Podcasts about Identity management

In this episode of Security Matters, host David Puner sits down with Eric Olden, co-founder and CEO of Strata Identity, and a pioneer in modern identity management. Eric shares his career journey, from founding Simplified to leading Oracle's global identity division, and discusses the critical importance of resilience in identity systems.Discover how organizations can eliminate single points of failure, test their backup plans and ensure their digital operations remain robust even in the face of unexpected outages. Eric also delves into the concept of identity orchestration, explaining how it can unify multiple identity systems and enhance security.Tune in to learn about the latest trends in identity management, including the intersection of AI and identity, and gain insights into how businesses can proactively assess and mitigate risks associated with identity outages.Don't miss this engaging conversation filled with practical advice and forward-thinking strategies to help safeguard your organization's identity infrastructure.

In this episode of the Programmatic Digest Podcast, Shannon Rudd and Allie Lichtenberg joined us to talk about their experience at the AdTech Economic Forum, an event created by Rob Beeler and Tom Triscari. Allie shared how excited she was to win a free ticket, showing how helpful it is to give new professionals chances to grow. Shannon talked about how the forum felt welcoming and praised the organizers for including different voices, especially in talks about money and business deals in ad tech. They also discussed big changes happening in the ad tech world — like how people's online behavior is changing and how AI is starting to play a bigger role in making money from content. They mentioned smart ideas from speakers like Andrew Casale about how DSPs and SSPs are changing.  We also celebrated how important community is, especially groups like the Women in Programmatic Network and A very special Thank You to Advance Women for bringing this together. Shannon and Allie talked about how male allies can help support women in ad tech and why that's so important.    Announcement   We have opened The Reach and Frequency MEMBERSHIP, exclusive to programmatic ninjas, adops, adtech unicorns looking for a community where we can learn freely and judgement free.  https://programmaticdigest14822.ac-page.com/executivemembership    About Us: We teach historically excluded individuals how to break into programmatic media buying and land their dream jobs. Through our Reach and Frequency® program, an engaged community, and expert coaching, we offer: Programmatic L&D Support: A monthly retainer providing hands-on training, strategy, and troubleshooting for programmatic teams. Book a Discovery Call: https://www.heleneparker.com/workshop/ Programmatic Training & Coaching: Executive Membership: for the busy mid-level to senior or director-level programmatic ninja looking for a structured, high-impact way to stay ahead of evolving trends, sharpen your optimization skills, and connect with like-minded experts Join Here: https://programmaticdigest14822.ac-page.com/executivemembership    Accelerator Program: A 6-week structured program with live coaching, hands-on DSP exercises, and real-time feedback. Sign Up: https://reachandfrequencycourse.thinkific.com/courses/program   Self-Paced Course: Learn at your own speed with full content access. Enroll Here: https://reachandfrequencycourse.thinkific.com/bundles/the-reach-frequency-full-course   Timestamp: (00:02) - AdTech Economic Forum Takeaways (06:25) - AdTech Industry Insights and Trends (15:43) - Evolving AdTech Measurement and Diversity (30:40) - Empowering Women in AdTech Networking (34:50) - LinkedIn Networking and Engagement     Meet Our Guest: Allie Lichtenberg https://www.linkedin.com/in/allisonmottolalichtenberg/  Shannon Rudd https://www.linkedin.com/in/srudd/ Meet The Team: Hélène Parker - Chief Programmatic Coach https://www.heleneparker.com/  https://www.linkedin.com/in/helene-parker/ Learn Programmatic As a TEAM: https://www.heleneparker.com/workshop/  As a Programmatic Ninja: https://www.heleneparker.com/course/ Programmatic Coaching Newsletter:https://www.heleneparker.com/newsletter/    Programmatic Digest https://www.linkedin.com/company/programmatic-digest-podcast https://www.youtube.com/@programmaticdigest    Manuela Cortes - Co-Host  Programmatic Digest In Espanol  https://www.linkedin.com/in/manuela-cortes-/   Looking for programmatic training/coaching?  Sign up to our Accelerator Program: A 6-week structured program with live coaching, hands-on within DSP(s) exercises, and real-time feedback—perfect for those who thrive on accountability and community, and looking to grow their technical skillset https://reachandfrequencycourse.thinkific.com/courses/program  Self-Paced Course: Full access to course content anytime, allowing independent learners to study at their own speed with complete flexibility. https://reachandfrequencycourse.thinkific.com/bundles/the-reach-frequency-full-course  Join our next workshop by signing up to our waitlist below: https://www.heleneparker.com/waitlist/

In this episode of Cybersecurity Today, host Jim Love covers important security updates and warnings including critical flaws in WinRAR, a patch for a high severity zero-day vulnerability in Windows CLFS, and a security vulnerability in WhatsApp's Windows desktop application. He urges users to update their software to protect against exploits. Additionally, Jim discusses Identity Management Day and the concerning findings from an OKTA survey revealing Canadians' growing worries about identity theft. He announces his plan to create a special segment on new identity solutions to address these concerns. The episode also includes a shout-out to the BSides Calgary event for information security professionals. 00:00 Introduction and Event Announcement 00:51 Critical Flaws in Compression Utility 03:33 Microsoft Patches Zero-Day Exploits 05:01 WhatsApp Security Vulnerability 06:46 Identity Management Day Insights 10:13 Conclusion and Contact Information

Join Jeff and Jim in this episode of the Identity at the Center Podcast as they delve into the upcoming Identity Management Day 2025. Featuring guest Jeff Reich, Executive Director at the Identity Defined Security Alliance (IDSA), this episode unpacks the significance of non-human identities, AI in identity management, and the existential questions surrounding identity. The discussion covers upcoming events, awards, and what to expect from Identity Management Day, while also exploring the potential impact of Quantum Computing. Don't miss out on this in-depth conversation that combines humor with profound insights into the evolving landscape of identity management.Chapters00:00 Introduction and Identity Concerns01:30 AI and Podcasting01:59 AI Limitations and Future05:41 Conference Announcements07:30 Identity Management Day 202509:35 Global Identity Trends18:39 Existential Identity and AI27:29 The Concept of Identity in Technology28:05 Machine Identity and Its Implications29:30 Human vs. Machine Identity31:07 The Future of Identity with AI and Quantum Computing38:13 Identity Management Day Awards45:17 Fun and Lighthearted Discussion51:35 Conclusion and Final ThoughtsConnect with Jeff: https://www.linkedin.com/in/jreich/Learn more about the IDSA: https://www.idsalliance.org/Register for Identity Management Day 2025: https://www.accelevents.com/e/Identity-Management-Day-2025-Virtual-ConferenceConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords: Identity Management, AI, Non-Human Identities, Identity Defined Security Alliance, IDSA, Quantum Computing, Identity Management Day 2025, Identity at the Center Podcast.

Episode #169 with Dare Odumade, CEO of Chekkit Technologies and contributor to the recently published book Thrive: Mastering E-commerce the African Way published by the Africa Retail Academy at Lagos Business School.Dare Odumade is at the forefront of supply chain innovation in Africa through his work with Chekkit Technologies, a company on a mission to protect consumers, build brand trust, and eliminate counterfeit products across the continent. As a key voice in the chapter Enhancing E-commerce Efficiency in Africa: The Role of Product Digital Identity Management, Dare offers a bold vision for how digital product identity can transform African commerce.In this episode, we explore how Chekkit is reshaping e-commerce in Africa, from solving the "what I ordered versus what I got" dilemma and improving logistics infrastructure to empowering consumers with real-time product verification and driving loyalty through smart technology solutions.What We Discuss With DareThe pivotal moment that highlighted the urgent need for supply chain transparency in Africa.The key message behind the chapter “Enhancing E-commerce Efficiency in Africa” and how product digital identity management plays a crucial role.How Chekkit functions as a real-world tool to trace and share the story of a product's supply chain from origin to consumer.How Chekkit supports manufacturers in reclaiming market share by combating counterfeit products through supply chain transparency.The resistance faced from industries hesitant to digitise their supply chains and how Chekkit addresses those challenges.Did you miss my previous episode where I discuss The Structural Changes Required To Build Resilient Diagnostics and Healthcare Systems in Africa? Make sure to check it out!Like this show? Please leave us a review here -- even one sentence helps!Connect with Terser:LinkedIn - Terser AdamuInstagram - unlockingafricaTwitter (X) - @TerserAdamuConnect with Dare:LinkedIn - Dare OdumadeTwitter (X) - @ChekkitappDo you want to do business in Africa? Explore the vast business opportunities in African markets and increase your success with ETK Group. Connect with us at www.etkgroup.co.uk or reach out via email at info@etkgroup.co.ukSubscribe to our newsletter for exclusive content, behind-the-scenes insights, and bonus material - Unlocking Africa Newsletter

