Hyde, a Professor of Political Science from UC Berkeley, explains how Election Observers act as “auditors” of Election Security. She discusses some of her own experiences observing in Afghanistan, Albania, Indonesia, Liberia, Nicaragua, Pakistan and Venezuela. We then explore the role that Observers have played in the rise (and subsequent regression) in democracy throughout the world—including in the U.S. Finally, we outline the challenges that online voting may present to Election Observation.

Lawyer, Cyber Security and Privacy maven Liz Wharton regales us with tales of her hand-to-hand combat experience with the Atlanta Ransomware of 2018, and then unfolds the current state of facial recognition in all its manifold splendor. (And we didn’t even get to cover the security of drones, yet another of her areas of expertise.) Also: the latest update on a voting app failure (no, not that one), and what a new ransomware variant demands — full disclosure . . . it’s full disclosure. As Liz would say, “Shut the front door!” — it’s a wild ride on this episode of Mistaken Identity.

Loma Miller joins us to talk about the “customer experience” (16:31)— from pizza to haircuts to University of Michigan Football (yes, we covered a lot of ground.) Hannah Giles and Natalie Reina cover the headlines (2:38), which include a return to prominence by Ashley Madison, how Twitter can allow others to see your phone number without your consent, and the impact of the Coronavirus on an inbox near you. Finally, Loma runs the gauntlet of a new segment: “10 Questions.” It’s a cornucopia of coverage on this episode of Mistaken Identity. [Our producers have asked us to note, without editorial commentary, that Michigan went 9-4 this past year.]

Head over to our new Trust Issues podcast to get this weekly news update. Available wherever you get your podcasts!

Amidst the current heatwave, David Lee and Mike Kiser review the late summer identity landscape. They (well, Mike) propose a strategy for paying for the recent series of compliance-related fines by eliminating the entire public relations department, contemplate four days in a Dominican jail with John McAfee, and explore what the future holds sans Botox via the recent FaceApp debacle. [Note: no privacy terms were harmed in the recording of this podcast.] Although we’ve used this label before, this is a “very special” episode, as is it's David’s final time hosting Mistaken Identity; the cast and crew wish him well in his new adventure. Have no fear, though, faithful listener — Mistaken Identity will continue to inform and delight with all things identity, like a cold spring-fed pool in the heat of a late Austin summer. (And yes, we’re taking the rest of the day off to go jump in Barton Springs.)

Mistaken Identity | Identiverse 2019: A Capitol Affair by Mike Kiser

David Lee and Mike Kiser take you “live” to Navigate 2019 in beautiful Austin, TX in this very special episode of Mistaken Identity. Dr. Jen Golbeck explores the ethical issues that we face as we seek to employ algorithms and identity, VP of Product Management Rick Weinberg discusses the future of predictive identity, and SVP of Software Mike Siegel lays out a strategy for being an identity advocate in your organization. The episode wraps up with a description of what the Golden State Warriors can do to avoid an NBA Finals loss to the Toronto Raptors. (Spoiler alert: basically not much — congrats, Canada!) As a final note — your ears do not deceive you — we’re in the process of upgrading our podcasting equipment: so sit back and enjoy an enhanced version of the dulcet, silky tones of David’s sonorous voice (and endure Mike’s helium-inspired staccato as well).

If you weren’t able to make it San Francisco in early March for the RSA Conference, fear not — your intrepid men on the street, David Lee and Mike Kiser, traveled the highways and byways of the Bay Area to delve deep into the heart of the Moscone Center. Learn what it was like to be a part of the small temporary city that convenes once a year in the city by the Bay. Also discussed: the joy of fake online dating to defraud the lonely, the Mirai botnet invades the enterprise, and the details of the latest (at the time of recording) Facebook security disclosure. You’ll have to wait until the next podcast, however, to find out if Mike escapes from the large shipping container that he apparently found himself in.

It’s hard enough to separate the malicious actors from the valid users in today’s environments without also having to separate humans from the malware itself. Mistaken Identity’s David Lee and Mike Kiser explore the coming reality in which exploits are hard-coded into the DNA of humans. Also discussed – the Chrome browser helps with password hygiene, FaceTime showing call previews without consent, and then we plumb the depths of the evil that lurks within Super Mario. Tip your waiters, try the veal, and stay for the sojourn into the dystopian future.

The phrase, “probably worth a google” takes on a whole new shade of meaning as Mistaken Identity explores the fourth fine levied under GDPR. Google was fined $57 million for inadequate user consent by a French data privacy agency. Is this the “big one” that people have been waiting for to show that privacy regulation has the power to change corporate behavior? Sit back while David Lee and Mike Kiser discuss the potential implications for Google and what is front of mind for organizations today. We celebrate Data Privacy Day as we also discuss whether collecting biometrics causes harm, a Dutch surgeon’s right to be forgotten, and a massive mortgage database breach. (And you thought that high property taxes and those pesky neighborhood kids were your biggest concerns as a homeowner.)

