Podcasts about identity security

Now in its 18th year, the Verizon Business DBIR is one of the industry's longest standing and leading reports on the current cybersecurity landscape. This year's report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint's latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint's Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it's now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren't just hacking systems anymore—they're hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today's most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-405

Now in its 18th year, the Verizon Business DBIR is one of the industry's longest standing and leading reports on the current cybersecurity landscape. This year's report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint's latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint's Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it's now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren't just hacking systems anymore—they're hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today's most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-405

Now in its 18th year, the Verizon Business DBIR is one of the industry's longest standing and leading reports on the current cybersecurity landscape. This year's report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint's latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint's Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it's now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren't just hacking systems anymore—they're hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today's most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Show Notes: https://securityweekly.com/esw-405

In this episode of the Security Matters podcast, host David Puner sits down with Lior Yaari, CEO and co-founder of Grip Security, for a discussion that covers the concept of identity debt and its implications for modern cybersecurity. Lior shares insights from his experience in Israel's elite Unit 8200 and explains why identity is now the new security perimeter. They delve into the challenges organizations face in managing SaaS applications, the impact of generative AI on cybersecurity and the importance of proactive identity governance. Tune in for tips on how to protect your organization from within and stay ahead of evolving threats.

This episode is sponsored by Permiso. Visit permiso.io/idac to learn more.In this sponsored episode of the Identity at the Center Podcast, hosts Jeff and Jim sit down with Paul Nguyen, co-founder and co-CEO of Permiso, to discuss the critical role of identity security in modern information security. Paul shares insights into the history of identity threats, the rise of identity-focused attacks like Scattered Spider and LLM Jacking, and the importance of real-time identity monitoring for both human and non-human identities across cloud and on-prem environments. The episode explores how Permiso is positioned in the market to provide comprehensive identity threat detection and response (ITDR) and identity security posture management (ISPM), offering advanced visibility and proactive measures against emerging threats.Chapters00:00 Introduction to Security Vendors00:50 Welcome to the Identity at the Center Podcast01:30 Sponsored Spotlight: Permiso02:14 Meet Paul Nguyen, Co-Founder of Permiso03:34 The Importance of Identity in Security05:35 Permiso's Unique Approach to Identity Security07:36 Real-Time Monitoring and Threat Detection09:23 Challenges and Solutions in Identity Security15:16 Modern Attacks and Identity Threats25:56 The Role of Honeypots in Security Research26:49 Challenges of Maintaining Security27:15 Honeypots and Breach Detection27:46 Dwell Time and Reconnaissance28:34 Password Complexity and Monitoring Gaps29:24 Roles and Responsibilities in Identity Security29:49 Unified Identity Security Teams30:57 Emerging Threats and Joint Efforts32:49 Permiso's Role in Identity Security34:10 Detection and Response Strategies36:11 Managing Identity Risks36:51 Combining Prevention and Detection39:44 Real-World Applications and Challenges51:17 Personal Insights and Final ThoughtsConnect with Paul: https://www.linkedin.com/in/paulnguyen/Learn more about Permiso: https://permiso.io/idacConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.com and watch at idacpodcast.tvKeywords:identity security, real-time monitoring, IAM, cybersecurity, identity exploitation, modern attacks, insider threats, honeypots, organizational structure, Non-Human Identities, Identity Security, Permiso, Risk Management, Insider Threat, Shadow IT, Identity Graph, ITDR, ISPM, Cybersecurity

In this episode of the Other Side of the Firewall podcast, the hosts discuss the critical role of identity management in cybersecurity. They emphasize the importance of access control, risk management, and the need for proper onboarding and offboarding procedures to mitigate insider threats. The conversation also highlights the necessity of integrating IT and HR processes to enhance security measures and ensure effective cyber hygiene. Article: Identity: The New Cybersecurity Battleground https://thehackernews.com/2025/03/identity-new-cybersecurity-battleground.html Please LISTEN

SailPoint (SAIL) returns to the public markets for a second time – CEO Mark McClain shares why now is the right time to re-debut after going private in 2022. He says their first outing was a “good run”, and that they use the time in the private markets to restructure more easily. But, he says, the “market backdrop” made it appealing to re-list. He discusses how SAIL leverages A.I. for cybersecurity.======== Schwab Network ========Empowering every investor and trader, every market day.Subscribe to the Market Minute newsletter - https://schwabnetwork.com/subscribeDownload the iOS app - https://apps.apple.com/us/app/schwab-network/id1460719185Download the Amazon Fire Tv App - https://www.amazon.com/TD-Ameritrade-Network/dp/B07KRD76C7Watch on Sling - https://watch.sling.com/1/asset/191928615bd8d47686f94682aefaa007/watchWatch on Vizio - https://www.vizio.com/en/watchfreeplus-exploreWatch on DistroTV - https://www.distro.tv/live/schwab-network/Follow us on X – https://twitter.com/schwabnetworkFollow us on Facebook – https://www.facebook.com/schwabnetworkFollow us on LinkedIn - https://www.linkedin.com/company/schwab-network/About Schwab Network - https://schwabnetwork.com/about

