Live from Authenticate 2025, Jeff Steadman and Jim McDonald sit down with Dr. Tina Srivastava, an IDPro board member and co-founder of Badge Inc., for a crucial discussion on the rapidly evolving landscape of identity and authentication.
Tina shares her insights on the conference, the evolution from physical hacks to sophisticated AI-driven threats like supercharged phishing, and the current challenges facing the industry. The conversation delves into the complexities of synced Passkeys, the critical vulnerability of account recovery processes, and the slow pace of regulation in keeping up with technology.
As a board member for IDPro, Tina highlights the immense value of the practitioner-focused community, the supportive culture within its Slack channels, and makes an exciting announcement about the creation of new member-driven committees to shape the future of the organization. They explore the concept of the "AI arms race" and why identity professionals cannot afford to wait for the next big thing, emphasizing that collaboration and information sharing through communities like IDPro are essential to staying ahead of adversaries.
Connect with Tina: https://www.linkedin.com/in/tina-s-8291438a/
Find out more about IDPro: https://www.idpro.org/
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
Chapters
00:00 Introduction and Greetings
00:16 Highlights from Authenticate 2025
01:39 FIDO Feud Rematch Discussion
03:17 Guest Introduction: Tina Srivastava
03:46 Conference Insights and AI Challenges
06:16 Regulatory Environment and Passkeys
09:11 Phishing and AI Supercharged Attacks
12:28 QR Codes and Accessibility Issues
13:09 The Importance of Phishing Resistant Authentication
22:24 IDPro Community and Practitioner Support
25:18 Community Support and Engagement
26:26 IDPro's Role in Identity Events
27:48 Future Directions for IDPro
29:19 Introducing Committees in IDPro
30:39 AI and Identity Verification
37:07 The Importance of Information Sharing
45:35 Public Speaking and Personal Growth
50:58 Conclusion and Final Thoughts
Keywords
IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Tina Srivastava, IDPro, Authenticate 2025, Passkeys, AI, Artificial Intelligence, Cybersecurity, Phishing, Deepfakes, Authentication, Account Recovery, Biometrics, Identity and Access Management, IAM, NIST, Regulation, Identity Verification, Synced Passkeys, FIDO Alliance
This episode is sponsored by HYPR. Visit hypr.com/idac to learn more.
In this episode from Authenticate 2025, Jim McDonald and Jeff Steadman are joined by Bojan Simic, Co-Founder and CEO of HYPR, for a sponsored discussion on the evolving landscape of identity and security.
Bojan shares his journey from software engineer to cybersecurity leader and dives into the core mission of HYPR: providing fast, consistent, and secure identity controls that complement existing investments. The conversation explores the major themes from the conference, including the push for passkey adoption at scale and the challenge of securely authenticating AI agents.
A key focus of the discussion is the concept of "Know Your Employee" (KYE) in a continuous manner, a critical strategy for today's remote and hybrid workforces. Bojan explains how the old paradigm of one-time verification is failing, especially in the face of sophisticated, AI-powered social engineering attacks like those used by Scattered Spider. They discuss the issue of "identity sprawl" across multiple IDPs and why consolidation isn't always the answer. Instead, Bojan advocates for a flexible, best-of-breed approach that provides a consistent authentication experience and leverages existing security tools.
Connect with Bojan: https://www.linkedin.com/in/bojansimic/
Learn more about HYPR: https://www.hypr.com/idac
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at idacpodcast.com
Chapter Timestamps:
00:00 - Introduction at Authenticate 2025
00:23 - Sponsored Episode Welcome: Bojan Simic, CEO of HYPR
01:11 - How Bojan Simic Got into Identity and Cybersecurity
02:10 - The Elevator Pitch for HYPR
04:03 - The Buzz at Authenticate 2025: Passkeys and Securing AI Agents
05:29 - The Trend of Continuous "Know Your Employee" (KYE)
07:33 - Is Your MFA Program Enough Anymore?
09:44 - Hackers Don't Break In, They Log In: The Scattered Spider Threat
11:19 - How AI is Scaling Social Engineering Attacks Globally
13:08 - When a Breach Happens, Who's on the Hook? IT, Security, or HR?
16:23 - What is the Right Solution for Identity Practitioners?
17:05 - The Critical Role of Internal Marketing for Technology Adoption
22:27 - The Problem with Identity Sprawl and the Fallacy of IDP Consolidation
25:47 - When is it Time to Move On From Your Existing Identity Tools?
28:16 - The Role of Document-Based Identity Verification in the Enterprise
32:31 - What Makes HYPR's Approach Unique?
35:33 - How Do You Measure the Success of an Identity Solution?
36:39 - HYPR's Philosophy: Never Leave a User Stranded
39:00 - Authentication as a Tier Zero, Always-On Capability
40:05 - Is Identity Part of Your Disaster Recovery Plan?