What happens when you lose your private key on Nostr? In this episode of the Juan Galt Show, we sit down with developers Topher Scott and Austin from Pleb Lab to talk about FROSTR—a new protocol that uses Bitcoin-style multi-sig cryptography (FROST) to secure your identity on Nostr.From the philosophy of owning your digital identity to the real-world problems of key loss, key rotation, and safe authentication, this episode goes deep on how Fostr works, what makes it different, and why it's a crucial step forward for decentralized social media and Bitcoiners alike.Connect with Juan Galt on Nostr: https://primal.net/p/nprofile1qqsrwtdqwltr2dps7dpatpfas5c3k07jwqvdt2pm3sdnj7uj2x8v0tqznatusFollow Juan Galt on X: https://x.com/JuanSGaltRead his work in Bitcoin Magazine: https://bitcoinmagazine.com/authors/juan-galt

At ThreatLocker Zero Trust World 2025 in Orlando, Art Ocain, VP of Cybersecurity & Incident Response at Airiam, shared valuable insights into applying zero trust principles to incident response. The conversation, hosted by Marco Ciappelli and Sean Martin, highlighted the critical role of zero trust in preparing for and managing security incidents.The Zero Trust Mindset in Incident Response Ocain discussed how zero trust methodology—embracing the principles of "assume breach" and "always verify, never trust"—can significantly enhance incident response strategies. Instead of merely securing the perimeter or endpoints, his approach involves identifying and protecting core systems through micro-segmentation and robust identity management. By securing each component individually, organizations can minimize the impact of potential breaches.For example, Ocain described a scenario where segmenting a SQL server from an application server could prevent data loss during an attack. Even if an application server is compromised, critical data remains secure, allowing quicker recovery and continuity of operations.Dynamic Containment Strategies Ocain emphasized the importance of dynamic containment when responding to incidents. Traditional methods, such as using Endpoint Detection and Response (EDR) tools, are effective for forensic analysis but may not stop active threats quickly. Instead, he advocated for an "allow list only" approach that restricts access to systems and data, effectively containing threats while maintaining critical business functions.In practice, when Ocain is called into a crisis, he often implements a deny-by-default solution to isolate compromised systems. This strategy allows him to perform forensics and bring systems back online selectively, ensuring threat actors cannot access recovered systems.Balancing Security with Business Needs A significant challenge in adopting zero trust is gaining executive buy-in. Ocain noted that executive teams often push back against zero trust measures, either out of a desire for convenience or because of misconceptions about its impact on business culture. His approach involves demonstrating real-world scenarios where zero trust could mitigate damage during breaches. By focusing on critical systems and showing the potential consequences of compromised identities or systems, Ocain effectively bridges the gap between security and business priorities.A Cultural Shift Toward Security The discussion also touched on the cultural shift required to fully integrate zero trust into an organization. Zero trust is not just a technological framework but a mindset that influences how every employee views access and security. Through scenario-driven exercises and engaging executive teams early in the process, Ocain helps organizations transition from a "department of no" mentality to a collaborative, security-first culture.Listen to the full episode to explore more strategies on implementing zero trust in incident response and how to align security initiatives with business goals.Guest: Art Ocain, VP of Cybersecurity & Incident Response at Airiam | On LinkedIn: https://www.linkedin.com/in/artocain/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

At ThreatLocker Zero Trust World 2025 in Orlando, Chase Cunningham, often referred to as “Dr. Zero Trust,” delivered a thought-provoking session titled The Grand Delusion. The event, filled with IT professionals, managed service providers (MSPs), and small to midsize business (SMB) leaders, provided the perfect backdrop for a candid discussion about the state of cybersecurity and the real-world application of Zero Trust strategies.Challenging the Status QuoCunningham emphasized the need for businesses to adopt realistic cybersecurity practices that align with their resources and needs. He pointed out the pitfalls of smaller organizations attempting to emulate enterprise-level security strategies without the necessary infrastructure. “Cyber shouldn't be any different” than outsourcing taxes or other specialized tasks, he explained, advocating for MSPs and external services as practical solutions.Zero Trust as a Strategy, Not Just a TermThe session underscored that Zero Trust is not merely a buzzword but a strategic approach to security. Cunningham stressed the importance of questioning the validity of industry claims and seeking concrete data to support cybersecurity initiatives. He encouraged attendees to avoid being “delusional” by blindly accepting security solutions without a critical evaluation of their impact and effectiveness.Actionable Steps for Small BusinessesCunningham shared practical advice for implementing Zero Trust principles within smaller organizations. He recommended focusing on foundational controls like identity and access management, micro-segmentation, and application allow and block lists. He noted that achieving security is a journey, requiring a structured, strategic approach and an acceptance that immediate results are unlikely.The Future of Zero TrustLooking ahead, Cunningham expressed optimism about the continued evolution of Zero Trust. He highlighted its growing global significance, with his upcoming engagements in Taiwan, Colombia, and Europe serving as evidence of its widespread adoption. Ultimately, he framed Zero Trust as not only a business imperative but a fundamental human right in today's digital world.Tune in to this episode to hear more insights from Chase Cunningham and explore what Zero Trust means for businesses of all sizes.Guest

IT and security teams are under constant pressure to streamline operations while maintaining strong security and compliance. In this Brand Story episode, Chase Doelling, Principal Strategist at JumpCloud, shares insights from the company's latest SME IT Trends Report. The discussion highlights key trends, challenges, and opportunities that IT teams face, particularly in small and medium-sized businesses (SMBs).The Role of IT in Business OperationsDoelling emphasizes the increasing responsibility placed on IT teams. Historically seen as cost centers, IT and security functions are now recognized as critical to business success. More organizations are merging IT and security efforts, ensuring that security considerations are built into every decision rather than being addressed reactively.A major takeaway from the report is the shift toward decentralization in IT decision-making. Departments are increasingly adopting tools independently, leading to an explosion of software-as-a-service (SaaS) applications. While this autonomy can boost efficiency, it also creates risks. Shadow IT—where employees use unauthorized tools—has become a top concern, with 88% of organizations identifying it as a risk.AI, Security, and IT InvestmentThe report also reveals a growing divide in AI adoption. Organizations are either moving aggressively into AI initiatives or staying completely on the sidelines. Those embracing AI often integrate it into security and IT operations, balancing innovation with risk management.Budget trends indicate that IT spending is rising, with security tools accounting for a significant portion. The need for robust cybersecurity measures has pushed organizations to prioritize visibility, access management, and compliance. A notable shift is occurring in remote and hybrid work models. While remote work surged in previous years, only 9% of organizations now report being fully remote. This return to office environments introduces new IT challenges, particularly in managing networks and devices across hybrid workplaces.How JumpCloud Supports IT TeamsJumpCloud's platform simplifies IT and security operations by unifying identity and access management, device management, and security policies. One key challenge IT teams face is visibility—knowing who has access to what systems and ensuring compliance with security policies. JumpCloud's approach allows organizations to manage users and devices from a single platform, reducing complexity and improving security posture.An example of JumpCloud's impact is its ability to detect and manage SaaS usage. If an employee tries to use an unauthorized tool, JumpCloud can guide them toward an approved alternative, preventing security risks without stifling productivity. This balance between security and efficiency is essential, particularly for SMBs that lack dedicated security teams.Looking Ahead: IT and Security ConvergenceDoelling teases upcoming research that will explore the relationship between IT and security teams. With these functions blending more than ever, organizations need insights into how to align strategies, resources, and budgets effectively.For IT and security professionals navigating a landscape of increased threats, shifting work environments, and AI-driven innovation, the insights from JumpCloud's research provide a valuable benchmark. To gain a deeper understanding of these trends and their implications, listen to the full episode and explore the latest SME IT Trends Report.Note: This story contains promotional content. Learn more. Guest: Chase Doelling, Principal Strategist, JumpCloud [@JumpCloud], On LinkedIn | https://www.linkedin.com/in/chasedoelling/ResourcesLearn more about JumpCloud and their offering: https://itspm.ag/jumpcloud-pg7zTo download the SME IT Trends Report: https://itspm.ag/jumpcljqywCatch more stories from JumpCloud at https://www.itspmagazine.com/directory/jumpcloudAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

In this episode of McKinsey on Building Products, host Rikki Singh and Arnab Bose, Chief Product Officer, Okta Platform, discuss the transformative impact of AI on cybersecurity and identity management. They explore the challenges of adopting AI in security solutions, the importance of a robust strategy for identity management, and how organizations can safely adopt AI agents.See www.mckinsey.com/privacy-policy for privacy information

Lex interviews Arun Kumar, the CTO of Socure, an identity management and risk assessment company. In this exciting episode, Arun touches on: (1) his experience building large-scale, high-throughput, and low-latency systems at companies like Amazon and Citadel, and how he applies that expertise to the identity verification and fraud detection challenges at Socure. (2) Socure's rapid growth, serving over 2,700 customers including 9 of the top 10 U.S. banks and over 30 state agencies, processing hundreds of millions of transactions per month. (3) Socure's approach to building a real-time identity graph by aggregating signals from devices, phone numbers, IPs, and other data points to detect and prevent sophisticated fraud tactics like deepfakes and fraud GPTs. (4) The company's recent acquisition of Effectiv to simplify the integration process for customers and improve efficiency, as well as its use of Generative AI to automate various tasks. Lastly, (5) Socure's future plans to expand beyond account opening and login into transaction monitoring, as well as exploring opportunities in the growing embedded finance and digital identity spaces. MENTIONED IN THE CONVERSATION Topics: Socure, Effectiv, Citadel, Amazon, Identity management, digital identity, generative AI, deepfakes, fraud prevention, machine learning, identity verification ABOUT THE FINTECH BLUEPRINT 

In this episode of HIPcast, Megan Pruente, shares her experience in the patient identity management domain of Health Information. We also talk about AI and how HI Professionals can utilize AI tools in everyday life. #HIPcast with Shannan and Seth.