In the inaugural episode of the Security Matters podcast, host David Puner dives into the world of AI security with CyberArk Labs' Principal Cyber Researcher, Eran Shimony. Discover how FuzzyAI is revolutionizing the protection of large language models (LLMs) by identifying vulnerabilities before attackers can exploit them. Learn about the challenges of securing generative AI and the innovative techniques used to stay ahead of threats. Tune in for an insightful discussion on the future of AI security and the importance of safeguarding LLMs.What's Security Matters? Check out the show trailer to learn more. Make us your top cybersecurity podcast.Links referenced in this episode:FuzzyAI GitHub pageFuzzyAI Discord Community

Willkommen zu einer neuen Episode von Expanding Utilities. In dieser Folge dreht sich alles um das Thema Identitätssicherheit in der Energiewirtschaft, ein Bereich, der zunehmende Bedeutung gewinnt. Zu Gast haben wir Michael Kleist, einem Experten von CyberArk, der die Besonderheiten und Herausforderungen kennt, mit denen sich Unternehmen in der Energiebranche konfrontiert sehen. Gemeinsam sprechen wir über Identity Security, der Schutz privilegierter Zugriffe und die Rolle von Plattformstrategien bei der Cybersicherheit. Hört rein und erfahrt mehr darüber, wie IT- und OT-Umgebungen sicherer gestaltet werden können und welche Trends die Branche in Zukunft prägen könnten. Viel Spaß beim Zuhören!

Luke 4:3 (ESV) The devil said to him, “If you are the Son of God…TITLE: Identity Crisis SecurityLuke 4:1–2 (ESV) And Jesus, full of the Holy Spirit, returned from the Jordan and was led by the Spirit in the wilderness for forty days, being tempted by the devil. And he ate nothing during those days. And when they were ended, he was hungry.THE Attack (TEMPTING) ON Jesus...Luke 4:3 (ESV) The devil said to him, “If you are the Son of God, command this stone to become bread.”Luke 4:5–7 (ESV) And the devil took him up and showed him all the kingdoms of the world in a moment of time, and said to him, “To you I will give all this authority and their glory, for it has been delivered to me, and I give it to whom I will. If you, then, will worship me, it will all be yours.”Luke 4:9-11 (ESV) And he took him to Jerusalem and set him on the pinnacle of the temple and said to him, “If you are the Son of God, throw yourself down from here, for it is written, “ ‘He will command his angels concerning you, to guard you,' and “ ‘On their hands they will bear you up, lest you strike your foot against a stone.' ”THE Attack (TEMPTING) ON MANKIND…Genesis 3:4–6 (ESV) But the serpent said to the woman, “You will not surely die. For God knows that when you eat of it your eyes will be opened, and you will be like God, knowing good and evil.” So when the woman saw that the tree was good for food, and that it was a delight to the eyes, and that the tree was to be desired to make one wise, she took of its fruit and ate, and she also gave some to her husband who was with her, and he ate.EVERY ATTACK (TEMPTATION) YOU EXPERIENCE WILL BE FOCUSED ON YOUR IDENTITY.THE FOUNDATION OF YOUR IDENTITY:CONCEIVED - What God Thinks/SaysBELIEVED - What You ThinkPROJECTED - What You SayPERCEIVED - What Others Think/SayJESUS: IDENTITY SECURITYCONCEIVED - What God Thinks/SaysLuke 3:22 (ESV) and the Holy Spirit descended on him in bodily form, like a dove; and a voice came from heaven, “You are my beloved Son; with you I am well pleased.”BELIEVED - What You ThinkJohn 8:58 (ESV) Jesus said to them, “Truly, truly, I say to you, before Abraham was, I am.PROJECTED - What You SayLuke 8:56 (ESV) And her parents were amazed, but he charged them to tell no one what had happened.PERCEIVED - What Others Think/SayJohn 2:24–25 (ESV) But Jesus on his part did not entrust himself to them, because he knew all people and needed no one to bear witness about man, for he himself knew what was in man.WHO ARE YOU?CONCEIVED - What God Thinks/SaysBELIEVED - What You ThinkPROJECTED - What You SayPERCEIVED - What Others Think/SayProverbs 23:7 (KJV) For as he thinketh in his heart, so is he.2 Corinthians 11:3 (ESV) But I am afraid that as the serpent deceived Eve by his cunning, your thoughts will be led astray from a sincere and pure devotion to Christ.John 12:46 (ESV) I have come into the world as light, so that whoever believes in me may not remain in darkness.

