Identity at the Center

Join Jeff and Jim on the Identity at the Center podcast as they speak with Matt Franko, Principal at RSM, about the critical role of identity in cybersecurity. Matt discusses how risk management and digital identity intersect, providing insights into top attack vectors like phishing and weak passwords. They delve into the importance of strong identity practices and share real-world examples of risk scenarios. The episode also touches on the organizational structure of IAM, the significance of user awareness, and the potential of AI and cloud in enhancing security. As a special treat, Matt shares his passion for coaching youth sports, highlighting the values and lessons learned from the field.Chapters00:00 Simplifying Tech for Executives00:46 Top Attack Vectors in Cybersecurity02:07 Podcast Introduction and Big News02:34 CyberArk Acquires Zilla Security04:25 Guest Introduction: Matt Franko07:05 Matt’s Journey into Cybersecurity12:28 Understanding Cyber Strategy14:06 Risk Management in Digital Identity26:29 The Role of Identity in Cybersecurity31:29 Buzzwords and Trends in Cybersecurity36:51 The Risk of Excessive Access38:33 Minimizing the Attack Surface39:37 The Holy Wars of Identity Management40:02 Where Should IAM Reside?41:08 The Importance of Leadership in IAM43:38 Shared Ownership Model in IAM47:52 The Role of the CISO56:05 Coaching and Leadership in Sports01:08:00 Closing Thoughts and FarewellConnect with Matt: https://www.linkedin.com/in/matthew-franko-20b6bb7/Learn more about RSM: https://rsmus.com/services/risk-fraud-cybersecurity/cybersecurity-business-vulnerability/identity-and-access.html?cmpid=ola:45559-idac:bb01Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.com

In this episode of the Identity at the Center Podcast, hosts Jeff and Jim dive deep into group management, AI, and organizational governance with David Johnson, Principal PM Architect at Microsoft. Join the conversation as David shares his extensive experience managing Microsoft 365, Entra, and SharePoint permissions, and provides best practices for guest management and labeling sensitive data. David also discusses how these paradigms shift with the introduction of AI-driven tools like Copilot. Tune in to understand the essential steps to secure your IT infrastructure and ensure efficient data management.Chapters00:00 Introduction to AI and Permissions00:29 Reflecting on SharePoint Innovations00:59 Group Membership Management01:49 Podcast Introduction and Baseball Talk04:25 Upcoming Conferences and Discount Codes08:19 Interview with David Johnson12:40 Managing Microsoft 365 Groups24:29 Understanding Guest Invitations in Microsoft Environments25:09 Defining Guests and Their Access26:45 Common Mistakes in Guest Setup28:22 Lifecycle Management for Guests29:53 Delegated Authority and Guest Management32:28 SharePoint and Teams Integration38:50 Future Trends in Identity and Access Management43:29 Reflections on Microsoft Leadership45:16 Personal Insights and Travel Tips49:22 Conclusion and FarewellConnect with David:https://www.linkedin.com/in/david-johnson-a12909196/GMM GitHub repo is available to the public:  Https://github.com/microsoftgraph/group-membership-management-tenantLearn more or for installation support: Contact GMM inquiries atGMMinquiries@microsoft.comConference Discounts!Gartner IAM Summit - CodeIDAC425 saves 425€:https://www.gartner.com/en/conferences/emea/identity-access-management-ukEuropean Identity and Cloud Conference 2025 - Use codeidac25mko for 25% off:https://www.kuppingercole.com/events/eic2025?ref=partneridacIdentiverse 2025 - Use code IDV25-IDAC25 for 25% off:https://identiverse.com/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web athttp://idacpodcast.com

In this episode of the Identity at the Center podcast, hosts Jeff and Jim discuss the vital role of user access reviews, device identity, and the evolving landscape of Identity Access Management (IAM) with guest Stephen Washington, Head of IAM at Discover Financial. The conversation delves into regulatory compliance, the use of AI in IAM, and practical steps for improving user access certifications. They also explore the importance of managing service accounts, innovations in IGA, and the role of identity in modern cybersecurity frameworks. The episode wraps up on a lighter note with a chat about fitness challenges like Tough Mudder and personal cheese preferences for grilled cheese sandwiches. Chapters 00:00 Introduction to Regulatory Compliance in Financial Services 01:54 Welcome to the Identity at the Center Podcast 02:07 Exploring Device Identity 03:19 The Role of Identity in Modern Security 06:44 Engaging with the IAM Community 10:31 Upcoming Conferences and Events 13:58 Interview with Stephen Washington 25:36 The Importance of User Access Reviews 33:55 Backend Changes in IGA Systems 35:04 The Concept of Identity Data Lake 36:37 AI and Identity Fatigue 37:22 Importance of Identity Hygiene 38:32 Challenges with Access Reviews 39:42 Regulatory Compliance and Policy Changes 41:06 Advice for Practitioners on Access Reviews 45:47 NYDFS and User Access Reviews 47:41 The Role of NIST Cybersecurity Framework 52:35 Training Auditors and Policy-Based Access Control 57:38 Fitness and Stress Relief 01:05:38 Grilled Cheese and Final Thoughts Connect with Stephen: https://www.linkedin.com/in/stephen-washington-jr-5569b57/ Gartner IAM Summit - Code IDAC425 saves 425€: https://www.gartner.com/en/conferences/emea/identity-access-management-uk European Identity and Cloud Conference 2025 - Use code idac25mko for 25% off: https://www.kuppingercole.com/events/eic2025?ref=partneridac Identiverse 2025 - Use code IDV25-IDAC25 for 25% off: https://identiverse.com/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com