Dave Sobel engages in a thought-provoking conversation with Jon Murchison, CEO of BlackPoint Cyber, about the current state of cybersecurity policies and practices. They discuss the initiatives surrounding "secure by design" and "secure by default," emphasizing the challenges faced by managed IT service providers in implementing these ideals. Jon expresses skepticism about the immediate impact of these policies on the ground level, noting that while they are well-intentioned, they often fall short of practical application in real-world scenarios.The discussion shifts to the dynamics of responsibility and liability within the cybersecurity landscape. Jon highlights the disparity between software vendors and service providers regarding accountability when security breaches occur. He argues that while security providers should be held liable for secure code design and regular penetration testing, the complexities of cybersecurity make it difficult to assign blame definitively. This nuanced perspective underscores the need for a balanced approach to liability that encourages innovation without stifling progress.As the conversation progresses, Jon shares his insights on the Cybersecurity Maturity Model Certification (CMMC) and its potential as a broader standard. He acknowledges the foundational value of existing frameworks like NIST and ISO but critiques their lack of practical guidance for organizations. Jon advocates for a more prescriptive approach that focuses on actionable steps for hardening security measures, rather than vague compliance requirements that can lead to checkbox exercises.Finally, Jon emphasizes the critical importance of identity management in cybersecurity. He explains how threat actors have evolved their tactics, often exploiting legitimate credentials to navigate networks undetected. The episode concludes with Jon discussing the future of posture management and the need for improved security measures around automation, highlighting the ongoing challenges and opportunities in the ever-evolving cybersecurity landscape. Supported by: https://www.coreview.com/msp/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Practices around identity and managing credentials have improved greatly since the days of infosec mandating 90-day password rotations. But those improvements didn't arise from a narrow security view. Hannah Sutor talks about the importance of balancing security with usability, the importance of engaging with users when determining defaults, and setting an example for transparency in security disclosures. Segment resources https://youtu.be/ydg95R2QKwM 00:00 Welcome to Application Security Weekly! 01:49 Meet the Experts 03:28 What Are Non-Human Identities? 06:17 Balancing Security & Usability 08:24 MFA Challenges & Admin Security 12:09 Navigating Breaking Changes 16:05 Security by Design in Action 18:42 Identity Management for Startups 20:18 Secure by Design: Real Impact 24:03 Transparency After a Critical Vulnerability 31:39 Looking Ahead to 2025 32:45 Application Security in Three Words Show Notes: https://securityweekly.com/asw-311

Guest: Ahmad Salehi Shahraki, Lecturer (Assistant Professor) in Cybersecurity, La Trobe UniversityOn LinkedIn | https://www.linkedin.com/in/ahmad-salehi-shahraki-83494152/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesDuring this "On Location" podcast episode at AISA CyberCon 2024, host Sean Martin welcomed guest Ahmad Salehi Shahraki to discuss cutting-edge developments in access control, identity management, and cybersecurity infrastructure.Ahmad, a lecturer at La Trobe University specializing in authentication, authorization, applied cryptography, and blockchain, shared insights into transitioning from traditional access control models like Role-Based Access Control (RBAC) to more advanced Attribute-Based Access Control (ABAC). Ahmad emphasized that while RBAC has served as the backbone of organizational security for decades, its centralized nature and limitations in cross-domain applications necessitate the shift to ABAC. He also highlighted a critical aspect of his research: leveraging cryptographic primitives like attribute-based group signatures to enhance security and privacy while enabling decentralization without relying on blockchain.Sean and Ahmad explored the technical and operational implications of ABAC. Ahmad described how this model uses user attributes—such as location, role, and organizational details—to determine access permissions dynamically. This contrasts with RBAC's reliance on predefined roles, which can lead to rule exploitation and administrative inefficiencies.Ahmad also discussed practical applications, including secure digital health systems, enterprise environments, and even e-voting platforms. One innovative feature of his approach is "attribute anonymity," which ensures sensitive information remains private, even in peer-to-peer or decentralized setups. For example, he described how his system could validate an individual's age for accessing a service without revealing personal data—a critical step toward minimizing data exposure.The conversation expanded into challenges organizations face in adopting ABAC, particularly the cost and complexity of transitioning from entrenched RBAC systems. Ahmad stressed the importance of education and collaboration with governments and industry players to operationalize ABAC and other decentralized models.The episode closed with Ahmad reflecting on the robust feedback and collaboration opportunities he encountered at the conference, underscoring the growing interest in decentralized and privacy-preserving solutions within the cybersecurity industry. Ahmad's research has attracted attention globally, with plans to further develop and implement these models in Australia and beyond.Listeners are encouraged to follow Ahmad's work and connect via LinkedIn to stay informed about these transformative approaches to cybersecurity.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

Guest: Ahmad Salehi Shahraki, Lecturer (Assistant Professor) in Cybersecurity, La Trobe UniversityOn LinkedIn | https://www.linkedin.com/in/ahmad-salehi-shahraki-83494152/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesDuring this "On Location" podcast episode at AISA CyberCon 2024, host Sean Martin welcomed guest Ahmad Salehi Shahraki to discuss cutting-edge developments in access control, identity management, and cybersecurity infrastructure.Ahmad, a lecturer at La Trobe University specializing in authentication, authorization, applied cryptography, and blockchain, shared insights into transitioning from traditional access control models like Role-Based Access Control (RBAC) to more advanced Attribute-Based Access Control (ABAC). Ahmad emphasized that while RBAC has served as the backbone of organizational security for decades, its centralized nature and limitations in cross-domain applications necessitate the shift to ABAC. He also highlighted a critical aspect of his research: leveraging cryptographic primitives like attribute-based group signatures to enhance security and privacy while enabling decentralization without relying on blockchain.Sean and Ahmad explored the technical and operational implications of ABAC. Ahmad described how this model uses user attributes—such as location, role, and organizational details—to determine access permissions dynamically. This contrasts with RBAC's reliance on predefined roles, which can lead to rule exploitation and administrative inefficiencies.Ahmad also discussed practical applications, including secure digital health systems, enterprise environments, and even e-voting platforms. One innovative feature of his approach is "attribute anonymity," which ensures sensitive information remains private, even in peer-to-peer or decentralized setups. For example, he described how his system could validate an individual's age for accessing a service without revealing personal data—a critical step toward minimizing data exposure.The conversation expanded into challenges organizations face in adopting ABAC, particularly the cost and complexity of transitioning from entrenched RBAC systems. Ahmad stressed the importance of education and collaboration with governments and industry players to operationalize ABAC and other decentralized models.The episode closed with Ahmad reflecting on the robust feedback and collaboration opportunities he encountered at the conference, underscoring the growing interest in decentralized and privacy-preserving solutions within the cybersecurity industry. Ahmad's research has attracted attention globally, with plans to further develop and implement these models in Australia and beyond.Listeners are encouraged to follow Ahmad's work and connect via LinkedIn to stay informed about these transformative approaches to cybersecurity.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

In this episode of the Practical 365 Podcast, Steve Goodman and Rich Dean are joined by Merill Fernando, Principal Product Manager at Microsoft, for a deep dive into identity management and community-driven innovation. As we approach Microsoft Ignite, Merill shares insights on upcoming announcements in security and identity management, including the new Global Secure Access solution. Plus we discuss various tech Meryl contributes to with the community, in particular Maester.dev, an open-source PowerShell based security framework.Want to stay up to date on all things Practical 365? Follow us on Twitter, Facebook, and Linkedin to stay up to date on all things Microsoft!