41:36 - From the Ring to the C-Suite: Bojan's Past as a Competitive Boxer
47:03 - How to Learn More About HYPR
Keywords:
IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Bojan Simic, HYPR, Passkeys, Know Your Employee, KYE, Continuous Identity, Identity Verification, Authenticate 2025, Phishing Resistant, Social Engineering, Scattered Spider, AI Security, Identity Sprawl, Passwordless Authentication, FIDO, MFA, IDP Consolidation, Zero Trust, Cybersecurity, IAM, Identity and Access Management, Enterprise Security
In this episode, Jim McDonald and Jeff Steadman are joined by Steve Rennick, Senior Leader for IAM Architecture at Ciena, for a wide-ranging discussion on the most pressing topics in identity today.
The conversation kicks off with a practical look at vendor demos, sharing best practices for cutting through the slideware and getting to the heart of a product's capabilities. From there, they dive deep into the complex world of Non-Human Identities (NHI). Steve shares his practitioner's perspective on why NHIs are such a hot topic, the challenges of managing them, and the risks they pose when left unchecked.
The discussion covers:
Whether you're struggling with service account sprawl, preparing for an AI-driven future, or just want to run more effective vendor demos, this episode is packed with valuable insights.
Connect with Steve: https://www.linkedin.com/in/steven-rennick/
ARIA (Agent Relationship-Based Identity & Authorization) LinkedIn Post from Patrick Parker: https://www.linkedin.com/posts/patrickparker_ai-agent-authorization-activity-7335265428774031360-braE/
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
CHAPTER TIMESTAMPS:
00:00:10 - Introduction & The Art of the Vendor Demo
00:08:02 - Steve Rennick's Take on Vendor Demos
00:12:39 - Formal Introduction: Steve Rennick
00:14:45 - Recapping the Identiverse Squabble Game Show
00:17:22 - The Hot Topic of Non-Human Identities (NHI)
00:22:22 - Is NHI a Joke or a Serious Framework?
00:26:41 - The Controversy Around the Term "NHI"
00:30:24 - How to Simplify NHI for Practitioners
00:34:06 - First Steps for Getting a Handle on NHI
00:37:20 - Can Active Directory Be a System of Record for NHI?
00:45:08 - Why is NHI a Hot Topic Right Now?
00:51:19 - The Challenge of Cleaning Up Legacy NHIs
00:58:00 - IAM for AI: Managing a New Breed of Identity
01:03:33 - The Future is Authorization
01:06:22 - The Zero Standing Privilege Debate
01:10:39 - Favorite Dinosaurs and Outro
KEYWORDS:
NHI, Non-Human Identity, Machine Identity, Service Accounts, Vendor Demos, IAM for AI, Agentic AI, Authorization, Zero Trust, Zero Standing Privilege, Secrets Management, IAM Strategy, Cybersecurity, Identity and Access Management, Steve Rennick, Ciena, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald
In this episode of the Identity at the Center podcast, Jim McDonald interviews Sebastian Rohr, the Chief Troublemaker at Umbrella Labs. They discuss the evolution of identity management, the challenges of digital identity, and the importance of national ID systems. Sebastian shares his personal journey into the identity field, the impact of digital identities on individuals, and the challenges faced in developing countries regarding identity verification. The conversation also touches on the role of AI in identity management, the importance of community in the identity space, and the cultural significance of German Unification Day.
Connect with Sebastian: https://www.linkedin.com/in/sebastianrohr/
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
Chapters
00:00 Introduction and Guest Introduction
05:13 Sebastian's Origin Story in Identity
11:00 The Evolution of Identity Verification
15:24 Challenges in Identity Verification Technology
20:13 The Importance of Birth Registration
26:58 Real-World Stories from Identity Management
32:30 Tips for Identity Practitioners
35:22 Finding the Right Balance in Digital Transformation
36:21 EUDI: The Future of Digital Identity
40:02 Addressing Bias in Identity Systems
44:11 The Impact of AI on Identity Management
52:20 The Rise of Identity Beer: Community and Connection
59:40 Celebrating German Unification Day
Keywords
identity, decentralized identity, digital identity, identity verification, national ID systems, AI in identity, identity management, global identity challenges, identity beer, German unification
In this episode of the Identity at the Center Podcast, Eve Maler, founder and CEO of Venn Factory joins host Jim McDonald. They discuss the significance of identity in the corporate world; detailing Eve's new book aimed at educating CEOs on the importance of treating identity as a strategic asset rather than mere infrastructure. They explore concepts like the evolving role of identity in security, the increasing risks posed by AI and cybersecurity threats, and the potential for organizational paralysis without proper identity management. Eve emphasizes the need for cross-functional focus and strategic ownership of identity functions within companies. The episode concludes with insights into public speaking and preparation, providing listeners with practical advice and industry insights.