In this engaging conversation, Sean O'Dell, an identity expert from Disney, shares his insights on optimizing identity and access management. They discuss the importance of data integrity for security, along with innovative frameworks like the Shared Signals Framework and Continuous Access Evaluation Profile. The talk highlights the shift toward event-driven identity management and the complexities of verifying identities in a zero-trust environment. Sean also emphasizes the critical role of accurate, centralized data in enhancing security practices.

This episode is sponsored by Andromeda Security. Learn more at https://www.andromedasecurity.com/idac⁠ Join Jeff and Jim on the Identity at the Center podcast as they chat with Ashish Shah, co-founder and Chief Product Officer of Andromeda Security. In this sponsored episode, Ashish dives deep into the importance of solving identity security problems, especially in cloud and SaaS environments. He explains how Andromeda's AI-powered platform focuses on both human and non-human identities, offering use case-driven solutions for security maturity. The discussion covers challenges, AI and machine learning applications, and practical insights into permissions management, risk scoring, just-in-time access, and more. Stay tuned for interesting takes on identity security and some fun recommendations for your reading/listening list. Chapters 00:00 Introduction to Identity as a Data Problem 00:41 Overview of Andromeda's Capabilities 01:27 Welcome to the Identity at the Center Podcast 02:03 Meet Ashish Shah, Co-Founder of Andromeda 02:37 The Genesis of Andromeda 03:33 Addressing Identity Security Challenges 05:29 Andromeda's Approach to Identity Security 09:44 Measuring Success with Andromeda 12:21 Andromeda's Market Position and Ideal Customers 18:35 The Rise of Non-Human Identities 28:42 Understanding Identity and Accounts in AWS 28:54 The Concept of Incarnations in Identity Management 29:42 Human and Non-Human Identities 32:13 Challenges in Authorization and Access Control 32:44 Implementing Zero Trust and Least Privilege 35:10 Role of AI and Machine Learning in Identity Management 36:21 Risk Scoring and Behavioral Analysis 39:04 Customer Data and Model Training 41:08 Explainability and Security of AI Models 46:14 Customer Influence on Model Tuning 49:03 Andromeda's Offer and Final Thoughts 51:34 Book Recommendations and Closing Remarks Connect with Ashish: https://www.linkedin.com/in/ashishbshah/ Learn more about Andromeda: https://www.andromedasecurity.com/idac⁠ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and watch at https://www.youtube.com/@idacpodcast Keywords: Identity security, IAM, cybersecurity, artificial intelligence, AI, machine learning, ML, non-human identities, NHI, just-in-time access, JIT, IGA, privileged access management, PAM, identity threat detection and response, ITDR, cloud security, SaaS security, Andromeda Security, Ashish Shah, IDAC, Identity at the Center, Jim McDonald, Jeff Steadman

Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, dives deep into the future of identity management. He discusses the integration of AI in identity verification, stressing the need for reliable, decentralized solutions. The conversation highlights emerging trends like policy-based access and the importance of reusable identities. Martin also introduces a chatbot designed to enhance SaaS models while pondering the evolving European identity landscape. Plus, listeners can look forward to travel tips for Berlin and insights on the upcoming European Identity and Cloud Conference.

Welcome to the Identity at the Center podcast! In this episode, hosts Jeff and Jim dive deep into modern identity architecture with guest Ian Glazer. They discuss topics such as the importance of policy, data orchestration, and the evolving landscape of identity and access management (IAM). Ian shares his thoughts on the future of IAM, the integration of various data sources, the role of events in IAM, and the potential for real-time identity solutions. They also touch on upcoming conferences, the European Identity and Cloud Conference 2025, and the significance of engaging with the identity community. Tune in for a thought-provoking discussion on the advancements and future directions of digital identity! Chapters 00:00 Introduction and Podcast Overview 00:11 Upcoming Plans and Challenges 01:03 Guest Invitation and Podcast Dynamics 03:31 Conference Announcements and Discounts 06:05 Welcoming the Guest: Ian Glazer 06:46 Fido Feud and Conference Experiences 16:29 Identity Market Trends and Innovations 19:19 Modern Identity Architectures 33:51 Identity First Security: A New Approach 34:50 Unified Data Tiers: Breaking Down Silos 36:14 Modern IAM: Opportunities and Challenges 37:02 Ephemeral Access and Zero Standing Privilege 39:18 Understanding Identity Data 41:30 Workforce Identity Data Platforms 47:14 Orchestration and Execution in IAM 51:09 Real-Time Event-Based Identity Systems 54:45 Future Directions and Community Engagement 59:03 Teaching and Sharing Knowledge 01:05:33 Closing Thoughts and Recommendations Connect with Ian: https://www.linkedin.com/in/iglazer/ Notional architecture for modern IAM: Part 3 of 4 (blog): https://weaveidentity.com/blog/notional-architecture-for-modern-iam/ 2025: The year we free our IAM data: https://weaveidentity.com/blog/2025-the-year-we-free-our-iam-data/ Learn more about Weave Identity: https://weaveidentity.com/ Digital Identity Advancement Foundation: https://digitalidadvancement.org/ Avoid the Noid! - https://en.wikipedia.org/wiki/The_Noid Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Keywords: IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Ian Glazer, Weave Identity, Identity and Access Management, IAM, Modern Identity Architectures, Modern IAM, Data Tier, Events, Orchestration, Zero Trust, ZTNA, Shared Signals Framework, EIC, Gartner, Black Hat, RSA, Identibeer, Data Lake, OIDs, IANS