One of the scariest things in healthcare right now is having your organization breached. While systems are sometimes breached through more traditional approaches to hacking, the most common breaches today generally occur when hackers steal someone's credentials. In fact, many hackers are using social engineering attacks on IT help desks to breach healthcare systems. This is why identity management in healthcare is so important. All those expensive IT security systems don't help you much when the hackers take control of your users legitimate credentials. This was the topic I explored recently with Tracey Nyholt, Founder & CEO at TechJutsu, at the Oktane conference by Okta in Las Vegas. In our discussion, Nyholt shares about her company TechJutsu and some of the challenges of identity management in healthcare and the solutions available for healthcare organizations. Learn more about Caller Verify: https://www.callerverify.com/ Health IT Community: https://www.healthcareittoday.com/

Streamline Your Cybersecurity with Flare Here: https://try.flare.io/unsupervised-learning/ In this conversation, I speak with Jason Haddix, founder of Arcanum Security and CISO at Flare. We talk about: Flare's Unique Approach to Threat Intelligence:How Flare's capability to uncover compromised credentials and cookies from the dark web and private forums has been crucial in red team engagements. Challenges of Credential Theft and Advanced Malware Techniques:How adversaries utilize tools like the RedLine Stealer malware to gather credentials, cookies, and other sensitive information, and this stolen data enables attackers to bypass authentication protocols, emphasizing the need for comprehensive exposure management. Jason's Journey To Founding Arcanum & Arcanum's Security Training Programs:How Jason now advises on product development and threat intelligence as Flare's CISO and his journey to fund Arcanum, a company focused on red teaming and cybersecurity, and Arcanum's specialized training programs focusing on offensive security and using AI in security roles.  And more Introduction to the Podcast (00:00:00)Guest Excitement on Podcast (00:00:20)Jason's New Business and Flare Role (00:00:24)Career Shift from Ubisoft to Red Teaming (00:01:02)Evolution of Adversary Tactics (00:02:04)Flare's Credential Exposure Management (00:02:58)Synergy Between Arcanum and Flare(00:03:55)Dark Web Credential Compromise (00:04:45)Challenges with Two-Factor Authentication (00:06:25)Cookie Theft and Unauthorized Access (00:07:39)Redline Malware and Its Impact (00:08:12)Flare's Research Capabilities (00:09:50)Potential for Advanced Malware Detection (00:11:40)Expansion of Threat Intelligence Services (00:12:15)Vision for a Unified Security Dashboard (00:13:25)Integrating Threat Intelligence with Identity Management (00:14:00)Credential Update Notifications via API (00:15:54)Automated Credential Management Potential (00:17:28)AI Features in Security Platforms (00:17:32)Exploration of Automated Security Responses (00:18:38)Introduction to Arcanum Security (00:19:25)Overview of Arcanum Training Courses (00:20:25)Necessity for Up-to-Date Training (00:22:15)Guest Experts in Training Sessions (00:23:08)Upcoming Features for Flare (00:25:11)Integrating Vulnerability Management (00:28:08)Accessing Flare's Free Trial (00:28:25)Learning More About Arcanum (00:29:09)Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

In this episode of the Trust Issues podcast, host David Puner and David Lee, aka “The Identity Jedi,” delve into the evolving landscape of identity security. They discuss the critical challenges and advancements in securing both human and machine identities. Lee shares insights on the fear and misconceptions surrounding AI, drawing parallels to pop culture references like Marvel's Jarvis. They explore the potential of autonomous AI in monitoring and managing security tasks, emphasizing the need for real time data analysis and context understanding. The conversation highlights the importance of providing context on both human and machine sides to enhance security measures. They also touch on the role of investors in the identity security space and the need for better storytelling in the industry.

The number of machine identities in IT is growing swiftly and has already surpassed human identities by as much as 100 times. This rise necessitates robust security protocols, such as secure authentication and controlled access, to address possible threats effectively. Read the original blog post here: https://www.kuppingercole.com/blog/reinwarth/rise-of-the-machines

In this 7 Minutes on ITSPmagazine Short Brand Story recorded during Black Hat SecTor 2024, host Sean Martin sits down with Michael Mychalczuk, Director of Product Management for ArcSight at OpenText, to dissect the complexities of multi-cloud environments. Hosted during Black Hat SecTor 2024 in Toronto, they share invaluable insights into why businesses are increasingly finding themselves managing multiple cloud services.Mychalczuk explains that while many organizations initially hoped to stick with a single cloud provider, factors such as mergers, acquisitions, and specific technological pushes from giants like Microsoft and Google have made multi-cloud unavoidable. This proliferation presents unique challenges, particularly in maintaining security across varied platforms. He highlights the critical need for collaboration between security operations and IT operations teams. “No one person can know all of this,” Mychalczuk notes, emphasizing the importance of teamwork and specialization. He advises focusing on essential areas like identity management and automation to minimize human error and ensure consistent and secure deployments.Sean Martin and Michael Mychalczuk also discuss the importance of leveraging technologies such as Kubernetes and container security to manage and secure multi-cloud environments effectively. Mychalczuk stresses the value of robust monitoring tools like ArcSight to detect and respond to threats across these diverse systems, ultimately enabling businesses to succeed securely in today's fast-paced world. In closing, the emphasis on understanding one's maturity as a security operations team and aligning efforts accordingly stands out as a key takeaway.Note: This story contains promotional content. Learn more.Guest: Michael Mychalczuk, Director of Product Management at OpenText [@opentext]On LinkedIn | https://www.linkedin.com/in/michaelmychalczuk/ResourcesLearn more and catch more stories from OpenText: https://www.itspmagazine.com/directory/opentextLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

In this 7 Minutes on ITSPmagazine Short Brand Story recorded during Black Hat SecTor 2024, host Sean Martin sits down with Michael Mychalczuk, Director of Product Management for ArcSight at OpenText, to dissect the complexities of multi-cloud environments. Hosted during Black Hat SecTor 2024 in Toronto, they share invaluable insights into why businesses are increasingly finding themselves managing multiple cloud services.Mychalczuk explains that while many organizations initially hoped to stick with a single cloud provider, factors such as mergers, acquisitions, and specific technological pushes from giants like Microsoft and Google have made multi-cloud unavoidable. This proliferation presents unique challenges, particularly in maintaining security across varied platforms. He highlights the critical need for collaboration between security operations and IT operations teams. “No one person can know all of this,” Mychalczuk notes, emphasizing the importance of teamwork and specialization. He advises focusing on essential areas like identity management and automation to minimize human error and ensure consistent and secure deployments.Sean Martin and Michael Mychalczuk also discuss the importance of leveraging technologies such as Kubernetes and container security to manage and secure multi-cloud environments effectively. Mychalczuk stresses the value of robust monitoring tools like ArcSight to detect and respond to threats across these diverse systems, ultimately enabling businesses to succeed securely in today's fast-paced world. In closing, the emphasis on understanding one's maturity as a security operations team and aligning efforts accordingly stands out as a key takeaway.Note: This story contains promotional content. Learn more.Guest: Michael Mychalczuk, Director of Product Management at OpenText [@opentext]On LinkedIn | https://www.linkedin.com/in/michaelmychalczuk/ResourcesLearn more and catch more stories from OpenText: https://www.itspmagazine.com/directory/opentextLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

In this conversation, Matthias and Martin explore the concept of machine identities, discussing their significance in modern IT infrastructures. They discuss the challenges of managing these identities, the importance of lifecycle management, and the impact of regulations on cybersecurity. The conversation emphasizes the need for organizations to understand and properly manage machine identities to ensure security and compliance in an increasingly complex digital landscape.

In this episode of the Identity at the Center podcast, Jim McDonald speaks with Brandon Pinzon, an Insurance Industry Cybersecurity Executive, about the evolving landscape of identity management. They discuss Brandon's journey into digital identity, the role of identity management within organizations, and the unique challenges faced by the insurance industry. The conversation also delves into the intersection of compliance and security, highlighting the importance of understanding risk in the identity space. In this conversation, Brandon discusses the critical relationship between risk management and compliance in cybersecurity, emphasizing the importance of understanding and quantifying risk. He explores the evolving landscape of cyber insurance, highlighting the need for identity practitioners to be proactive in managing risks and building relationships with financial stakeholders. The discussion also touches on the necessity of cyber insurance for various organizations and concludes with insights into the vibrant cybersecurity community in San Antonio. 00:00 Podcast Introduction and Host Update 01:23 Upcoming Conferences and Discount Codes 02:29 Guest Introduction: Brandon Pinzon 03:02 Brandon's Identity Origin Story 05:25 Debate: Where Does Identity Management Belong? 13:45 Pros and Cons of CISO Responsibility for Identity 21:16 Identity in the Insurance Industry 29:52 Addressing Legacy Systems in Financial Institutions 31:38 Compliance vs. Security in Financial Services 35:33 Understanding and Quantifying Risk 38:33 The Role of Cyber Insurance 54:28 San Antonio: A Hub for Cybersecurity Connect with Brandon: https://www.linkedin.com/in/bpinzon/ Gartner IAM Summit - Save $375 on registration using our exclusive code IDAC375: https://www.gartner.com/en/conferences/na/identity-access-management-us Semperis' Hybrid Identity Protection Conference (HIP Conf) - Use code IDACpod for 20% off: https://www.hipconf.com/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com and watch at https://www.youtube.com/@idacpodcast Keywords identity management, cybersecurity, insurance industry, compliance, digital identity, CISO, identity governance, user experience, risk management, financial services, risk management, compliance, cyber insurance, identity management, cybersecurity, threat modeling, risk assessment, business continuity, data protection, security strategy

In this episode, Jason Kikta discusses the critical relationship between IT and security, emphasizing that great security begins with a solid IT foundation. He explores the importance of establishing a baseline for normalcy, the role of user safety in preventing security breaches, and the need to understand insider threats. Jason concludes with discussing the 'big three' of cybersecurity, which are: Network Inventory: Knowing what's on your network is crucial. This involves having a comprehensive inventory of all devices and systems connected to the network.Configuration and Patching: Keeping systems configured correctly and up-to-date with patches is essential to prevent vulnerabilities that could be exploited by malicious actors.Identity and Authentication Protection: Ensuring robust identity and authentication measures are in place to protect against unauthorized access and maintain the integrity of user accounts.

