SailPoint's Mistaken Identity Podcast

On this episode of Mistaken Identity, Mike Kiser is joined by Katherine Teitler, VP of Research and Advisory at TAG Cyber. Her recent research illustrates the shifting role of identity—from an IT process to a foundational approach for security. While that's the starting point, the conversation roams into disinformation, “sources of truth,” identity profiling via personal musical history, and, of course, the oldest instrument in the world: a neanderthal flute. Identity, as always, is a richer topic than we imagine.

Many people assume that there is some magic formula for success in identity. Is it having the right degree? Is it knowing the right people? Is it having a ”Particular set of skills?" Today on Mistaken Identity, we interview three sets of people who are imminently unqualified at first glance. They've come from outside the expected backgrounds, the expected channels: their stories vary widely, but they have all found themselves thriving within the identity space. Three pairs of people. Three sets of stories. Six unique journeys into identity. All on this single episode of Mistaken Identity.

A new season of Mistaken Identity is here with a special focus on election security, voting systems, and their impact on democracy. We have a range of guests coming to explain the ins and outs of election observing, online voting, and the current state of election security both in the United States and throughout the world. (Yes, that’s a big topic—and one that has surprising parallels to other forms of identity and security.) In this episode, Dr. Susan Hyde, a Professor of Political Science from UC Berkeley, explains how Election Observers act as “auditors” of Election Security. She discusses some of her own experiences observing in Afghanistan, Albania, Indonesia, Liberia, Nicaragua, Pakistan and Venezuela. We then explore the role that Observers have played in the rise (and subsequent regression) in democracy throughout the world—including in the U.S. Finally, we outline the challenges that online voting may present to Election Observation.

Lawyer, Cyber Security and Privacy maven Liz Wharton regales us with tales of her hand-to-hand combat experience with the Atlanta Ransomware of 2018, and then unfolds the current state of facial recognition in all its manifold splendor. (And we didn’t even get to cover the security of drones, yet another of her areas of expertise.) Also: the latest update on a voting app failure (no, not that one), and what a new ransomware variant demands — full disclosure . . . it’s full disclosure. As Liz would say, “Shut the front door!” — it’s a wild ride on this episode of Mistaken Identity.

Loma Miller joins us to talk about the “customer experience” (16:31)— from pizza to haircuts to University of Michigan Football (yes, we covered a lot of ground.) Hannah Giles and Natalie Reina cover the headlines (2:38), which include a return to prominence by Ashley Madison, how Twitter can allow others to see your phone number without your consent, and the impact of the Coronavirus on an inbox near you. Finally, Loma runs the gauntlet of a new segment: “10 Questions.” It’s a cornucopia of coverage on this episode of Mistaken Identity. [Our producers have asked us to note, without editorial commentary, that Michigan went 9-4 this past year.]

Head over to our new Trust Issues podcast to get this weekly news update. Available wherever you get your podcasts!

Amidst the current heatwave, David Lee and Mike Kiser review the late summer identity landscape. They (well, Mike) propose a strategy for paying for the recent series of compliance-related fines by eliminating the entire public relations department, contemplate four days in a Dominican jail with John McAfee, and explore what the future holds sans Botox via the recent FaceApp debacle. [Note: no privacy terms were harmed in the recording of this podcast.] Although we’ve used this label before, this is a “very special” episode, as is it's David’s final time hosting Mistaken Identity; the cast and crew wish him well in his new adventure. Have no fear, though, faithful listener — Mistaken Identity will continue to inform and delight with all things identity, like a cold spring-fed pool in the heat of a late Austin summer. (And yes, we’re taking the rest of the day off to go jump in Barton Springs.)

Mistaken Identity | Identiverse 2019: A Capitol Affair by Mike Kiser

David Lee and Mike Kiser take you “live” to Navigate 2019 in beautiful Austin, TX in this very special episode of Mistaken Identity. Dr. Jen Golbeck explores the ethical issues that we face as we seek to employ algorithms and identity, VP of Product Management Rick Weinberg discusses the future of predictive identity, and SVP of Software Mike Siegel lays out a strategy for being an identity advocate in your organization. The episode wraps up with a description of what the Golden State Warriors can do to avoid an NBA Finals loss to the Toronto Raptors. (Spoiler alert: basically not much — congrats, Canada!) As a final note — your ears do not deceive you — we’re in the process of upgrading our podcasting equipment: so sit back and enjoy an enhanced version of the dulcet, silky tones of David’s sonorous voice (and endure Mike’s helium-inspired staccato as well).