Welcome to Security Matters, the next evolution of CyberArk's podcast. Previously known as Trust Issues, this show has always brought expert insights into the world of identity security.Hosted by David Puner, Senior Editorial Manager at CyberArk, Security Matters refines its focus to emphasize a proactive approach to cybersecurity. The podcast will delve into the principle of "Think like an attacker," highlighting the importance of staying ahead of threats rather than merely reacting to them.Each episode will feature deep insights, expert perspectives, and actionable strategies to help empower listeners to defend and protect their organizations and the digital world. Topics will include securing the entire spectrum of identities—both human and machine—protecting hybrid and multi-cloud environments and analyzing the latest attack methods.Join Security Matters to explore why how you approach security truly matters.Coming mid-Feb. 2025 to this stream and most major podcast platforms. 

Join us for an insightful conversation with Ceora Ford about the intersection of security, development, and community building. We explore why managing identity security is more complex than simple authentication, examine the trade-offs of Next.js's App Router in enterprise applications, and uncover strategies for effective technical content creation. Ceora shares her experience transitioning from digital marketing to developer advocacy, offering practical advice for building a presence across platforms like TikTok, Twitter, and LinkedIn.SponsorConvex is the backend for founders. Convex is the backend application platform for product-obsessed founders.Chapter Marks00:00 - Intro01:14 - Identity Security Discussion05:25 - Evolution of React and Next.js08:33 - Documentation and Developer Experience15:43 - Sponsor: [Convex](https://convex.dev)16:20 - Authentication in the App Router21:31 - Content Creation and Marketing Strategy27:50 - Social Media Platform Strategy34:51 - Analytics and Tool Discussion41:08 - Picks and PlugsBradPick: His dog Roman (who they had to say goodbye to at age 17)Plug: Social media accountsBrad on TwitterBrad on BlueSkyBrad on YouTubeBekahPick: "The Game" podcast with Alex HormoziPlug: Open Sauce (opensauced.pizza) and her team's upcoming feature launchCeoraPick: "The Good Place" (TV show on Netflix)Plug: Social media accountsCeora on LinkedInCeora on TwitterCeora on BlueSkyCeora on TikTokLinksAuth0 by OktaNext.jsAuth0 documentation for Next.js integrationGatsbyAstroConvexJekyllGraphQLOpen SaucedMark Techson

In this episode, Trust Issues host David Puner wraps up 2024 with a conversation with Red Hat's Field CTO Ambassador E.G. Nadhan about the future of cybersecurity. They discuss the importance of cloud security principles, the impact of emerging technologies like AI and quantum computing, and the challenges of managing machine identities. Nadhan emphasizes the need for organizations to prepare for future security challenges by understanding the attacker mindset and taking proactive steps today to protect for tomorrow. The conversation also touches on collaboration within the open source community and the role of Red Hat's Field CTO organization in driving innovation and addressing market opportunities.

In this special episode of the Identity at the Center Podcast, hosts Jeff and Jim sit down with Hed Kovetz, CEO and co-founder of Silverfort, at the Gartner IAM Summit in Texas. Hed shares insights on the evolution of identity security, the interplay between legacy and modern IT systems, and the importance of securing non-human identities. They also delve into the role of AI in cybersecurity and the challenge of maintaining innovation in a growing company. Tune in for a thought-provoking conversation about the future of identity security and the booming impact of AI. 00:00 The Importance of Identity in Modern Security 01:23 Welcome to the Identity of the Center Podcast 01:44 Live from the Gartner IAM Summit 03:08 Interview with Hed Kovetz, CEO of Silverfort 03:48 Silverfort's Recent Achievements and Innovations 05:15 Challenges and Insights in Identity Security 08:00 The Evolution of Identity Security 21:20 Securing Legacy and Modern IT Systems 29:52 The Rise of Service Account Protection 30:31 Challenges in Securing Non-Human Identities 31:02 Real-World Examples and Governance Issues 31:40 Strategies for Securing Non-Human Identities 32:56 The Evolution of Identity Security 45:49 The Role of AI in Identity Security 50:33 The Future of Identity Security 53:44 Personal Insights and Reflections 01:01:25 Conclusion and Final Thoughts Connect with Hed: https://www.linkedin.com/in/hed-kovetz-910ba5b9/ Learn more about Silverfort: https://www.silverfort.com/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com