Connect with Eve: https://www.linkedin.com/in/evemaler/
Chapters
00:00 Introduction and Guest Welcome00:32 The Story Behind 'Venn Factory'02:09 Eve Maler's Book for CEOs04:42 The Importance of Digital Identity10:53 AI and Its Impact on Executives17:25 Organizational Challenges in Identity Management23:49 The Role of Identity in Organizations24:44 Escaping Organizational Paralysis25:08 Valuing Identities in the Digital Age28:13 B2B Identity Dynamics35:21 The Rise of Identity Security42:32 Public Speaking Tips and Lighter Notes
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
This episode of the Identity at the Center podcast delves into the complex topic of death and the digital estate (DADE). Jim McDonald hosts Dean Saxe, Heather Flanagan, and Mike Kiser, who discuss the importance of planning for digital assets after death, the cultural implications of digital identity, and the evolving role of technology in managing these assets. They emphasize the need for individuals to take proactive steps in documenting their digital estate and the challenges posed by varying legal frameworks and cultural perspectives. The conversation also touches on the future of digital identity in the age of AI and the ethical considerations surrounding it.
Episode Links:
Death and the Digital Estate (DADE) Community Group: https://openid.net/cg/death-and-the-digital-estate/
Connect with Dean: https://www.linkedin.com/in/deanhsaxe/
Connect with Heather: https://www.linkedin.com/in/hlflanagan/
Connect with Mike: https://www.linkedin.com/in/mike-kiser/
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
Chapters
00:00 Introduction to Identity at the Center Podcast00:10 Introduction to the Death and Digital Estate (DADE) group03:07 The Role of Identity in Digital Estates06:01 Understanding Digital Estate and Its Components09:09 Community Groups vs. Working Groups in Standards11:59 The Importance of Digital Estate Management15:09 Cultural Perspectives on Digital Death18:12 Legal and Ethical Considerations in Digital Estates20:59 Future of Digital Estate Planning24:03 Conclusion and Call to Action31:33 Cultural Frameworks and Digital Estates35:12 The Importance of Protocols in Digital Estate Management39:30 Navigating Digital Wills and Estate Planning42:19 Challenges in Digital Recovery and Access45:18 Actionable Steps for Digital Estate Planning48:52 Personal Reflections on Digital Legacy50:57 The Future of Digital Remembrance54:25 Final Thoughts and Community Engagement
Keywords
digital estate, death, identity management, OpenID Foundation, digital assets, cultural perspectives, technology, legal considerations, AI, planning guide
This episode is sponsored by Hush Security. Visit hush.security/idac to learn more.
In this sponsored episode of Identity at the Center, hosts Jeff Steadman and Jim McDonald spotlight Hush Security, a company emerging from stealth with an innovative approach to machine identity and access management. CEO and co-founder Micha Rave explains why traditional secrets vaults can’t keep up with today’s scale, what it means to truly go “secrets-free,” and how Hush enables visibility, governance, and operability for modern and legacy environments alike.
Discover:
Learn more about Hush Security and get a free environment assessment: hush.security/idac
Connect with Micha: https://www.linkedin.com/in/micharave/
Connect with IDAC on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at idacpodcast.com
#idac #identitymanagement #machineidentity #secretsmanagement #podcast #cybersecurity #JimMcDonald #JeffSteadman #HushSecurity #IdentityattheCenter
Chapters / Timestamps:
00:00 - Welcome and Introduction (Hosts: Jeff and Jim)
01:00 - Introducing Micha Rave and Hush Security
03:00 - Micha’s Background and the Hush Team’s Journey
06:00 - What Is Hush Security and Why Now?
09:00 - Leaving Stealth Mode: Patents and Novel Approaches
12:00 - What Makes Hush Special? Remediation vs. Visibility
15:00 - Vaults vs. Secrets-Free Approach & Industry Gaps
18:00 - Non-Human Identities: Static Keys, Secrets, and Access
22:00 - Solving Problems Beyond Cloud: Custom vs. Packaged Software
26:00 - The Scale of Machine Identity in the Cloud and Automation Age
29:00 - Why Secrets Management Is Breaking and the Case for Policy-Based Access
34:00 - From Scanning to Policy Enforcement: How Hush Works
39:00 - Metrics, Success, and Executive Buy-in for Modern IAM
43:00 - How to Get Started with Hush Security (Free Assessments)
46:00 - Micha’s Conference Plans and Final Thoughts
49:00 - Pancakes or Waffles?
Keywords:
IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Hush Security, machine identity, secrets management, secrets vault, IAM, cybersecurity, sponsored episode, non-human identities, policy-based access, vault elimination, cloud security, automation, zero trust, Micha Rave, podcast, identity management
In this episode of the Identity at the Center podcast, hosts Jeff and Jim dive into the concept of device identity within a Zero Trust framework. They are joined by Shea McGrew, CTO of Maricopa County Arizona, who provides insights into the importance of managing not just human but also device identities. The discussion explores the philosophical debate on whether machines can have identities, Zero Trust principles, and their application in a diverse and semi-autonomous organizational structure like that of the county government. Shea also shares her career journey, emphasizing the importance of curiosity, customer service, and continuous learning in IT. The episode wraps up with a light-hearted conversation on the never-ending pursuit of knowledge.