How do businesses protect themselves in an increasingly digital world where cyber threats evolve as quickly as the technologies designed to combat them? In this episode of Tech Talks Daily, we welcome Art Gilliland, CEO of Delinea, a leader in Privileged Access Management (PAM). Art joins us to discuss Delinea's strategic moves in the fast-paced cybersecurity landscape, including their recent acquisitions of Fastpath and Authomize, and the broader trend of market consolidation amid economic pressures. Under Art's leadership, Delinea has enhanced its capabilities in cloud and SaaS identity management, reflecting a commitment to addressing sophisticated cyber threats and improving organizational cyber defenses. Art will share insights on the necessity of identity security as the cornerstone of cyber defense strategies, especially critical as businesses increasingly adopt cloud technologies and face AI-powered threats. This conversation will also delve into the human aspect of M&A in the tech sector—how Delinea manages to integrate new acquisitions successfully within a matter of months and the role of executive leadership in these processes. Art's perspective on the ongoing consolidation in the cybersecurity industry highlights the push towards creating more comprehensive, efficient security platforms that reduce both complexity and costs for organizations. Art outlines the future of identity security, focusing on enhancing authorization capabilities and leveraging AI to automate threat response and decision-making. This discussion is not only about the technology but also about the strategic and human considerations that ensure these tools effectively secure and support the enterprises they are designed to protect. What challenges and opportunities do you see in the integration of new technologies and companies in the cybersecurity sector? Join the conversation and share your thoughts on how businesses can navigate these complex but essential advancements.

In this episode Ashish Rajan sits down with Shashwat Sehgal, co-founder and CEO of P0 Security, to talk about the complexities of cloud identity lifecycle management. Shashwat spoke to us about why traditional identity solutions like SAML are no longer sufficient in today's cloud environments. He discusses the need for organisations to adopt a more holistic approach to secure access across cloud infrastructures, addressing everything from managing IAM roles to gaining complete visibility and inventory of all cloud identities. This episode goes into the growing challenges around managing human and non-human identities, and the importance of shifting from legacy solutions to cloud-native governance. Guest Socials:⁠⁠ ⁠⁠⁠⁠⁠⁠⁠Shashwat's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp Questions asked: (00:00) Introduction (01:47) A bit about Shashwat (02:20) What is Identity Lifecycle Management? (04:55) What is IGA and PAM? (10:10) Complexity of Identity Management (13:12) What are non human identities? (15:56) Maturity Levels for Cloud Identity Lifecycle Management (19:03) The role of SAML in Identity Management (20:07) Identity Management of Third parties and SaaS Providers (21:28) Who's responsible for identity management in Cloud? (23:28) Changing landscape of identity management (27:46) Native Solutions for identity management (30:03) Fun Questions

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Itzik Alvas, CEO & Co-Founder of Entro Security, a non-human identity management platform that has raised $24 Million in funding. Here are the most interesting points from our conversation: Military Experience Taught Perseverance: Itzik credits his time in the Israeli Defense Force, specifically in the cyber intelligence unit, for shaping his approach to perseverance. This has been crucial in overcoming challenges as an entrepreneur. Non-Human Identity Management Innovation: After multiple cybersecurity breaches in his previous roles, Itzik identified a massive gap in managing non-human identities and secrets. This personal experience directly led to the creation of Entro Security. Early Days Post-Seed Raise: The first few months after securing seed funding were highly operational—setting up offices, building the team, and finding early design partners to provide feedback on their solution. Creating a New Market Category: Entro Security is pioneering the non-human identity management space, addressing the growing issue of programmatic credentials that are often mishandled by DevOps teams, posing significant security risks. Unique, Memorable Branding: Unlike traditional cybersecurity companies, Entro's branding is youthful, fun, and memorable, a conscious choice to stand out in an industry that often feels sterile and overly serious. Go-To-Market Approach: Entro's sales efforts are focused on direct sales and channel partnerships, with a primary focus on the US market. Itzik emphasizes the importance of aligning go-to-market strategies with event participation based on specific goals like lead generation or brand awareness.   //   Sponsors: Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership. www.FrontLines.io The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe.  www.GlobalTalent.co

Growth always brings challenges. In today's episode, we talk about how the DoD can manage the challenge of development in several aspects of identity management. Like most federal agencies, the DoD has made a move to the hybrid cloud; this alone adds to the complexity of the identification process. However, in addition to the 1.3 million active-duty service members, they must contend with reserves, DoD civilians, veterans, and many more. Oh, did we mention mobile? The official designation of the process of validating identity is called Identity Credentialing and Access Management, or ICAM. During this interview, experts from Akamai suggest: >> Consider applying AI/ML to help analyze identity data. >>> Fast Identity Online (FIDO) FIDO standards exist, and one can consider applying FIDO to simplify identity. Akamai has worked with both Defense and Civilian agencies to enable technologies like CAC/PIV and YUBIkey. Further, their well-known enterprise access management gives them the ability to protect web applications as well as mobile devices. Many organizations are tasked with managing millions of individuals. Very few are associated with capabilities that can have as serious consequences as the DoD.

SAP has announced the end of life for its identity management (IDM) system, which is a key component in many traditional SAP environments. This poses a challenge for organizations running on-premises SAP systems. To plan for a smooth transition, organizations should consider key strategies such as taking the time for thorough planning, thinking about the future of their IAM, and analyzing requirements before choosing a new solution. The cost of implementation projects can be significant, but investing in proper preparation and tools upfront can save time and money in the long run. It is important to take a holistic view and consider the broader picture, including GRC and access governance solutions. Finding the right solution requires support from experts who understand the market and the organization's specific requirements.

Apple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary to seamlessly and automatically deploy, manage & protect Apple devices at work. Over 45,000 organizations trust Mosyle to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple. In this episode of Apple @ Work, we continue our 3-part series on identity management with Apple in the enterprise, featuring Tom Bridge, JumpCloud's Director of Product Management. Connect with Bradley Twitter LinkedIn Listen and subscribe Apple Podcasts Overcast Spotify Pocket Casts Castro RSS Listen to Past Episodes

draft When the federal government makes a strategic decision to implement Zero Trust principles, they must consider both user identity and the data users are trying to access.  Today, we have leaders in the federal and commercial sectors look at both data and identity and emphasize the need for centralized coordination, automated labeling, and real-time access control through Identity Management. Brian Rosensteel from Ping Identity argues that some kind of “federated” identity management system is the most effective for federal identification. Each agency really cannot be responsible for responding in a timely manner given the details that Zero Trust demands. Access controls have been around since the start of networks. During the discussion, participants gave opinions on the value of both access based and role-based access controls. They also suggested that “context” based access controls may provide additional abilities for systems administrators to improve real-time access controls.

On this episode of The Cybersecurity Defenders Podcast we talk about cybersecurity product development with Vijay Pitchuman, Director of Product for Identity Management at Okta.

David Pollet is the CEO of Incremental and a repeat entrepreneur with over 20 years of startup experience. He has extensive history across startup environments and the lessons he has learned come from what he calls "a mix of big wins and big fails." David is a “Go to Market Growth Leader” with experience scaling Saas startups and public company divisions ranging from $5M-$100M+ in ARR. 25-years of experience in Sales, Marketing and Strategy leadership roles. He is a team-builder with experience translating long-term strategic growth initiatives into operating plans that can be executed, measured, and improved continuously. He has a proven track record of accelerating growth during times of transition. Deep knowledge and experience transitioning transactional businesses such as media arbitrage and data sales into Saas businesses with complex, multi-year committed engagements. He is well-versed in Identity Management, Measurement & Attribution, Machine Learning, Data Sales, and all Media types (incl. Linear TV, CTV, Digital and Social Video). Known for partnering closely with product, engineering and finance, he easily identifies opportunities for innovation and profitable growth. What you will learn Learn how to leverage data for maximizing e-commerce revenue. Understand the role of AI in automating the collection and interpretation of e-commerce sales data. Discover the process of using machine learning to predict daily sales and align disparate data sources. Understand the impact of retail media networks on advertising performance. Discover the journey from traditional online advertising to advanced machine learning techniques.