In this episode of the Identity at the Center podcast, hosts Jeff and Jim dive into the concept of Identity Security Posture Management (ISPM) with Henrique Teixeira, Senior Vice President of Strategy at Saviynt and former Gartner analyst. Henrique explains ISPM as an Apple Watch for your identity program, focusing on preventive measures before an attack occurs. The discussion also covers the upcoming Gartner IAM Summit, AI's impact on identity management, and the anticipated trends for 2025. Additionally, they explore the differences between AI copilot, agent, and bot, and the future of non-human identity management. Henrique shares insights on balancing ITSM front ends with IGA systems and emphasizes the importance of continuous security investment. Tune in for a comprehensive look at ISPM, AI, and the evolving identity security landscape. Chapters 00:00 Welcome to the Podcast 01:47 Gartner IAM Summit Preview 04:48 Guest Introduction: Henrique Teixeira 05:28 Henrique's Career Transition 10:12 Conference Experiences and Insights 14:10 Understanding ISPM and ITDR 29:16 AI in Identity Management 35:58 Debating the Future of AI in IGA Systems 37:09 Evolution of Access Request Systems 37:59 The Rise of ChatOps in Identity Management 40:26 Multi-Channel Identity and Access Management 45:54 Influencers and Inspirations in Identity Strategy 49:06 Reflecting on 2024: Trends and Predictions 54:31 Looking Ahead: Identity and AI in 2025 01:02:50 Boxing Talk: Mike Tyson vs. Jake Paul 01:08:17 Wrapping Up: Final Thoughts and Farewells Connect with Henrique: https://www.linkedin.com/in/bernardes Learn more about Saviynt: https://saviynt.com/ Prevention + ITDR Venn Diagram - https://www.linkedin.com/posts/rezasoltani_identitysecurity-ispm-itdr-activity-7203522819014500353-8Kv_/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Keywords: Identity Security, IAM, Digital Identity, AI, Artificial Intelligence, ISPM, ITDR, IGA, Gartner IAM Summit, Cybersecurity, Cloud Security, Machine Identity, Non-Human Identity, Podcast, Interview, Saviynt, Henrique Teixeira, Jim McDonald, Jeff Steadman

In this episode of the Trust Issues podcast, host David Puner sits down with Andrew Shikiar, the Executive Director and CEO of the FIDO Alliance, to discuss the critical issues surrounding password security and the innovative solutions being developed to address them. Andrew highlights the vulnerabilities of traditional passwords, their susceptibility to phishing and brute force attacks, and the significant advancements in passwordless authentication methods, particularly passkeys. He explains how passkeys, based on FIDO standards, utilize asymmetric public key cryptography to enhance security and reduce the risk of data breaches. The conversation also covers the broader implications of strong, user-friendly authentication methods for consumers and organizations, as well as the collaborative efforts of major industry players to make the internet a safer place. Additionally, Andrew highlights the importance of identity security in the context of these advancements, emphasizing how robust authentication methods can protect personal and organizational data. Tune in to learn about the future of authentication and the steps being taken to eliminate the reliance on passwords.

We speak with Venafi's Chief Innovation Officer, Kevin Bocek following the acquisition by Cyberark, effective as 1 October, 2024.Given Kevin's role over a decade with Venafi, he gives insight into what the acquisition of Venafi means for the customers of both companies and the market.We also discuss how the IAMs compliment each other and reflect the preference of customers to reduce the number of vendors, as well as responding to the state of play in terms of companies securing machine identities, and reflecting on the last 10 years how this will develop over the short to medium term.We also consider the emergence of Quantum and recent news that scientists have cracked a shortened RSA encryption.Recorded at Impact World Tour in Sydney, an identity security event, where, importantly Kevin has a key message for customers in APAC and Australia.#mysecuritytv #venafi #cyberark #impact2024 #iam #pam #identitysecurity