If you weren’t able to make it San Francisco in early March for the RSA Conference, fear not — your intrepid men on the street, David Lee and Mike Kiser, traveled the highways and byways of the Bay Area to delve deep into the heart of the Moscone Center. Learn what it was like to be a part of the small temporary city that convenes once a year in the city by the Bay. Also discussed: the joy of fake online dating to defraud the lonely, the Mirai botnet invades the enterprise, and the details of the latest (at the time of recording) Facebook security disclosure. You’ll have to wait until the next podcast, however, to find out if Mike escapes from the large shipping container that he apparently found himself in.

It’s hard enough to separate the malicious actors from the valid users in today’s environments without also having to separate humans from the malware itself. Mistaken Identity’s David Lee and Mike Kiser explore the coming reality in which exploits are hard-coded into the DNA of humans. Also discussed – the Chrome browser helps with password hygiene, FaceTime showing call previews without consent, and then we plumb the depths of the evil that lurks within Super Mario. Tip your waiters, try the veal, and stay for the sojourn into the dystopian future.

The phrase, “probably worth a google” takes on a whole new shade of meaning as Mistaken Identity explores the fourth fine levied under GDPR. Google was fined $57 million for inadequate user consent by a French data privacy agency. Is this the “big one” that people have been waiting for to show that privacy regulation has the power to change corporate behavior? Sit back while David Lee and Mike Kiser discuss the potential implications for Google and what is front of mind for organizations today. We celebrate Data Privacy Day as we also discuss whether collecting biometrics causes harm, a Dutch surgeon’s right to be forgotten, and a massive mortgage database breach. (And you thought that high property taxes and those pesky neighborhood kids were your biggest concerns as a homeowner.)

Describe the next year in identity in one word.” David Lee and Mike Kiser take up this challenge as they forecast the coming twelve months. (Spoiler alert: the episode is 34 minutes long, so apparently there was more to say than a single term.) Headlines include: newspaper printing presses stopped by ransomware, how to see your neighbors’ security camera footage, and the meltdown/spectre vulnerability one year later. The discussion closes with an opportunity to watch a Swedish film in a coffin. Start your aural 2019 journey with a new episode for a new year.

This episode is all about thankfulness. David Lee and Mike Kiser recount their blessings and what the security community as a whole has to be thankful for during this (United States-centric) holiday. (It’s a rather long list.) Headlines include: bots booking cross-country flights, a cybersecurity czar who’s never used a computer, and the creation of “master” fingerprints that can unlock biometric-based security. Round out this food-based holiday season with a long-winded story about how it is (or isn’t) possible for the human body to consume a gallon of milk in an hour.

David Lee and Mike Kiser are joined by a cast of thousands as Mistaken Identity broadcasts on-site from Navigate Europe in Barcelona, Spain in this week’s episode. Experience the excitement of Navigate, the passion for identity, the noise of the Navigate expo, the intricacies of rhythmic dancing, and the Mediterranean lifestyle. Spoiler alert: no boats were used in the production of this podcast.

With apologies to Friday Night Lights, David Lee and Mike Kiser welcome back Darran Rolls, CTO and CISO of SailPoint, to discuss the central role that identity plays in implementing zero trust security models: to fully embrace zero trust, a comprehensive concept of identity is essential. Headlines include the well-orchestrated response by British Airways to a recent incident, the “view as” issue with Facebook, and the alleged story of motherboard espionage from Bloomberg. Pour yourself a lovely beverage, join us for a lively discussion, and, finally, discover the one celebrity you should never search for (unless you’re a fan of malware.)

Wendy Nather (twitter: @wendynather) joins David Lee and Mike Kiser as they explore the interplay of trust and security. We examine the implications of what John Kindervag termed the “zero-trust model” — and the subsequent security architectures they have spawned: Google’s BeyondTrust and Duo Beyond, for example. A lively discussion of the current state of representation (a reflection of trust) within the security industry follows. Headlines range from a new Apache Struts vulnerability, ATT being sued for $200 million for a cryptocurrency theft, and privacy regulation that is coming to you in five years (or fifty, depending on who you ask.)

Who’s at fault when a phishing attack succeeds twice in a row? Guest Lemuel Williams joins David Lee and Mike Kiser as they argue the ins and outs of cyber insurance in the real-world case of a bank breached twice in quick succession—and a cyber insurer that refuses to pay. The Broadcom acquisition of CA, why AI is doomed to fail in cybersecurity, and the saga of car technology stolen from Apple—only to be recovered just before the thief boarded a plane, and the looming death of Mike’s air condition-less car are also discussed.