Guest: Theodore Heiman, CEO, CISO GuruOn LinkedIn | https://www.linkedin.com/in/tedheimanOn Twitter | https://x.com/tedrheiman____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn this episode of the Redefining CyberSecurity Podcast, host Sean Martin engages with Ted Heiman, CEO of the cybersecurity practice CISO Guru, in an insightful conversation about the complexities and evolving landscape of password management and multi-factor authentication (MFA). Sean Martin introduces the session by highlighting the challenges practitioners and leaders face in building security programs that enable organizations to achieve their objectives securely.The discussion quickly steers towards the main topic - the evolution of passwords, the role of password managers, and the critical implementation of MFA. Ted Heiman shares his extensive experience from over 25 years in the cybersecurity industry, observing that passwords are a relic from a time when networks were isolated and less complex. As organizations have grown and interconnected, the weaknesses of static passwords have become more apparent. Heiman notes a striking statistic: 75 to 80 percent of breaches occur due to compromised static passwords.The conversation examines the history of passwords, starting as simple, memorable phrases and evolving into complex strings with mandatory special characters, numbers, and capitalization. This complexity, while intended to increase security, often leads users to write down passwords or repeat them across multiple platforms, introducing significant security risks. Solutions like password managers arose to mitigate these issues, but as Heiman highlights, they tend to centralize risk, making a single point of failure an attractive target for attackers.The discussion shifts to MFA, which Heiman regards as a substantial improvement over static passwords. He illustrates the concept by comparing it to ATM use, which combines something you have (a bank card) and something you know (a PIN). Applying this to cybersecurity, MFA typically involves an additional step, such as an SMS code or biometric verification, significantly reducing the possibility of unauthorized access.Looking forward, both Heiman and Martin consider the promise of passwordless systems and continuous authentication. These technologies utilize a combination of biometrics and behavioral analysis to constantly verify user identity without the need for repetitive password entries. This approach aligns with the principles of zero-trust architecture, which assumes that no entity, inside or outside the organization, can be inherently trusted. Heiman stresses that transitioning to these advanced authentication methods should be a priority for organizations seeking to enhance their security posture. However, he acknowledges the challenges, especially concerning legacy systems and human behaviors, emphasizing the importance of a phased and managed risk approach.For listeners involved in cybersecurity, Heiman's insights provide valuable guidance on navigating the intricate dynamics of password management and embracing more secure, advanced authentication mechanisms.___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

In this episode of the 'Identity at the Center' podcast, Jeff and Jim discuss the complexities of managing Privileged Access Management (PAM) and the challenges of balancing various responsibilities like real jobs, podcasting, and attending conferences. They highlight upcoming conferences like Identity Week America and the Authenticate conference, offering discount codes for listeners. The main guest, Michiel Stoop, Director of Identity Management at Philips, shares insights on the importance of PAM, the process of selling PAM initiatives to management, and the integration of technology in identity and access management. The episode also covers methodologies for selecting the right PAM products and strategies for minimizing attack surfaces. To end on a lighter note, the hosts discuss must-try activities and foods in the Netherlands. 00:00 Introduction and Hosts' Banter 01:26 Balancing Work and Podcasting 03:04 Upcoming Conferences and Discount Codes 05:30 Introducing the Guest: Mihiel Stoep 08:04 Philips' Focus on Health Technology 10:12 Understanding Privileged Access Management 23:18 Discussing Privileged Access Management 24:10 Stakeholder Management in IAM 25:00 Operational Models for PAM 28:08 Adapting PAM Strategies for Cloud 32:25 Selecting the Right PAM Technology 36:15 Future of Privileged Access Management 39:38 Exploring the Netherlands 42:57 Wrapping Up and Contact Information Connect with Michiel: https://www.linkedin.com/in/macstoop/ Attending Identity Week in Europe, America, or Asia? Use our discount code IDAC30 for 30% off your registration fee! Learn more at: America: https://www.terrapinn.com/exhibition/identity-week-america Asia: https://www.terrapinn.com/exhibition/identity-week-asia/ Authenticate Conference - Use code IDAC15 for 15% off: https://authenticatecon.com/event/authenticate-2024-conference/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

I'm always thrilled to chat with ex-analysts, and Henrique Teixeira can cover a lot of ground with us on the topic of identity management and governance. The more I talk to folks about IAM/IGA, the more I'm shocked at how little has changed. If anything, it seems like we've gone backwards a bit, with the addition of cloud SaaS, mobile devices, and shadow IT. Identity is one of the most common entry points for attacks, so we've got to do better as an industry here. We'll cover a variety of topics in this interview, including: Why Henrique chose to go to Saviynt from Gartner Vendor risk concentration in identity Resilience in identity, especially when depending on a SaaS IdP Identity attack evolution (and the creation of the ITDR category) What's working in identity to move things forward, and what is holding us back This segment is sponsored by Saviynt. Visit https://securityweekly.com/saviynt to learn more about them! In this week's enterprise security news, Seed rounds are getting huge Lots of funding for niche security vendors Rapid7 acquires Noetic Cyber but Rapid7 is also rumored to sell itself! Slack battles infostealers The loss of Chevron deference impacts cyber Should cybersecurity put up a no vacancy sign? Figma and Google both make some embarrassing mistakes The RockYou2024 file does NOT contain 10 billion passwords I introduce a new news category: AI indegestion All that and more, on this episode of Enterprise Security Weekly! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-367

I'm always thrilled to chat with ex-analysts, and Henrique Teixeira can cover a lot of ground with us on the topic of identity management and governance. The more I talk to folks about IAM/IGA, the more I'm shocked at how little has changed. If anything, it seems like we've gone backwards a bit, with the addition of cloud SaaS, mobile devices, and shadow IT. Identity is one of the most common entry points for attacks, so we've got to do better as an industry here. We'll cover a variety of topics in this interview, including: Why Henrique chose to go to Saviynt from Gartner Vendor risk concentration in identity Resilience in identity, especially when depending on a SaaS IdP Identity attack evolution (and the creation of the ITDR category) What's working in identity to move things forward, and what is holding us back This segment is sponsored by Saviynt. Visit https://securityweekly.com/saviynt to learn more about them! In this week's enterprise security news, Seed rounds are getting huge Lots of funding for niche security vendors Rapid7 acquires Noetic Cyber but Rapid7 is also rumored to sell itself! Slack battles infostealers The loss of Chevron deference impacts cyber Should cybersecurity put up a no vacancy sign? Figma and Google both make some embarrassing mistakes The RockYou2024 file does NOT contain 10 billion passwords I introduce a new news category: AI indegestion All that and more, on this episode of Enterprise Security Weekly! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-367

I'm always thrilled to chat with ex-analysts, and Henrique Teixeira can cover a lot of ground with us on the topic of identity management and governance. The more I talk to folks about IAM/IGA, the more I'm shocked at how little has changed. If anything, it seems like we've gone backwards a bit, with the addition of cloud SaaS, mobile devices, and shadow IT. Identity is one of the most common entry points for attacks, so we've got to do better as an industry here. We'll cover a variety of topics in this interview, including: Why Henrique chose to go to Saviynt from Gartner Vendor risk concentration in identity Resilience in identity, especially when depending on a SaaS IdP Identity attack evolution (and the creation of the ITDR category) What's working in identity to move things forward, and what is holding us back This segment is sponsored by Saviynt. Visit https://securityweekly.com/saviynt to learn more about them! Show Notes: https://securityweekly.com/esw-367