In this episode of the Identity at the Center podcast, Jim McDonald is joined by guest David Mahdi, CIO at Transmit Security and former Gartner analyst. The discussion delves into the challenges of identity security and the necessity of transitioning from IAM to identity security to mitigate privacy, fraud, and scam risks. They explore the convergence of cybersecurity and identity, the rise of non-human identities, and the importance of cyber resilience. David shares insights from his global experiences and highlights the importance of behavior-based monitoring for both human and non-human identities. The episode wraps up with a lighter note as they discuss the perfect trail mix ingredients. 00:00 Welcome to the Identity at the Center Podcast 01:12 Guest Introduction: David Mahdi 02:35 The Evolution of Identity Security 04:13 The Importance of Identity Security 05:26 David Mahdi's Journey in Identity Security 07:20 Challenges in Identity and Access Management 10:10 The Role of Machine Learning in Identity Security 12:19 The Future of Identity Security 22:52 The Need for Convergence in Identity and Security Teams 33:01 Non-Human Identities and Their Management 41:00 Defining Roles and Responsibilities 41:46 Ignoring Non-Human Accounts 42:38 Emerging Threats and Risk Management 44:33 The Importance of Identity Security 46:46 Cyber Resilience in Modern Organizations 49:24 Cloud Services and Backup Plans 51:26 Ransomware and Data Access Governance 54:27 The Future of Identity Security 01:07:53 Trail Mix and Lighter Notes 01:14:32 Closing Remarks and Upcoming Events Connect with David: https://www.linkedin.com/in/dmahdi/ Learn more about Transmit Security: https://transmitsecurity.com/ Gartner IAM Summit - Save $375 on registration using our exclusive code IDAC375: https://www.gartner.com/en/conferences/na/identity-access-management-us Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Keywords: Identity Security, IAM, Cyber Resilience, Machine Identity, Non-Human Identity, Digital Transformation, Cloud Security, Zero Trust, Data Breach, Risk Management, ITDR, MFA Fatigue, Deepfakes, Gen AI, Copilot, Claude AI, Decentralized Identity, Quantum Computing, Ransomware, Data Access Governance, Transmit Security, Gartner IAM Summit, FIDO Authenticate Conference.

In this episode of Trust Issues, host David Puner interviews James Imanian, Senior Director of the U.S. Federal Technology Office at CyberArk. They discuss the critical topic of election security, focusing on the recent 2024 U.S. presidential election. Drawing from his extensive background in cybersecurity including a career in the Navy and a stint at the U.S. Department of Homeland Security, James brings a wealth of experience to the conversation, which explores AI's impact on election security—highlighting how AI has transformed the landscape by increasing the scale, speed and sophistication of misinformation and disinformation campaigns. James explains the differences between misinformation, disinformation and malinformation and their roles in the information environment surrounding elections.He also highlights the importance of public-private partnerships in securing election infrastructure and the role of international collaboration in countering nation-state threats. The episode examines the challenges of maintaining trust in the digital age and the potential of identity verification technologies to enhance information trustworthiness.Finally, the discussion touches on the parallels between election security and enterprise cybersecurity, emphasizing the need for critical thinking and proactive measures to uphold the integrity of both elections and organizational security.For more insights from James Imanian on election security, check out his blog, "Six Key Measures for Upholding Election Security and Integrity." 

In this episode of CSP, we sit down with Dr. Sean Murphy, the CISO of BECU, one of Seattle's largest credit unions, to discuss the shifts in identity security brought on by the COVID-19 pandemic. Dr. Murphy highlights how Zero Trust architecture became crucial for verifying internal users, especially as remote work became the norm. He shares insights on the unique challenges of securing a remote workforce in the banking sector and underscores the importance of a robust identity security framework in protecting both members and employees in today's evolving threat landscape. This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them! This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo! This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them! Visit https://cisostoriespodcast.com for all the latest episodes! Show Notes: https://cisostoriespodcast.com/csp-201

In this episode of the Identity at the Center podcast, hosts Jim McDonald and Jeff Steadman delve into the significance of shared signals in identity and access management (IAM). Featuring Mike Kiser, Director of Strategy and Standards at SailPoint, the discussion spans Kiser's career journey from IBM to SailPoint, the importance of standards and security in IAM, and the influence of AI on authenticity. The episode highlights the Shared Signals Framework, drawing parallels to cooperative dolphins and fishermen, and underscores the benefits of a standardized approach to signal sharing. The conversation also touches on the challenges and potential of event-based architectures and the evolving role of identity in cybersecurity. 00:00 Introduction and Initial Thoughts 02:50 Conference and Discount Codes 05:33 Guest Introduction and Background 11:31 AI and Authenticity 15:21 Shared Signals Framework 25:40 Decentralized Identity Management 26:28 Real-Time Identity Data Sharing 27:55 Developing Identity Standards 29:19 Vendor Collaboration and Challenges 31:28 Event-Based Identity Architectures 33:03 The Role of Big Tech in Identity Security 39:22 Customer Demand for Identity Solutions 40:49 Identity Security and Digital Identity 42:47 Technology vs. Humanity: A Musical Perspective 48:41 Conclusion and Final Thoughts Connect with Mike: https://www.linkedin.com/in/mike-kiser/ Learn more about SailPoint: https://www.sailpoint.com/ SailPoint Navigate 2024 London - Use code IDAC for a £300 discount - https://www.sailpoint.com/navigate/london Semperis' Hybrid Identity Protection Conference (HIP Conf) - Use code IDACpod for 20% off: https://www.hipconf.com/ Gartner IAM Summit - Save $375 on registration using our exclusive code IDAC375: https://www.gartner.com/en/conferences/na/identity-access-management-us Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com