Connect with Shea: https://www.linkedin.com/in/shea-m-6b82a36/
Timestamps:
00:00 Introduction and Podcast Theme
00:17 Defining Identity in Cybersecurity
01:34 Debate: Can Non-Humans Have Identities?
01:57 Guest Introduction: Shea McGrew
04:15 Shea's Career Journey and Role as CTO
09:28 Challenges and Rewards of Being a CTO
11:41 Identity Strategy at Maricopa County
14:48 Device Identity and Zero Trust Architecture
29:56 Managed vs. Unmanaged Devices
40:15 Understanding the NIST Framework
42:52 Balancing Technology and People
43:58 Training and Partner Collaboration
48:03 Organizational Change Management
50:40 Future of Device Identity
54:40 Debating Machine Identity
01:06:36 Curiosity as an Olympic Sport
01:13:00 Conclusion and Final Thoughts
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
Join Jeff Steadman and Jim McDonald for the September 2025 mailbag episode of Identity at the Center! This episode features listener questions from around the world about digital identity, trust, technology challenges, inclusion, biometrics, and even a candid discussion on air travel etiquette. Whether you're new to IAM or a veteran, you'll find practical advice and real stories. Plus, hear shout-outs to our global community and learn what’s coming up for the podcast team, including conferences and game shows. Don’t forget to leave your thoughts or questions in the comments—let’s keep the conversation going!
Chapter Timestamps:
00:00 - Intro & Community Shout-Outs
04:00 - Upcoming Conferences & Discount Codes
07:00 - What the Podcast Is All About
08:40 - Mailbag Intro: Listener Questions From Around the World
09:20 - Engaging IT with IAM Concepts (Matt in Maine)
13:20 - Building Trust in Digital Identity (Amara in India)
18:30 - Practical Challenges for Large Programs (Sophie in France)
25:45 - Digital Identity and the Unconnected (Jonas in Germany)
33:15 - Biometric Data & Security Pros/Cons (Rachel in Canada)
39:45 - Air Travel Etiquette: From Shoes Off to Elbow Room
48:10 - Outro & Thanks
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
Keywords:
IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, mailbag, listener questions, digital identity, IAM, identity and access management, trust, technology inclusion, biometrics, air travel etiquette, conferences, community, YouTube, podcast, global audience, #idac
This episode is sponsored by SGNL. Visit sgnl.ai/idac to learn more.
In this sponsored episode of Identity at the Center podcast, hosts Jeff and Jim discuss hot trends in the identity space, focusing on continuous identity with their guest Erik Gustavson, co-founder and CPO at SGNL. Erik shares his journey into the IAM space, exploratory projects, the thought processes behind SGNL’s continuous identity solutions, and provides insights on how SGNL’s approach integrates with existing identity and security tools. He delves into trends such as the convergence of identity and security, the generational change in identity tech, and the practical use cases SGNL addresses. The episode concludes with a light-hearted conversation about the perfect meal for Jeff, reflecting Eric's passion for cooking.
Connect with Erik: https://www.linkedin.com/in/erikgustavson/
Learn more about SGNL: https://sgnl.ai/idac
Timestamps
00:00 Introduction and Episode Overview
00:36 Sponsor Spotlight: SGNL
01:10 Guest Introduction: Erik Gustavson
01:41 Eric's Journey into the IAM Space
05:47 Role of a Chief Product Officer
07:54 The Concept of Continuous Identity
20:26 Data Integration and Policy Enforcement
26:40 Target Audience for SGNL
29:42 Introduction to SGNL’s Ecosystem
30:13 Complementing Existing Systems
30:44 Challenges with Current Identity Solutions
33:27 New Trends in Authorization Management
34:09 Aligning with AMP and PBA
37:58 Use Cases and Real-World Applications
46:31 What Sets SGNL Apart
48:37 Future Trends in Identity and Security
52:35 A Lighter Note: Cooking and Personal Interests
58:32 Conclusion and Final Thoughts
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at idacpodcast.com
In this episode of the Identity at the Center podcast, Jeff and Jim discuss various aspects of identity access management (IAM) policies and the importance of having a solid foundation. They emphasize the need for automation, controls, and how IAM policies should be created without technology limitations in mind. The discussion also covers the implementation challenges and the evolving concept of identity verification. Jeff, Jim, and their guest, Nishant Kaushik, the new CTO at the FIDO Alliance, also delve into the issues surrounding the adoption of passkeys, highlighted by Rusty Deaton’s IDPro article, and address some common concerns about their security. Nishant offers insights into ongoing work at FIDO Alliance, the potential of digital identity, and the importance of community in the identity sector. The episode concludes with mentions of upcoming conferences and an homage to the late identity expert, Andrew Nash.