Wrapping up their sojourn in the far Northeastern Territories known as Massachusetts, David Lee and Mike Kiser corner Ian Glazer in a dark corner of Identiverse and implore him to hold forth on all things IDPro (among an amalgamation of other topics). This, it turns out, is not a difficult thing to do. Also discussed: a large healthcare breach in Singapore that targeted the medicine cabinet of the Prime Minister, the London Protocol’s attempt to reduce phishing, and how to make your security startup idea profitable in one easy step. Bask in the final glow of the dying embers of Identiverse and relive David and Mike’s short stay on the Green Monster in Fenway Park.

David Lee and Mike Kiser continue their discussions in Boston at Identiverse 2018. They catch up with Madhu Mahadevan, Sr. Manager, Strategic Technical Alliances at Okta, and continue their dialogue with Richard Bird of Optiv. The discussion revolves around noteworthy sessions, with a particular emphasis on open banking and financial services—a facet of security unavoidable by any enterprise that uses currency (that would be all of them.) The impact of GDPR-like regulation on security practice (and its potential adoption by the United States), the potential of competition to dampen security efforts, and the potential for millennials to drive security adoption come up in the course of thirty minutes of lively banter from the expo floor. Also covered: Microsoft’s calls for regulating facial recognition technology, spearfishing as the not-so-surprising method for nation state attacks, and why your trip to the library might wind up at a bowling alley or another unintended destination. We wrap up with a brief discussion of the World Cup and David’s new-found love for fútbol.

In June 2018, the world found its focus split between two events that might alter the fate of nations: the World Cup in Moscow and Identiverse in Boston. David Lee and Mike Kiser, noting the relative lack of media coverage for one of the preeminent identity gatherings of the year, journeyed to the fair city of Boston to rectify this wrong. In this episode of Mistaken Identity, they have an in-depth discussion with Optiv’s Richard Bird about how identity in the digital world must mirror the physical world, whether the CMO should own identity, how social identity can be the source of truth, and how the Beastie Boys’ “Sabotage” can enable audiences to receive new ideas. Headlines include cryptomining as the new hotness, an epic marketing-based breach, and how California is attempting to ensure that you have the right to be forgotten. Finally, Mike argues for worldwide adoption of “Collective Restoration.” Needless to say, it was an epic week up in Massachusetts. (Note: no locals were (permanently) harmed in the production of this episode.)

“Technology is, of course, a double-edged sword. Fire can cook our food but also burn us.” David Lee and Mike Kiser examine the idea that every company is a technology company, replete with the opportunity and the danger that presents. Every business—from bakeries to gas stations—can benefit from secure technology adoption (but please don’t internet-enable that next round of ciabatta.)  The latest cyber insurance policy, planes being attacked from the ground with malware, why your DNA may now be on the dark web, and the home assistant that turns out to be a terrible gossip. Bonus: find out what makes Mike so hot and relive David’s experience as a late adopter.

Ah, the beginning of summer in Austin, Texas: the heat returns, the bats take flight nightly as the sun sets, and Navigate unfolds in all its splendor. Austin becomes consumed with discussions about Identity—in the coffee shops, in the barbershops, and in the various saloons that dot our fair city. Recorded live from the Navigate ballroom at the JW Marriott, relive the highs, the lows, and everything in between. Headlines this week include: a potential bypass for 2FA from former Navigate Speaker Kevin Mitnick, a flaw in PGP email, and the U.S. Government eliminates the position of Cybersecurity Coordinator. This week’s bonus activity: wager with friends over what the headline censored by “habitual-fun-stealer” Jess Sutera actually was!

Ah, springtime. The birds are chirping, the flowers are in bloom, and the annual RSA conference roars into San Francisco. Join David Lee and Mike Kiser as they review a week full of identity, security, and networking. It’s the next best thing to spending 30 hours walking around the Moscone Center searching for swag. Also explored: supersized security salaries, the Democratic National Committee files a hacking-related lawsuit against almost everyone, and the new hotness: digital identities. Now with 37% more “pew-pew” maps!