Let's talk about what CISOs look for when hiring identity and access management team members. What training and experience is most attractive for the business and team. This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them! This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo! This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them! Visit https://cisostoriespodcast.com for all the latest episodes! Show Notes: https://cisostoriespodcast.com/csp-200

In this episode of the Trust Issues podcast, host David Puner and David Lee, aka “The Identity Jedi,” delve into the evolving landscape of identity security. They discuss the critical challenges and advancements in securing both human and machine identities. Lee shares insights on the fear and misconceptions surrounding AI, drawing parallels to pop culture references like Marvel's Jarvis. They explore the potential of autonomous AI in monitoring and managing security tasks, emphasizing the need for real time data analysis and context understanding. The conversation highlights the importance of providing context on both human and machine sides to enhance security measures. They also touch on the role of investors in the identity security space and the need for better storytelling in the industry.

AB sits down with Matt Caulfield, VP of Identity and Duo, Cisco Security, to talk about the vision and strategy for Cisco's identity portfolio. This insightful conversation spans various topics, including multi-factor authentication (MFA), social engineering, and the integration of artificial intelligence (AI) in identity security technologies.

AB sits down with Matt Caulfield, VP of Identity and Duo, Cisco Security, to talk about the vision and strategy for Cisco's identity portfolio. This insightful conversation spans various topics, including multi-factor authentication (MFA), social engineering, and the integration of artificial intelligence (AI) in identity security technologies.

Generative AI has been the talk of the technology industry for the past 18+ months. Companies are seeing its value, so generative AI budgets are growing. With more and more AI agents expected in the coming years, it's essential that we are securing how consumers interact with generative AI agents and how developers build AI agents into their apps. This is where identity comes in. Shiven Ramji, President of Customer Identity Cloud at Okta, will dive into the importance of protecting the identity of AI agents and Okta's new security tools revealed at Oktane that address some of the largest issues consumers and businesses have with generative AI right now. Segment Resources: https://www.okta.com/oktane/ https://www.okta.com/press-room/press-releases/okta-helps-builders-easily-implement-auth-for-genai-apps-secure-how/ Today, there isn't an identity security standard for enterprise applications that ensures interoperability across all SaaS and IDPs. There also isn't an easy way for an app, resource, workload, API or any other enterprise technology to make itself discoverable, governable, support SSO and SCIM and continuous authentication. This lack of standardization is one of the biggest barriers to cybersecurity today. Arnab Bose, Chief Product Officer, Workforce Identity Cloud at Okta, joins Security Weekly's Mandy Logan to discuss the need for a new, comprehensive identity security standard for enterprise applications, and the work Okta is doing alongside other industry players to institute a framework for SaaS companies to enhance the end-to-end security of their products across every touchpoint of their technology stack. Segment Resources: https://www.okta.com/oktane/ https://www.okta.com/press-room/press-releases/okta-openid-foundation-tech-firms-tackle-todays-biggest-cybersecurity/ https://www.okta.com/press-room/press-releases/okta-is-reducing-the-risk-of-unmanaged-identities-social-engineering/ This segment is sponsored by Oktane, to view all of the CyberRisk TV coverage from Oktane visit https://securityweekly.com/oktane. Show Notes: https://securityweekly.com/asw-305

Generative AI has been the talk of the technology industry for the past 18+ months. Companies are seeing its value, so generative AI budgets are growing. With more and more AI agents expected in the coming years, it's essential that we are securing how consumers interact with generative AI agents and how developers build AI agents into their apps. This is where identity comes in. Shiven Ramji, President of Customer Identity Cloud at Okta, will dive into the importance of protecting the identity of AI agents and Okta's new security tools revealed at Oktane that address some of the largest issues consumers and businesses have with generative AI right now. Segment Resources: https://www.okta.com/oktane/ https://www.okta.com/press-room/press-releases/okta-helps-builders-easily-implement-auth-for-genai-apps-secure-how/ Today, there isn't an identity security standard for enterprise applications that ensures interoperability across all SaaS and IDPs. There also isn't an easy way for an app, resource, workload, API or any other enterprise technology to make itself discoverable, governable, support SSO and SCIM and continuous authentication. This lack of standardization is one of the biggest barriers to cybersecurity today. Arnab Bose, Chief Product Officer, Workforce Identity Cloud at Okta, joins Security Weekly's Mandy Logan to discuss the need for a new, comprehensive identity security standard for enterprise applications, and the work Okta is doing alongside other industry players to institute a framework for SaaS companies to enhance the end-to-end security of their products across every touchpoint of their technology stack. Segment Resources: https://www.okta.com/oktane/ https://www.okta.com/press-room/press-releases/okta-openid-foundation-tech-firms-tackle-todays-biggest-cybersecurity/ https://www.okta.com/press-room/press-releases/okta-is-reducing-the-risk-of-unmanaged-identities-social-engineering/ This segment is sponsored by Oktane, to view all of the CyberRisk TV coverage from Oktane visit https://securityweekly.com/oktane. Show Notes: https://securityweekly.com/asw-305