Imagine your credentials as a physician being misused, making it impossible for you to work. Dr. Leah Houston went through this identity theft nightmare. This experience led her to start HPEC, a decentralized autonomous organization of practicing physicians—essentially a digital physician guild. Dr. Houston, an emergency medicine physician turned pioneer in digital identity security for doctors, speaks with host Dr. Erkeda DeRouen on this episode about how she turned crisis into innovation and resilience. They discuss physicians' staggering administrative challenges, the nuances of digital identity management, the burdensome credentialing process, and the importance of safeguarding one's medical credentials.   In this episode, you'll learn: Identity Management in Healthcare: Dr. Leah Houston shares her personal experience with Medicare and Medicaid identity fraud, shedding light on the often overlooked issue of identity management and credentialing in the medical field. She explains how administrative burdens can persist well beyond medical school and residency, impacting your ability to practice medicine. Innovation and Technological Solutions: Discover how Dr. Houston turned her challenges into a groundbreaking solution by developing a decentralized identity management system. This tool not only simplifies the credentialing process but also enhances security, allowing physicians to hold and share pre-verified data effortlessly. Exploring New Career Avenues: Our host, Dr. Erkeda DeRouen, emphasizes the importance of networking and exploring opportunities outside traditional medical pathways. If you're keen on innovation or startup environments, take Dr. Houston's advice to heart: immerse yourself in tech, reach out to industry leaders, and even consider internships to broaden your horizons and make an impact in the evolving healthcare landscape.   Jump into the conversation: 00:00 Introduction to The Prospective Doctor podcast with host Dr. Erkeda DeRouen and special guest Dr. Leah Houston 02:04 Impact of Medicare/Medicaid identity fraud on her ability to work 04:40 The burdensome nature of the current system 06:02 Introducing a digital wallet for doctors to hold pre-verified credentials 08:18 Importance of networking and collaboration with tech innovators 11:05 Encouraging students to have confidence in their problem-solving abilities 16:45 Importance of showing genuine interest and offering tangible help to emerging startups 18:50 Importance of fair contracts and seeking legal advice.   Where you can find Dr. Houston:  LinkedIn: https://www.linkedin.com/in/leahhoustonmd/  More on HPEC: https://www.hpec.io/    To learn more about how MedSchoolCoach can help you along your medical school journey, visit us at www.prospectivedoctor.com/   You can also reach us through our social media: Facebook: https://www.facebook.com/MedSchoolCoach  Dr. Erkeda's Instagram: https://www.instagram.com/doctordgram/  YouTube: www.youtube.com/@MedSchoolCoach

In this lively episode of the Identity at the Center podcast, hosts Jim McDonald and Jeff Steadman kick things off with a humorous mishap involving Jim's tech setup before diving into the latest happenings. They discuss the sweltering summer heat, Jim's recent "Greatest Dad of All Time" award, and their upcoming plans for Identity Week in Washington, DC. The highlight of the episode is a deep dive into the concept of "Federation Bubbles" with special guest Justin Richer, Security and Standards Architect and Founder of Bespoke Engineering. Justin explains the idea behind federation bubbles, a dynamic system designed to handle identity management in disconnected or disadvantaged environments. They explore real-world applications, such as military operations and disaster recovery scenarios, where traditional identity systems fall short. Justin also shares updates on his recent work, including the GNAP protocol and HTTP Message Signatures, and his involvement with the IETF's new working group, WIMSE (Workload Identity in Multi-System Environments). The conversation touches on the challenges and potential of these emerging identity standards, as well as the importance of context and trust in identity management. The episode wraps up on a lighter note with a discussion about Justin's board game project, "Natturuval" and the latest edition of "Cards Against Identity." Connect with Justin: https://www.linkedin.com/in/justinricher/ Learn more about Bespoke Engineering: https://bspk.io/ Workload Identity in Multi System Environments (WIMSE): https://datatracker.ietf.org/wg/wimse/about/ SPIFFE: https://spiffe.io Natturuval: https://gamefound.com/en/projects/bespoke-games/natturuval Cards Against Identity: https://bspk.io/games/cards/ Attending Identity Week in Europe, America, or Asia? Use our discount code IDAC30 for 30% off your registration fee! Learn more at: Europe: https://www.terrapinn.com/exhibition/identity-week/ America: https://www.terrapinn.com/exhibition/identity-week-america Asia: https://www.terrapinn.com/exhibition/identity-week-asia/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

In this engaging episode of the Identity at the Center podcast, hosts Jim McDonald and Jeff Steadman sit down with special guest Joni Brennan, President at the Digital ID and Authentication Council of Canada (DIACC). They dive deep into the intricacies of digital wallets, the evolving landscape of digital identity, and the importance of choice and trust in identity solutions. Joni shares her insights from the European Identity & Cloud Conference (EIC) and discusses the significance of the Pan-Canadian Trust Framework in de-risking digital identity adoption. The conversation covers a wide range of topics, including the challenges of standardizing digital wallets, the role of certification in building trust, and the importance of user choice in identity solutions. Joni also provides a fascinating look into her career journey and the evolution of identity standards from the days of the Liberty Alliance to the present. The episode wraps up with a fun discussion on underrated music acts, highlighting the hosts' and guest's diverse musical tastes. Connect with Joni: https://www.linkedin.com/in/jonibrennan Learn more about the Digital Identification and Authentication Council of Canada (DIACC): https://diacc.ca/ Pan-Canadian Trust Framework: https://diacc.ca/trust-framework/ Digital Identity Perspectives Research: https://diacc.ca/2023/04/20/canadians-continue-to-demand-transparency-and-control-over-personal-data/ Our Public Trust Forum Report: https://diacc.ca/2023/10/31/securing-canadas-digital-prosperity-building-trust-in-verification-and-credentials-is-a-shared-imperative/ DIACC's Trust Talks & Digital Dives podcast: https://diacc.ca/podcasts/ Attending Identity Week in America, or Asia? Use our discount code IDAC30 for 30% off your registration fee! Learn more at: America: https://www.terrapinn.com/exhibition/identity-week-america Asia: https://www.terrapinn.com/exhibition/identity-week-asia/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

Janie Lee is the Head of Product and the owner of the Self-Serve business at Loom. Janie previously worked at Rippling, leading the Identity Management and Hardware teams. Prior to that, she worked at Opendoor launching markets and developing pricing algorithms. During this time, Opendoor scaled from 2 to 20+ markets, $5B+ revenue, and 1500+ employees. In Today's Episode with Janie Lee We Discuss: 1. Inside the Product Building Machine of Rippling and Opendoor: What are Janie's single biggest product lessons from Rippling? How do they build so much product so fast? Can you have breadth and high quality? What are Janie's biggest lessons from Opendoor on talent and pricing? What does Janie know now that she wishes she had known when she started her product career? 2. What Makes a Truly Great PM: What core skills do the best PMs have? What is the difference between good vs great? Writing: What are Janie's biggest pieces of advice to PMs who want to write better? Communicate: How do the best PMs and product leaders communicate with their teams? Question Asking: How do the best PMs ask questions of their team and other orgs? 3. How to Find and Pick the Best PMs: How does Janie structure the interview process when hiring new PMs? What questions should one ask in every interview with a PM? Does Janie do a case study? What is she looking to achieve from it? How do the best do? What are Janie's biggest mistakes in hiring PMs? How did she change from it? 4. Onboarding PMs and Crushing Product Reviews: What do the first 30 days look like for new PMs? What are the biggest signs that a new PM is not going to work out? How does the product review process work at Loom? How does Janie prioritise when there is so much volume and data? How has AI changed the way Loom builds products today?  

Several recent trends underscore the increasing importance of Know Your Business (KYB) practices in today's business landscape. One significant trend is the rise in financial crimes, including money laundering, fraud, and terrorist financing. Technological advancements have transformed the way businesses operate, leading to increased digitization, online transactions, and remote customer interactions. While these developments offer numerous benefits, they also create opportunities for criminals to exploit vulnerabilities. Higher value remote transactions are performed at higher volumes. In addition, government programs such as the PPP program created a need for onboarding business quickly. This created a influx of fraudulent entities and claim who are now exploiting other channels. The convergence of these trends highlights the critical role of KYB in safeguarding businesses, ensuring regulatory compliance, and fostering trust among stakeholders in today's dynamic and interconnected business environment. Segment Resources: https://files.scmagazine.com/wp-content/uploads/2024/05/idi-Identiverse-Brochure_05-2024-KYB-PRINT.pdf This segment is sponsored by IDI. Visit https://securityweekly.com/idiidv to learn more about them! From wrestling with integration complexities to managing unexpected glitches, the realities of SSO implementation can produce very different results than what you want. Are users actually using SSO to login or are they still using the direct logins they gained before enabling SSO? We explore the reasons behind why SSO efficacy isn't always what it seems and what you can do about it. This segment is sponsored by Savvy. Visit https://securityweekly.com/savvyidv for a no cost SaaS-Identity checkup! With identity being the new security perimeter, identity platforms are now an integral part of the core security stack. Inherently these platforms are complex and it takes months and years for organizations to realize the business value. And this is going to get worse. The sheer volume and velocity with which new identity types are being added, as well the sophistication of attacks on identity platforms, requires a transformational shift to Identity security and governance. 50% operational efficiency and delivering security at scale are the two big initiatives which organizations have embarked on. In this session, Vibhuti Sinha, Chief Product Officer of Saviynt will share his insights and discuss how Saviynt is at the forefront of this transformation. This segment is sponsored by Saviynt. Visit https://securityweekly.com/saviyntidv to learn more about them! Show Notes: https://securityweekly.com/esw-365