Timestamps
00:00 Introduction and Greetings
00:18 Importance of IAM Policies
01:36 Challenges in Policy Implementation
05:09 Conferences and Discount Codes
07:59 Introducing the Guest: Nishant Kaushik
08:42 The Role of the FIDO Alliance and Digital Identity
10:35 Concerns and Solutions for Passkeys
22:21 Final Thoughts on Passkeys and Authentication
29:48 Credential Security Concerns
30:03 FIDO Members and Their Contributions
30:38 Getting Involved in Working Groups
31:58 Conversations at Authenticate Conference
32:29 Evolution of the Authenticate Conference
34:32 Automotive Authentication Challenges
36:04 Community and Collaboration
38:33 Remembering Andrew Nash
41:41 Lightning Round: Current State of AI and Identity
44:21 Decentralized Identity: Current Trends
49:47 Non-Human Identity: Future Perspectives
52:19 New York Sports Fandom
54:33 Conclusion and Upcoming Events
Connect with Nishant: https://www.linkedin.com/in/nishantkaushik/
Learn more about the FIDO Alliance: https://fidoalliance.org/
IDPro Article by Rusty Deaton: https://idpro.org/blackhat-and-def-con-2025-thoughts/
Kill the Wallet? Rethinking the Metaphors Behind Digital Identity by Heather Flanagan: https://sphericalcowconsulting.com/2025/07/22/digital-wallet-metaphor/
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
In this episode of the Identity at the Center podcast, hosts Jeff and Jim engage in an insightful conversation with Darren Rolls, a veteran in the Identity and Access Management (IAM) field. They discuss the complexities of identity fabrics, the evolving landscape of IAM, the impact of AI, and the challenges of integrating new technologies with legacy systems. Darren shares his thoughts on upcoming trends, practical advice for IAM practitioners, and even his personal experience with kite surfing. Tune in to gain expert perspectives on the future of IAM and the significance of continuous learning and adaptation in this dynamic field.
Connect with Darran: https://www.linkedin.com/in/darran-rolls/
Identity Innovations Blog: https://identityinnovationlabs.com/identity-insights/
Chapters
00:00 Introduction and Casual Banter
00:17 Discussing Identity Fabrics and Leadership Compass
03:19 Upcoming Conferences and Events
05:32 Interview with Darren Rolls: Identity Management Journey
09:09 Evolution and Challenges in Identity Management
24:41 Future of Identity Management and AI
32:05 The Future of IAM in the Age of AI
33:12 The Rise of Agent-Based Applications
34:12 Challenges in Identity and Access Management
35:31 Exploring Vibe Coding and AI Utilities
38:09 Monitoring and Telemetry in IAM
40:17 The Evolution of Identity Management
42:05 The Role of Laws in IAM Architecture
46:16 Balancing Legacy Systems with Future Innovations
51:39 Kite Surfing Adventures and Reflections
59:01 Closing Thoughts and Future Engagements
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
Sponsored by Axonius. Visit https://www.axonius.com/idac to learn more.
In this sponsored episode of the Identity at the Center Podcast, hosts Jeff and Jim talk with Amir Ofek, the CEO of AxoniusX, about the company's innovative solutions in identity and access management (IAM). The discussion covers Amir's journey into IAM, the unique challenges of managing identities, and how AxoniusX's data-driven approach provides comprehensive visibility and intelligence. The episode breaks down various use cases, the importance of identity hygiene, automation of identity processes, and the newly recognized identity visibility and intelligence platform (IVIP) by Gartner.
Timestamps:
00:00 Introduction and Episode Overview
00:57 Guest Introduction: Amir, CEO of AxoniusX
01:12 Amir's Journey into Identity Access Management
02:40 Understanding Axonius and AxoniusX
08:03 The Importance of Identity Visibility and Intelligence
11:48 Challenges in Identity Management
22:10 Axonius's Approach to Identity Visibility
26:35 Leveraging AI and Machine Learning in Identity Management
31:18 Understanding Permission Changes and Their Importance
32:10 The Role of Observability in Axonius
32:37 Driving Actions with Axonius
33:30 Common Use Cases and Workflows
35:19 Axonius as a Swiss Army Knife
36:16 Ease of Use and AI Integration
38:49 Starting with Axonius and Measuring Value
43:42 Future Directions for Axonius
49:49 The Identity Community and Upcoming Events
51:23 Skiing Adventures and Tips
57:54 Conclusion and Final Thoughts
Connect with Amir: https://www.linkedin.com/in/amirofek/
Learn more about Axonius: https://www.axonius.com/idac
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at idacpodcast.com
In this episode of the Identity at the Center Podcast, hosts Jeff and Jim dive into the critical intersection of cloud security and identity and access management (IAM). They are joined by experts from RSM Justin Devine, Cloud Transformation Director, and Vaishnavi Vaidyanathan, Digital Identity Director, to discuss the challenges and strategies involved in explaining complex identity topics in business terms to executives. The conversation covers the integration of IAM with cloud initiatives, the importance of automation and governance, and actionable steps for improving cloud security and identity management. The episode also touches on the evolving role of identity in cybersecurity and offers practical advice for organizations undergoing cloud migrations.