In this special episode of the Identity at the Center podcast, recorded live from the SailPoint Navigate 2024 conference in Orlando, hosts Jeff and Jim engage with Andrew Moore, VP of Product Management at SailPoint. The conversation spans a variety of critical themes, including the management of identity platforms, product development, and the importance of customer feedback. Andrew details his career journey, including his transition from Under Armour to SailPoint, and shares insights into the development of connected products, data-driven design, and user experience enhancements. The episode also introduces the latest innovations, such as Privileged Task Automation and Machine Identity Security, emphasizing their potential to address productivity and security risks. Furthermore, the speakers discuss the transformative role of AI in Identity Governance and Administration (IGA), highlighting the importance of explainable AI and maintaining strong security standards. This episode is a deep dive into the dynamic landscape of identity governance and the strategies driving continuous innovation. 00:00 Welcome to the Identity at the Center Podcast 01:55 Conference Insights and Future Plans 03:38 Introducing Andrew Moore 03:52 Andrew Moore's Journey into Identity 06:48 Product Management at SailPoint 16:48 Innovative Projects and Customer Feedback 23:17 Exploring Low Code and No Code Identity Automations 23:53 Understanding Customer Feedback and Research Techniques 24:41 Balancing Positive and Negative Feedback 00:24 Dealing with Critical Feedback 29:34 Announcing the Product Roadmap 30:37 Privileged Task Automation: A Game Changer 39:11 Machine Identity Security: New Innovations 42:33 The Future of AI in Identity Governance 47:12 Addressing Concerns About AI in IGA 50:40 Conclusion and Final Thoughts Connect with Andrew: https://www.linkedin.com/in/richardandrewmoore/ Learn more about SailPoint: https://www.sailpoint.com/ SailPoint Navigate 2024 London - Use code IDAC for a £300 discount - https://www.sailpoint.com/navigate/london Semperis' Hybrid Identity Protection Conference (HIP Conf) - Use code IDACpod for 20% off: https://www.hipconf.com/ Gartner IAM Summit - Save $375 on registration using our exclusive code IDAC375: https://www.gartner.com/en/conferences/na/identity-access-management-us Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com

In this episode of the Trust Issues Podcast, host David Puner sits down with CyberArk's resident technical evangelist, white hat hacker and transhuman, Len Noe. They dive into Len's singular journey from a black hat hacker to an ethical hacker, exploring his identity reinvention and the fascinating world of subdermal microchip implants and offensive security. Len shares insights from his new book, "Human Hacked: My Life and Lessons as the World's First Augmented Ethical Hacker," which releases on October 29. They also discuss the relevance of Len's transhuman identity to his work in identity security.

In this episode from 2011 I was joined by Jim Miller to discuss how to keep your information and identity safe in our modern age were information is more vulnerable than any time in our history. Today’s episode of Friday … Continue reading →

In this episode of the Trust Issues podcast, host David Puner sits down with Jeff Reich, Executive Director of the Identity Defined Security Alliance (IDSA), a nonprofit that provides vendor-neutral guidance on identity-centric security strategies to help organizations reduce the risk of identity-related attacks. They explore the evolution of digital identity, discussing how it has transformed from simple identifiers to complex, multifaceted digital identities for both humans and machines. In today's threat landscape, the number and types of identities, attack methods and environments have dramatically increased, making it more challenging to secure identities. Jeff discusses the challenges and efforts in creating sustainable, interoperable digital identity hubs for cross-border applications, the future of digital passports and the importance of encryption and multi-factor authentication (MFA) for securing sensitive data. The conversation also highlights the significance of thought leadership and maintaining a vendor-agnostic approach in identity security.