In this episode of the Identity at the Center podcast, hosts Jeff and Jim return from Identiverse 2024 and share their experiences from the conference held in Las Vegas. They discuss notable moments, including unique conference swag and memorable interactions. Special guest Adam Michael, CISO and adjunct professor at Texas A&M University, joins the conversation to discuss the evolution of identity management to identity security at the university. Adam delves into the complexities of managing identity in a higher education environment and shares insights on implementing DevOps practices. The episode covers topics like AI's impact on teaching, infrastructure as code, ROI of identity security projects, and the challenges and benefits of centralizing IT services. Connect with Adam: https://www.linkedin.com/in/amikeal/ The Phoenix Project (book): https://www.amazon.com/Phoenix-Project-DevOps-Helping-Business/dp/0988262592 Attending Identity Week in Europe, America, or Asia? Use our discount code IDAC30 for 30% off your registration fee! Learn more at: Europe: https://www.terrapinn.com/exhibition/identity-week/ America: https://www.terrapinn.com/exhibition/identity-week-america Asia: https://www.terrapinn.com/exhibition/identity-week-asia/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

In this engaging episode, hosts Jim McDonald and Jeff Steadman wrap up their Identiverse 2024 experience with a thought-provoking panel discussion. Joined by Alex Bovee, CEO and Co-Founder of ConductorOne; Ian Glazer, Founder and President of Weave Identity; and Lance Peterman, Identity Lead at Dick's Sporting Goods and Professor at UNC Charlotte, the conversation dives deep into the future of identity management. The panel explores the concept of Zero Standing Privileges (ZSP) as the evolution of least privilege, discussing its feasibility, operational challenges, and the maturity curve required for organizations to adopt such a model. Ian shares his perspective on the future of identity governance, while Alex and Lance provide insights into practical implementations and the role of automation in achieving ZSP. The discussion also touches on the importance of context, policy, and the need for better data orchestration to make identity management more effective. Tune in for an insightful conversation on the next frontier of identity management and the steps needed to get there. Connect with Alex Bovee - https://www.linkedin.com/in/alexbovee/ Learn about ConductorOne - https://www.conductorone.com/?utm_source=identityatthecenter&utm_medium=podcast&utm_campaign=c1-brand⁠ Connect with Ian: https://www.linkedin.com/in/iglazer/ Learn about Weave Identity - https://weaveidentity.com/ Connect with Lance - https://www.linkedin.com/in/lancepeterman/ Attending Identity Week in Europe, America, or Asia? Use our discount code IDAC30 for 30% off your registration fee! Learn more at: Europe: https://www.terrapinn.com/exhibition/identity-week/ America: https://www.terrapinn.com/exhibition/identity-week-america Asia: https://www.terrapinn.com/exhibition/identity-week-asia/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com and watch at https://www.youtube.com/@idacpodcast

In this episode of Identity at the Center, hosts Jim McDonald and Jeff Steadman delve into the intricate world of authorization within the IAM space with Omri Gazit, co-founder and CEO of Asserto, and co-chair of the AuthZEN working group at the OpenID Foundation. They tackle the evolution of authorization, from the days of basic role-based access control to the current landscape of fine-grained authorization, including policy and relationship-based access control models. Omri shares his insights on the importance of standards in authorization, the role of developers in adopting these standards, and the journey towards a single authorization control plane for multiple applications. He also discusses the challenges organizations face with over-provisioned access and the potential of AI in enhancing authorization decisions. Listeners will also get a personal glimpse into Omri's life outside of IAM, learning about his passion for kung fu and how the discipline and journey of martial arts have influenced his professional ethos. Tune in for a comprehensive discussion on the future of authorization and the steps IAM practitioners can take to evolve their organization's approach to this critical aspect of identity security. Connect with Omri: https://www.linkedin.com/in/ogazitt/ Learn more about Aserto: https://www.aserto.com/ AuthZEN: https://openid.net/wg/authzen/ Google Zanzibar: https://research.google/pubs/zanzibar-googles-consistent-global-authorization-system/ Identiverse 2024: As an IDAC listener, you can register with 25% off by using code IDV24-IDAC25 at https://events.identiverse.com/identiverse2024/register?code=IDV24-IDAC25 Meet up with our RSM team! Schedule at https://rsmus.com/events/2024-events/join-rsm-at-identiverse-2024.html Attending the European Identity and Cloud Conference in Berlin? Use Discount Code: EIC24idac25 for 25% off. Register at https://www.kuppingercole.com/events/eic2024 Attending Identity Week in Europe, America, or Asia? Use our discount code IDAC30 for 30% off your registration fee! Learn more at: Europe: https://www.terrapinn.com/exhibition/identity-week/ America: https://www.terrapinn.com/exhibition/identity-week-america Asia: https://www.terrapinn.com/exhibition/identity-week-asia/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com and follow @IDACPodcast on Twitter.

In an enlightening discussion on ITSP Magazine, Sean Martin, a seasoned voice in the technology space, dives into the evolving realm of identity management with Chase Doelling, Principal Strategist at JumpCloud. This conversation sheds light on the operational challenges organizations face in today's complex digital landscapes and how identity management stands at the core of addressing these issues. Below, we unpack the essentials of this dialogue, offering insights into identity management's current state, its implications for businesses, and how JumpCloud is pioneering solutions to streamline and secure identity management.The Evolution of Identity Management and Its Current ChallengesThe conversation begins with an exploration of the journey to the present state of identity management, particularly in the context of hybrid cloud environments. Sean and Chase navigate the history and complexities that have led to the current landscape, emphasizing how identity management has become central to enabling business operations, securing revenue, protecting against cyber threats, and facilitating growth.Chase Doelling articulates the paradox of identity management: when it's functioning seamlessly, it's virtually invisible to organizations, yet it's fundamental to the operational, security, and business continuity of any organization. The discussion highlights how the COVID-19 pandemic has accelerated the shift toward remote work, intensifying the focus on identity management as organizations navigate the challenges of a global, hybrid workforce.The Integral Role of Identity in Modern OrganizationsThe conversation shifts to how identity management, viewed as the hub around which all tech solutions revolve, has evolved. Over the years, the perception of identity management has oscillated between being a centerpiece and receding into the backdrop. However, with increasing cybersecurity threats and the adoption of multi-cloud environments, identity management is now more crucial than ever.Doelling vividly illustrates the concept of identity being at the core of operational enablement, drawing parallels to how it grants access and interconnectivity within the organizational ecosystem. This section of the dialogue underscores the critical nature of identity management in enabling access to resources, ensuring security, and fostering operational efficiency.JumpCloud's Role in Shaping the Future of Identity ManagementAs the discussion unfolds, the spotlight turns to JumpCloud and its innovative approach to identity management. Sean Martin probes into how JumpCloud's solutions are designed to address the multifaceted challenges businesses face today. Chase Doelling provides a comprehensive overview of JumpCloud's role in redefining identity management, detailing how their platform aids organizations in overcoming operational hurdles through seamless identity and access management across cloud environments.JumpCloud's solution is presented as a robust platform that integrates digital identity management with device management, offering a unified approach to secure access across various applications and systems. This integration is crucial for enabling passwordless access, simplifying onboarding and offboarding processes, and enhancing overall security posture.Evolving with Identity Management: Insights and Future DirectionsIn concluding the conversation, Doelling emphasizes the importance of a proactive and curious mindset towards identity management. He encourages organizations to re-evaluate their approach to identity management, considering its central role in ensuring operational resilience, security, and scalability. The discussion ends with a forward-looking perspective, highlighting the need for organizations to adapt and evolve with the trends in identity management to stay competitive and secure in the digital age.This insightful episode with Chase Doelling not only highlights the critical role of identity management in today's digital landscape but also showcases how JumpCloud is at the forefront of innovating solutions that enable businesses to navigate the complexities of modern IT environments. As organizations continue to face evolving challenges, adopting a cohesive and integrated approach to identity management will be key to ensuring operational efficiency, security, and business growth in 2024 and beyond.Note: This story contains promotional content. Learn more. Guest: Chase Doelling, Principal Strategist, JumpCloud [@JumpCloud]On LinkedIn | https://www.linkedin.com/in/chasedoelling/ResourcesLearn more about JumpCloud and their offering: https://itspm.ag/jumpcloud-pg7zCatch more stories from JumpCloud at https://www.itspmagazine.com/directory/jumpcloudAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

In this episode of State of Identity, host Cameron D'Ambrosi welcomes Alex Bovee, co-founder and CEO of ConductorOne to explore the evolving challenges and solutions in the digital identity space. Learn what's driving the rise of identity-based security risks and how ConductorOne is tackling these issues through centralized identity governance and access controls. The conversation focuses on needing a more flexible approach to identity management, addressing common concerns like access control, multifactor authentication, and the ongoing struggle to balance security with productivity. It also offers insights on how businesses can better manage identity-related risks while ensuring a seamless user experience.