Connect with Justin: https://www.linkedin.com/in/justindevine/
Connect with Vaishnavi: https://www.linkedin.com/in/vaishnavi-vaidyanathan-6913072b/
Learn more about RSM:
Digital Identity consulting: https://rsmus.com/services/risk-fraud-cybersecurity/cybersecurity-business-vulnerability/identity-and-access.html
Secure Cloud: https://rsmus.com/services/risk-fraud-cybersecurity/cybersecurity-business-vulnerability/secure-cloud.html
Check out more RSM & IDAC episodes: https://rsmus.com/insights/services/risk-fraud-cybersecurity/IDAC-podcast-featuring-RSMs-digital-identity-team.html
Chapters
00:00 Introduction and Banter
00:37 Explaining Identity in Business Speak
04:03 Conference Season and Upcoming Events
06:19 Intersection of Cloud Security and IAM
07:05 Guest Introductions: Justin and Vaishnavi
07:37 Vaishnav's Journey in Identity
12:20 Justin's Background and Cloud Security
14:32 Cloud and IAM Strategies
29:28 Challenges in Identity Management
30:09 Identity Orchestration and Cloud Transformation
31:07 Modernizing Identity for Cloud Adoption
33:03 Importance of Identity in Advanced Cloud Implementations
37:28 Identity Security and Monitoring in the Cloud
41:34 Practical Advice for Cloud and Identity Management
53:23 Music Preferences and Final Thoughts
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
Join Jeff and Jim in this special episode of the Identity at the Center podcast as they celebrate crossing 1 million downloads. The hosts share a major announcement, thank their supporters, and discuss the journey and future of the podcast. They also delve into the world of Identity and Access Management (IAM) with guest Anthony Viggiano, covering key topics such as access reviews, roles, data integration, and non-human identities. Anthony shares his insights on making access reviews effective, future-proofing IAM programs, and the pragmatic approaches to identity governance. Plus, learn about Anthony's passion for mountain biking and some tips for beginners. Don't miss this episode packed with valuable IAM insights and a momentous celebration!
Timestamps:
00:00 Introduction and Banter
00:33 Major Milestone Announcement
02:58 Upcoming Events and Conferences
06:54 Guest Introduction: Anthony Viggiano
09:48 Anthony's Journey into Identity
11:08 Challenges in Identity Management
12:24 Non-Human Identities and AI
16:34 Access Reviews: Security Theater?
24:08 Making Access Reviews Effective
26:29 Effective Access Reviews: Overcoming Challenges
29:29 Role-Based Access Control (RBAC) Insights
32:29 Exploring Attribute-Based Access Control (ABAC)
37:56 Centralizing Identity Governance
45:47 Future-Proofing Identity Programs
47:35 Mountain Biking: A Metaphor for Life
54:54 Closing Thoughts and Community Support
Connect with Anthony: https://www.linkedin.com/in/anthonyviggiano/
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
This episode is sponsored by P0 Security. Visit p0.dev/idac to learn why P0 is the easiest and fastest way to implement just-in-time, short-lived, and auditable access to your entire infrastructure stack, like servers, databases, Kubernetes clusters, cloud consoles, and cloud services, for users as well as non-human identities.
In this sponsor spotlight episode, Jim and Jeff are joined by Shashwat Sehgal, CEO and founder of P0 Security, to discuss the evolving challenges of privileged access management in modern, cloud-native environments. Shashwat explains how traditional PAM solutions often create friction for developers, leading to over-provisioning and security risks, and how P0 is tackling this problem with a developer-first, just in time (JIT) access model. The conversation covers the core problems with developer productivity, how P0's use of technologies like eBPF provides deep visibility and control without agents, the "Priority Zero" philosophy, and how a JIT approach simplifies audits and compliance. They also discuss the competitive landscape and what sets P0 Security apart from traditional and open-source solutions.
Learn more about P0: https://www.p0.dev/idac
Connect with Shashwat: https://www.linkedin.com/in/shashwatsehgal/
Chapter Timestamps:
00:00 - Podcast Intro
00:29 - Sponsor Introduction: P0 Security
01:38 - What is the problem P0 Security is trying to solve?
03:52 - Defining "Just-in-Time" (JIT) Access
06:21 - The challenge with traditional PAM for developers
08:23 - How P0 provides access without agents using eBPF
12:15 - What does the user experience look like?
15:58 - Supporting various infrastructure and access protocols
19:15 - How does P0 handle session recording and auditing?
22:20 - Is this a replacement for Privileged Access Management (PAM)?
26:40 - The story behind the name P0 Security
29:20 - Who is the ideal customer for P0?
33:15 - Handling break-glass scenarios
36:04 - Discussing the competitive landscape
42:30 - How is P0 deployed? (Cloud vs. On-prem)
46:50 - The future of P0 and the "Priority Zero" philosophy
50:32 - Final thoughts: "Access is our priority zero."