Tauseef Ghazi, the Security and Privacy practice lead at RSM, unpacks the intricate dance between cybersecurity and digital identity. He highlights the vital role of apprenticeship in addressing the skills gap, emphasizing mentorship over short-term roles. Ghazi explores the impact of AI and blockchain on identity management, and the pressing need for resilience in cloud environments. With insights on the zero trust framework and the importance of continuous skill investment, he inspires listeners to balance personal growth with professional challenges.

In this special episode of the Identity at the Center Podcast, hosts Jeff and Jim sit down with Hed Kovetz, CEO and co-founder of Silverfort, at the Gartner IAM Summit in Texas. Hed shares insights on the evolution of identity security, the interplay between legacy and modern IT systems, and the importance of securing non-human identities. They also delve into the role of AI in cybersecurity and the challenge of maintaining innovation in a growing company. Tune in for a thought-provoking conversation about the future of identity security and the booming impact of AI. 00:00 The Importance of Identity in Modern Security 01:23 Welcome to the Identity of the Center Podcast 01:44 Live from the Gartner IAM Summit 03:08 Interview with Hed Kovetz, CEO of Silverfort 03:48 Silverfort's Recent Achievements and Innovations 05:15 Challenges and Insights in Identity Security 08:00 The Evolution of Identity Security 21:20 Securing Legacy and Modern IT Systems 29:52 The Rise of Service Account Protection 30:31 Challenges in Securing Non-Human Identities 31:02 Real-World Examples and Governance Issues 31:40 Strategies for Securing Non-Human Identities 32:56 The Evolution of Identity Security 45:49 The Role of AI in Identity Security 50:33 The Future of Identity Security 53:44 Personal Insights and Reflections 01:01:25 Conclusion and Final Thoughts Connect with Hed: https://www.linkedin.com/in/hed-kovetz-910ba5b9/ Learn more about Silverfort: https://www.silverfort.com/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com

In this episode of the Identity at the Center podcast, hosts Jeff and Jim dive into the concept of Identity Security Posture Management (ISPM) with Henrique Teixeira, Senior Vice President of Strategy at Saviynt and former Gartner analyst. Henrique explains ISPM as an Apple Watch for your identity program, focusing on preventive measures before an attack occurs. The discussion also covers the upcoming Gartner IAM Summit, AI's impact on identity management, and the anticipated trends for 2025. Additionally, they explore the differences between AI copilot, agent, and bot, and the future of non-human identity management. Henrique shares insights on balancing ITSM front ends with IGA systems and emphasizes the importance of continuous security investment. Tune in for a comprehensive look at ISPM, AI, and the evolving identity security landscape. Chapters 00:00 Welcome to the Podcast 01:47 Gartner IAM Summit Preview 04:48 Guest Introduction: Henrique Teixeira 05:28 Henrique's Career Transition 10:12 Conference Experiences and Insights 14:10 Understanding ISPM and ITDR 29:16 AI in Identity Management 35:58 Debating the Future of AI in IGA Systems 37:09 Evolution of Access Request Systems 37:59 The Rise of ChatOps in Identity Management 40:26 Multi-Channel Identity and Access Management 45:54 Influencers and Inspirations in Identity Strategy 49:06 Reflecting on 2024: Trends and Predictions 54:31 Looking Ahead: Identity and AI in 2025 01:02:50 Boxing Talk: Mike Tyson vs. Jake Paul 01:08:17 Wrapping Up: Final Thoughts and Farewells Connect with Henrique: https://www.linkedin.com/in/bernardes Learn more about Saviynt: https://saviynt.com/ Prevention + ITDR Venn Diagram - https://www.linkedin.com/posts/rezasoltani_identitysecurity-ispm-itdr-activity-7203522819014500353-8Kv_/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Keywords: Identity Security, IAM, Digital Identity, AI, Artificial Intelligence, ISPM, ITDR, IGA, Gartner IAM Summit, Cybersecurity, Cloud Security, Machine Identity, Non-Human Identity, Podcast, Interview, Saviynt, Henrique Teixeira, Jim McDonald, Jeff Steadman