The Analyst Brief

In this week's episode, Simon and David are joined by Alex Bovee the CEO of https://www.conductorone.com/ - a next generation identity security and IGA provider. They cover a range of topics including the adoption of cloud services and the impact on security, the cloud shared security model, the left shifting of identity risk from being detection focused to preventative, reducing access reviews to focus on exceptions only, how the security world is taking on more IAM capabilities and knowledge and the introduction of a new open source project called Baton - to extract and manage identity data.

In this episode Simon and David review the recent Gartner IAM conference held in Grapevine Texas. Is Identity Orchestration on the rise and how will that impact the complex identity infrastructure of the modern enterprise? What role does security now play within IAM and how will that impact metrics, persona and integration? Is this the year of Identity Threat Detection and Response? And what is becoming of Zero Trust and how it relates to identity?

This week we hear from a special guest as Simon has a great conversation with 1Kosmos CEO Hemen Vimadalal.  They start off at the beginning...going back to 2003/4 when Hemen helped setup identity certification and role management startup Vaau - which later became Sun Role Manager, then Oracle Identity Analytics.  From there Hemen continued on the entrepreneurial journey to setup Simeio Solutions - a 1000 strong identity advisory and managed services player, before moving on to setup 1Kosmos - a software vendor aiming to tackle the usability and security dilemma by linking identity proofing to passwordless authentication.  An insightful discussion that covered identity governance and administration, trust boundaries, the rise of different identity personas, data breaches, privacy and identity based authentication.

This week Simon and David review the recent eCrime summit that happened in London, where the topic of ChatGPT was discussed.  Is it just for the bad guys?  Can the good guys benefit too?  Where is that heading? Identity Threat Detection and Response vendor Authomize released a new project called OpenITDR - what is it and what is the benefit?  Identity visibility seems to be in vogue this month too..with both Radiant Logic and Ermetic making product releases that focus on joining up data in the identity ecosystem.

This week Simon and David take a look at two of the giants in the IAM space - CyberArk and Microsoft.  Are Microsoft emerging as the dominant cloud service provider in the identity space? What were CyberArk's latest results telling us? Who are Plaid and why have they partnered with Okta?  What is becoming of the workload identity space?

This week Simon and David review some interesting moves in the identity governance and administration space.  First up Saviynt raised $205 million (along with founding CEO Sachin Nayyar returning as CEO after a stint at Securonix) to bolster their Enterprise Identity Cloud offering.  Next up they discuss Radiant Logic entering into a definitive agreement to acquire French IGA specialist Brainwave GRC.  What does this tell us about the global IAM and IGA space?  Where will they head to?  Will more funding and acquisitions happen in 2023?  They also review SiberX CISO Forum in Canada and the Future of Cyber conference held in the UK.

This week Simon and David discuss a $26 million series B round for identity orchestration vendor Strata.io. What is identity orchestration, why is it a problem today and how can it be handled within the enterprise?  What is IDQL and what are recipes?  A discussion on a recent consent breach at Home Depot in Canada saw the Canadian Privacy Commissioner got involved. They also review a recent poll covering our favourite biometric, which spawned a discussion around identity based authentication (see 1Kosmos and keyless.io for more on that).  They also delved into the world of IAM maturity assessments...

Welcome to the first episode of 2023! After a short festive break, Simon and David are back to bring you the latest industry analyst views on a range of different identity and access management topics.  This week, they have a special guest: Kristian Alsing - a Senior Cyber Security and Business Resilience Executive - with 20 years experience working for the likes of Accenture and Deloitte.  Kristian recently wrote a great guest article for The Cyber Hut on NIS-2. In this episode the guys cover a range of topics relating to regulation and the role of IAM - covering critical infrastructure, the ever increasing supply chain and the rise of destructive attacks in waiting!

As the end of 2022 is on the horizon, Simon and David run through a festive quiz roulette, hitting some of the key topics of interest from the past 12 months including.. Favourite conference of 2022 Favourite identity buzz word IAM acronym / topic that will die in 2023 Biggest IAM surprise in 2022 Most interesting IAM startup / category IAM acronym / topic that will come alive in 2023 Huge shout out to a range of vendors including...HYPR, Aserto, 1Kosmos, Indykite, PlainID, Axiomatics, Styra, Sonrai, Ermetic, Strata, SecureKey, SDO, Gen, ForgeRock, Ping, Okta, Cyberark, Sailpoint, Auth0, tru.id, SGNL, 3Edges, Keyfactor and many more. Have a great festive period and we'll see you in 2023!!

In this week's cold and snowy episode, Simon and David review a recent The Cyber Hut poll asking the question around where does IAM report into within your organisation?  What about consumer identity and privacy?  Also...do we need a new role - the Chief Identity Officer?  How can the reporting lines impact the hiring and firing of IAM and cyber security personnel?  And a brief look at the re-branded Microsoft identity capabilities known as Entra.