Describe the next year in identity in one word.” David Lee and Mike Kiser take up this challenge as they forecast the coming twelve months. (Spoiler alert: the episode is 34 minutes long, so apparently there was more to say than a single term.) Headlines include: newspaper printing presses stopped by ransomware, how to see your neighbors’ security camera footage, and the meltdown/spectre vulnerability one year later. The discussion closes with an opportunity to watch a Swedish film in a coffin. Start your aural 2019 journey with a new episode for a new year.

This episode is all about thankfulness. David Lee and Mike Kiser recount their blessings and what the security community as a whole has to be thankful for during this (United States-centric) holiday. (It’s a rather long list.) Headlines include: bots booking cross-country flights, a cybersecurity czar who’s never used a computer, and the creation of “master” fingerprints that can unlock biometric-based security. Round out this food-based holiday season with a long-winded story about how it is (or isn’t) possible for the human body to consume a gallon of milk in an hour.

David Lee and Mike Kiser are joined by a cast of thousands as Mistaken Identity broadcasts on-site from Navigate Europe in Barcelona, Spain in this week’s episode. Experience the excitement of Navigate, the passion for identity, the noise of the Navigate expo, the intricacies of rhythmic dancing, and the Mediterranean lifestyle. Spoiler alert: no boats were used in the production of this podcast.

With apologies to Friday Night Lights, David Lee and Mike Kiser welcome back Darran Rolls, CTO and CISO of SailPoint, to discuss the central role that identity plays in implementing zero trust security models: to fully embrace zero trust, a comprehensive concept of identity is essential. Headlines include the well-orchestrated response by British Airways to a recent incident, the “view as” issue with Facebook, and the alleged story of motherboard espionage from Bloomberg. Pour yourself a lovely beverage, join us for a lively discussion, and, finally, discover the one celebrity you should never search for (unless you’re a fan of malware.)

Wendy Nather (twitter: @wendynather) joins David Lee and Mike Kiser as they explore the interplay of trust and security. We examine the implications of what John Kindervag termed the “zero-trust model” — and the subsequent security architectures they have spawned: Google’s BeyondTrust and Duo Beyond, for example. A lively discussion of the current state of representation (a reflection of trust) within the security industry follows. Headlines range from a new Apache Struts vulnerability, ATT being sued for $200 million for a cryptocurrency theft, and privacy regulation that is coming to you in five years (or fifty, depending on who you ask.)

Who’s at fault when a phishing attack succeeds twice in a row? Guest Lemuel Williams joins David Lee and Mike Kiser as they argue the ins and outs of cyber insurance in the real-world case of a bank breached twice in quick succession—and a cyber insurer that refuses to pay. The Broadcom acquisition of CA, why AI is doomed to fail in cybersecurity, and the saga of car technology stolen from Apple—only to be recovered just before the thief boarded a plane, and the looming death of Mike’s air condition-less car are also discussed.

Wrapping up their sojourn in the far Northeastern Territories known as Massachusetts, David Lee and Mike Kiser corner Ian Glazer in a dark corner of Identiverse and implore him to hold forth on all things IDPro (among an amalgamation of other topics). This, it turns out, is not a difficult thing to do. Also discussed: a large healthcare breach in Singapore that targeted the medicine cabinet of the Prime Minister, the London Protocol’s attempt to reduce phishing, and how to make your security startup idea profitable in one easy step. Bask in the final glow of the dying embers of Identiverse and relive David and Mike’s short stay on the Green Monster in Fenway Park.

David Lee and Mike Kiser continue their discussions in Boston at Identiverse 2018. They catch up with Madhu Mahadevan, Sr. Manager, Strategic Technical Alliances at Okta, and continue their dialogue with Richard Bird of Optiv. The discussion revolves around noteworthy sessions, with a particular emphasis on open banking and financial services—a facet of security unavoidable by any enterprise that uses currency (that would be all of them.) The impact of GDPR-like regulation on security practice (and its potential adoption by the United States), the potential of competition to dampen security efforts, and the potential for millennials to drive security adoption come up in the course of thirty minutes of lively banter from the expo floor. Also covered: Microsoft’s calls for regulating facial recognition technology, spearfishing as the not-so-surprising method for nation state attacks, and why your trip to the library might wind up at a bowling alley or another unintended destination. We wrap up with a brief discussion of the World Cup and David’s new-found love for fútbol.