Is there a fundamental right to privacy—and if so, what does it look like practically? David Lee and Mike Kiser explore privacy and the right of end users over their own personal data in the wake of recent news about the reselling of personal data to third parties on the series of tubes that we know as the interwebs. How can security practitioners effectively yell “I am Spartacus!” on behalf of their users. Also discussed: Android users’ call and text data mined by Facebook, 1.5 billion files with sensitive data out there for the taking, and how the Verizon Data Breach Investigations Report highlights ransomware as the leading type of malware.

It’s easy to theorize about security, but the people putting identity programs into practice know firsthand what works and what should be discarded like yesterday’s newspaper Twitter feed. David Lee and Mike Kiser welcome Jom John, Managing Director of simplexiam, the first in a series of discussions with identity implementers about what they’ve seen and heard in the “real world.” Also discussed: Crumple-zone decryption, Facebook data reuse, new SEC insider trading regulations involving breach awareness, and the parallels between marriage and identity governance (“What identity has joined together, let no one separate.”)

Robotic Process Automation (RPA) dominates the discussion in this episode of Mistaken Identity. David Lee and Mike Kiser explore the risks and rewards of the looming robot takeover—and how identity is the key to success in both naval warfare and securing automated bots. Also discussed: valid certificates obtained through stolen credentials, a “friend of the show”—the Mirai botnet—finds a new attack vector, and we wonder whether or not marketing knows what we ate for breakfast (they do now.) Finally, we close with an argument for seeing as many movies in the theater as possible.

Ok, so you have the largest data lake in the hemisphere, but now what do you do with it? David Lee and Mike Kiser welcome Gianni Aiello to explore how big data can be triaged even while the first few rounds of analytics begin to surface answers to pressing questions. In other news, Facebook wants to scan your driver’s license, voice authentication can now be used to accelerate customer service, and secret military locations are revealed through personal fitness. (Another reason to not leave the couch this week!)

Artificial Intelligence can be the perfect tool, but it is created and wielded by imperfect people. What guardrails can be put into place to prevent it from merely mirroring our own biases and prejudices? David Lee and Mike Kiser explore the dark side of algorithms gone awry. Also examined: browser plugin hijacking, software that attempts to predict crime (and fails), and why David can’t find a painting that looks like him through Google’s Art Doppelganger app.

2018 is here—with an opening salvo that underscores the need for security in every layer, all the way down to silicon. We delve into the world of Spectre and Meltdown, attempt to explain it with a non-technical analogy, and then explore what it means for both chip vendors and the security industry as a whole. Another billion user breach and the current status of IoT preparedness are also in the mix, along with a potential “whistlestop” train trip to the Identiverse conference with an identity-centric case of . . . tens? hundreds? thousands? (We’re gonna need a bigger train.)

As 2018 arrives, David Lee and Mike Kiser welcome Chief Strategy Officer Kevin Cunningham and Chief Executive Officer Mark McClain as we review what occurred in 2017—and what it portends for the coming year. What has changed in the landscape in the last twelve months? How will identity continue to expand its influence in the coming year? Answers to these questions, the influence of Minecraft on malware, net neutrality, and the holiday season’s impact on cybersecurity are all in play on an end-of-the-year episode of Mistaken Identity. Finally, we wrap up with a hard-hitting analysis of holiday movies and their relevance to the season.

Over the past year, the importance of security has entered the consciousness of the general public in a new way. No longer having to fight as hard for attention, the security community now has a unique opportunity to seize the moment; what should be done? David Lee and Mike Kiser seek to answer this question and more in this episode of Mistaken Identity. Also discussed: bots taking over your holiday shopping, DDOS attacks on the rise, and the FBI, Europol and Microsoft team up to shut down a malware operator (“Teamwork makes the dream work.”)

In a quick flashback, David Lee and Mike Kiser review what took place at the recent Gartner IAM Summit in Las Vegas in the latest edition of Mistaken Identity. A high-level overview of the event (from the sessions, the expo, and the associated after parties) is preceded by a discussion of the recent acquisitions of SkyHigh and Barracuda Networks, the latest OWASP Top 10, and the new United States IOT security legislation called ‘Goldilocks.” The episode concludes with a frank discussion of proper condiments to accompany sandwich and sandwich-like foodstuffs.

In this episode, the Mistaken Identity podcast takes on security awareness. David Lee and Mike Kiser examine how to promote a security mindset the “humane way”—without the endless infomercials and educational materials created in the mid 1980s that organizations all too often use internally. The latest malware is discussed, including Bad Rabbit and the lurking Reaper Botnet, and we review the recent Estonian national ID issues. The podcast wraps up its examination of awareness with a modest proposal for the best use of misinformation campaigns on social media (“aka fake news”).