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
Keywords:
P0 Security, Shashwat Sagal, Privileged Access Management, PAM, Just-in-Time Access, JIT, Developer Security, Cloud-Native Security, Hybrid Cloud, eBPF, Kubernetes, IAM, Identity and Access Management, Cybersecurity, Zero Trust, Ephemeral Access, Developer Experience, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald
Join hosts Jeff Steadman and Jim McDonald as they explore the critical intersection of attack surface management (ASM) and digital identity with Dan Lauritzen, Director with RSM Defense - RSM’s Managed Security Team. This episode dives deep into how identity has become a key component of your organization's attack surface and why breaking down silos between identity teams and Security Operations Centers is more crucial than ever.
Dan brings a unique perspective from his military background as a human intelligence collector to his current role in detection and response. Learn about the cyber kill chain, understand when you might have too much data, and discover practical strategies for treating identities as assets that need continuous protection.
Whether you're an identity practitioner looking to expand your security knowledge or a cybersecurity professional wanting to better understand identity's role in attack surface management, this conversation offers valuable insights and actionable takeaways.
Key topics include XDR platforms, ITDR tools, the evolution from legacy SIEM to modern detection systems, and why the future of security requires collaboration between traditionally separate teams.
Chapter Timestamps
00:00 - Introduction and Industry Trends
01:00 - AI and Technology Disruption Discussion
02:00 - Upcoming Conference Schedule and Discount Codes
04:00 - Podcast Milestone - Approaching One Million Downloads
06:30 - Introducing Dan Lauritzen and RSM Defense Team
09:00 - Dan's Background - From Military to Cybersecurity
12:00 - What is Attack Surface Management?
14:00 - Treating Identities as Assets
16:00 - The Cyber Kill Chain Explained
18:00 - Why Identity and SOC Teams Operate in Silos
21:00 - The Role of Data in Modern Security Operations
23:00 - Continuous Identity Management and Shared Signals Framework
26:00 - Can You Have Too Much Data?
29:00 - Breaking Down Silos Between Identity and SOC Teams
32:00 - Practical Collaboration Strategies
34:00 - SIEM vs XDR vs ITDR - Understanding the Tool Landscape
41:00 - Pragmatic Security Strategies and Metrics
44:00 - Biggest Misconceptions About Attack Surface Management
45:00 - Military Background - Human Intelligence Collection
48:00 - Communication Tips for Better Information Gathering
51:00 - Closing and Contact Information
Connect with Dan: https://www.linkedin.com/in/daniel-lauritzen-67545045/
Cyber Kill Chain: https://en.wikipedia.org/wiki/Cyber_kill_chain
Learn more about RSM:
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
Keywords
IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Dan Lauritzen, RSM, attack surface management, cybersecurity, digital identity, SOC, Security Operations Center, XDR, ITDR, SIEM, cyber kill chain, detection and response, identity security, human intelligence, military cybersecurity, continuous identity management, shared signals framework, UEBA, threat detection, zero trust, privileged access management, identity governance, security metrics, vendor management, cloud security, endpoint security, data correlation, security silos, collaboration strategies, identity assets, orphaned accounts, entitlement creep, attack surface reduction, security automation, AI in security, machine learning security, identity sprawl, security tools, cybersecurity consulting, managed security services, security monitoring, incident response, threat hunting, vulnerability management, risk assessment, compliance, security architecture, defense strategy
In this episode of the Identity at the Center podcast, hosts Jeff and Jim dive into an enriching discussion with Shawna Hofer, Chief Information Security Officer at St. Luke's Health System in Idaho. Discover the vital link between cybersecurity and patient safety, the evolving role of AI in healthcare, and the challenges of integrating new technologies securely. Shawna shares her unique journey from an identity and access management manager to a CISO, offering valuable insights on risk management, data privacy, machine identities, and resilient security infrastructure. This is a must-watch episode for anyone interested in the intersection of healthcare and cybersecurity!
Timestamps:
00:00 Introduction and Podcast Overview
00:37 ID Pro Membership Benefits
03:35 Conferences and Events
06:03 Introducing Shawna Hofer
07:00 Shawna’s Journey to CISO10:55 Identity Security in Healthcare
13:49 Balancing Security and User Experience
19:08 Challenges with IoT in Healthcare
24:27 AI in Healthcare Security
30:01 Upskilling for AI in Security
33:07 The Ever-Improving AI Landscape
33:21 Embracing the AI Mindset
33:58 Resiliency in Healthcare and AI
35:06 The Future of Jobs in an AI-Driven World
37:37 Trusting AI in Security Decisions
40:56 Learning the Language of Risk
43:44 Making the Business Case for Identity
45:50 Balancing Security Investments
51:48 The Future of Healthcare and AI
54:40 Fun and Food: The Potato Question
01:02:13 Closing Remarks and Farewell
Connect with Shawna: https://www.linkedin.com/in/shawna-hofer-7259b21a/
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
In this episode of the Identity at the Center Podcast, hosts Jeff and Jim are joined by Felix Gaehtgens, a former Gartner analyst, to discuss the evolving landscape of machine identity. Felix shares insights into the differences between human and machine identities, the challenges posed by legacy identity management practices, and the importance of moving towards modern, dynamic, and ephemeral identity solutions. The conversation covers key strategies for managing machine identities, the role of IAM teams, and the future of this critical area in cybersecurity. Tune in for an informative and engaging discussion that dives deep into the technical, strategic, and practical aspects of machine identity management.