The Mistaken Identity podcast is pleased to present a very special episode from our archives: David Lee and Mike Kiser welcome current CIO Kevin Hansel and CTO/CISO Darran Rolls as they discuss how the relationship between CIOs and CISOs affects the security of today’s organizations. Cyber Security Awareness month is reviewed, as are the latest US investments in security. Finally, the episode concludes with advice for our younger listeners on how to guarantee future success in cybersecurity via a different path — one without a technical or business degree.

David Lee and Mike Kiser take SailPoint’s Mistaken Identity podcast to Amsterdam this week. Recorded live from various Navigate locations, we discuss identity and its impact with a European focus. The discussion revolves around current consumer awareness of GDPR, cybersecurity insurance, and the power of deceit to protect consumer identity. Pour a glass of your favorite beverage and take your spot at the table (or on the boat) and immerse yourself in the Navigate experience. Bonus content includes a definition of the difference between bison and buffalo, lamb’s ears pastry construction, and the proper bear to dog ratio for wilderness adventures.

David Lee and Mike Kiser are back with SailPoint’s Mistaken Identity podcast, and in this episode we examine the looming General Data Protection Regulation (GDPR). We attempt to define it and call out challenges that are rapidly coming to organizations that interact with European users. Also discussed are legal ramifications of one of the largest breaches of all-time and a technique to know what your coworker is typing—using only the sound—while you speak to them on Skype. Finally, now that summer is over, we discuss the pros and cons (spoiler alert: mainly cons) of Pumpkin Spice.

David Lee and Mike Kiser are back with SailPoint’s Mistaken Identity podcast, and this week we explore the uncharted region of blockchain. We sort through headlines to find applications for identity governance, along with the latest headlines, including the use of odor as biometric authentication and the charges brought against the WannaCry security researcher hero. We end with the classic back-to-school essay, “What I did this Summer.”

David Lee and Mike Kiser are back with SailPoint’s Mistaken Identity podcast, and this week is all about things that end in “BAC:” ABAC, RBAC, PBAC, and Maybach. The pros, cons, and speed of each access control model are in play, along with the latest headlines: NotPetya malware, a potential cyber partnership between Russia and the United States, and the weaponization of the Internet of Things at BlackHat. Startup proposals conclude the discussion (a nod to venture capitalist listeners looking for the next “Big Thing.”)

On a “very special episode,” David Lee and Mike Kiser host a “live” podcast from the SailPoint Lounge at Navigate. This episode puts you in the center of the action at this year’s conference. Sit around the table as we explore Navigate 2017: discover secrets of dominating the conference app leaderboard with Jeff Gagne, consider what Robotic Process Automation (RPA) and the Internet of Things (IoT) means for identity and security, hear attendee reactions to the conference keynotes, and learn the definition of “autocratic.” (Recorded on-site from “Hot and Nice” downtown Austin.)

David Lee and Mike Kiser are back with SailPoint’s Mistaken Identity podcast. On the table this week: WannaCry ransomware, the Executive Order on Cyber Security, the Verizon DBIR 2017 report, and a very special guest: Joe Gottlieb, Senior Vice President, Corporate Development. Joe shares his thoughts on identity and its place in the security industry, and we reminisce about Navigate past, present, and future. A must listen for anyone eagerly awaiting SailPoint Navigate 2017.

David Lee and Mike Kiser discuss the latest in security in SailPoint’s Mistaken Identity podcast. On the table this week: the Google Docs phishing scam (alarming), ransomware predictions (prophetic), and a discussion of the current usefulness (or not) of the password. Can the famous quote attributed to American Humorist Mark Twain apply here— “Reports of its death are greatly exaggerated?” Also, we mourn the untimely passing of our newly-created twitter account.

SailPoint’s Mistaken Identity podcast returns with David Lee and Mike Kiser as hosts This episode’s topics include: OWASP Top 10 Revisions, a breach involving 20,000 consumer passwords, an in-depth analysis of analytics, the top five movies of all-time identified, and an update on the hacker named “Forb.”

SailPoint's Mistaken Identity podcast returns with David Lee and Mike Kiser as hosts. Guests include SailPoint CTO, Darran Rolls and SailPoint Sr. Director of Product Management, Rick Weinberg. This weeks topics include: cloud bleed, SHA-1, U.S. Justice Department actions, revealing long-lost hacker names.

The SailPoint podcast - featuring David Lee and Mike Kiser. Today's discussion, RSA 2017.