Timestamps:
00:00 Introduction and Catching Up
01:20 Special Guest Introduction: Felix Gaehtgens
03:42 Upcoming Conferences and Events
06:46 Deep Dive into Machine Identity
09:10 Challenges and Solutions in Machine Identity Management
18:03 Practical Advice for Practitioners
29:28 The Future of Identity Security
30:29 The IAM Team's Absence in Machine Identity
31:06 Challenges Faced by Developers and IAM Teams
31:42 Forming a Machine IAM Working Group
34:24 The Disconnect Between IAM Teams and Developers
37:16 Tactical Approaches for IAM Program Managers
39:21 Guidance and Automation in IAM
51:25 The Future of Machine Identity
54:47 Scuba Diving and IAM Analogies
01:00:35 Conclusion and Final Thoughts
Connect with Felix - https://www.linkedin.com/in/felixgaehtgens/
Reading links:
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
Welcome back to Identity at the Center! Jeff flies solo this week as Jim handles a cross-country move, bringing you an insightful conversation with Joni Brennan, the new Chair of the IDPro Board of Directors.
In this episode, Joni shares her vision for IDPro's future, discussing what the organization does well and where improvements are needed. As both IDPro Chair and President of DIACC (Digital ID and Authentication Council of Canada), Joni brings unique insights into the business side of identity management, international perspectives on digital wallets, and the importance of building bridges across different identity ecosystems.
Joni also opens up about her work bridging local, national, and international identity initiatives in Canada, and why she believes identity professionals need to think beyond just technical specifications.
Plus, stick around for a special bonus segment where we meet Champ, Joni's adorable new German Shepherd-Rottweiler puppy!
#idac #identity #cybersecurity #digitalidentity #identitymanagement #iam #idpro #digitalwallets #canada #authentication
Connect with Joni: https://www.linkedin.com/in/jonibrennan
Learn more about IDPro: https://idpro.org/
Learn more about DIACC: https://diacc.ca/
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
Timestamps
00:00 - Introduction and Solo Host Setup00:40 - Welcome Joni Brennan, New IDPro Chair01:00 - Official IDPro Podcast Partnership Announcement02:00 - Life Updates: Still in the Trailer on Starlink03:00 - What IDPro Members Should Know05:00 - Open Invitation for Community Feedback07:00 - What IDPro Does Well vs Areas for Improvement10:00 - The Need for More Structure in IDPro12:00 - Defining Identity Professionals Beyond Technical Roles14:00 - The Value of IDPro Slack Community16:00 - Business of IAM: Beyond Technical Implementation18:00 - Case Studies and Success Stories for IDPro20:00 - Learning from Failures and Sharing Knowledge22:00 - Organizational Politics in Identity Management25:00 - Building Bridges Between Identity Ecosystems27:00 - Introduction to DIACC and Canadian Perspective30:00 - Local vs National vs International Identity Initiatives32:00 - Digital Wallets and the Trust Problem35:00 - Centralization vs Decentralization in Identity38:00 - Trust Anchors and Multiple Wallet Ecosystem40:00 - Making Identity Products People Want to Use42:00 - Privacy, Audit Trails, and Government Regulation44:00 - Citizen-Directed Government Data45:00 - International Perspectives on Identity Solutions47:00 - AI, Fraud, and Regulatory Responses in Canada49:00 - Serving Current Needs While Building Future Solutions50:00 - The Challenge of Being an Identity Expert51:00 - Wrapping Up IDPro Discussion52:00 - Bonus: Meet Champ the Puppy54:00 - Dog Stories and Puppy Training56:00 - Closing Remarks and Contact Information
Keywords
IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Joni Brennan, IDPro, identity management, digital identity, IAM, cybersecurity, authentication, digital wallets, trust frameworks, DIACC, Canada, identity professionals, business of identity, case studies, community feedback, Slack community, certification, CIDPRO, international identity, EU wallets, mobile driver's license, Apple Wallet, Google Wallet, trust anchors, interoperability, fraud prevention, AI in identity, government regulation, citizen directed data, open banking, privacy, audit trails, identity politics, organizational change, professional development, technical skills, non-technical professionals, policy advocacy, governance, standards, specifications, bridge building, ecosystem connectivity, puppy, German Shepherd, Rottweiler