We are a month away from Oktane -- the biggest identity event of the year. Okta is bringing thousands of identity industry thought leaders, IT and security executives, and other tech leaders together on October 15-17 to discuss the changing landscape for security and identity, how organizations are putting identity first, new Okta products, and more. Harish Peri, Senior Vice President of Product Marketing, joins Enterprise Security Weekly to discuss what people should expect from Oktane this year, the conversations that will take place at the event and why it's important for security professionals to attend/tune in. This segment is sponsored by Oktane. Visit https://securityweekly.com/oktane2024 and use discount code OKTNSC24 to pay only $100 for your full conference pass! Show Notes: https://securityweekly.com/esw-375

Aaron Painter, CEO of NameTag, joins host David Puner for a conversation that covers several key themes, including the inadequacies of current identity verification methods, the rise of deep fakes and AI-generated fraud – and the importance of preventing identity fraud rather than merely detecting it. Aaron discusses the role of advanced technologies like cryptography, biometrics and AI in improving identity verification. He also highlights the critical issue of social engineering attacks at help desks and the need for trust in digital interactions.Aaron stresses the importance of preventing identity fraud by using a combination of cryptography, biometrics and AI, rather than solely relying on detection methods. He also touches on the challenges of verifying human identities and the need for platforms to verify their users to create safe online communities.Put your name on it and give it a listen! 

In this episode of Badasses in Tech, host Summer Mitchell sits down with Blake Hall, Founder and CEO of ID.me, to explore the frontlines of digital security in an age where deepfakes and generative AI challenge our sense of reality. Blake, a former Army Ranger and Harvard MBA graduate turned tech entrepreneur, brings a wealth of experience from combating threats both digital and physical. Blake reveals the surprising ways AI is being used for both good and ill, from transforming identity verification processes to confronting the dangers of deepfake technology. He also shares eye-opening insights on how ID.me has revolutionized identity protection, dramatically reducing fraud and enhancing access for underserved communities. ID.me allows individuals to create secure, private, and portable digital identities that provide access to a rapidly growing network of commercial and government services. More than 112 million Americans use their ID.me Wallet to easily verify their identity across 31 states, 14 federal agencies and over 500 name-brand retailers within ID.me's secure digital identity network. Tune in for a thought-provoking discussion that sheds light on the cutting-edge measures being taken to safeguard our digital identities and the future of trust in technology. Learn more at ID.me Visit www.badassesintech.com WE WANT TO HEAR FROM YOU! Share your feedback, submit topic requests, or inquiries to: Instagram:⁠⁠⁠ ⁠⁠https://www.instagram.com/summitchell92⁠⁠⁠⁠⁠ Email: ⁠⁠⁠badassesintech@gmail.com⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/summerfalgiano⁠⁠⁠⁠⁠⁠ Ready to scale your business through public relations, video production and podcasts?  Visit ⁠⁠⁠⁠⁠www.growthstackmedia.com⁠⁠⁠ ⁠⁠to schedule a call or email ⁠⁠⁠⁠info@growthstackmedia.com⁠⁠⁠⁠ --- Support this podcast: https://podcasters.spotify.com/pod/show/badassesintech/support

In this episode of the Trust Issues podcast, Roland Cloutier, who served as TikTok's Global Chief Security Officer (CSO) from April 2020 to September 2022, joins host David Puner for a discussion that covers his extensive experience in the field of security. He previously held similar roles at ADP and EMC and is now a partner at the Business Protection Group.Roland discusses his challenges in protecting sensitive data at TikTok, the social media platform with over 1 billion active users. He also talks about the complexities of ensuring data security and compliance. Roland emphasizes the importance of identity in modern security, explaining how privilege controls across the IT estate are crucial for protecting workforce users, third-party vendors, endpoints and machine identities.Roland also highlights the need for a deep understanding of the business and its culture to implement security measures effectively. He shares insights into the role of identity in determining access to data and the importance of continuous controls assurance and validation. The episode provides a fascinating look into the security imperatives of a major social media platform and the measures taken to protect user data. Listeners will gain valuable insights into the strategies and principles Roland employed during his tenure at TikTok, as well as his broader views on security and privacy in the digital age.

Okta CEO Todd McKinnon says clients are increasingly asking about resiliency in identity security — a mission-critical enterprise application — amid the fallout of the CrowdStrike global outage. In this episode of Bloomberg Intelligence's Tech Disruptors podcast, BI tech analyst Mandeep Singh talks with McKinnon about the moats that Okta has carved over Microsoft, consolidation in cybersecurity, the application of generative AI and more

In this episode of the Trust Issues podcast, Debashis Singh and host David Puner explore the intricate world of digital transformation and identity security. Debashis, the Global CIO at Persistent Systems, shares his frontline insights on the singular challenges and strategies organizations face on their digital transformation journeys. The conversation highlights the importance of integrating identity security into digital initiatives, ensuring compliance – and protecting against the evolving cyber threat landscape.Debashis also discusses the delicate balance between innovation and security, the impact of AI on cybersecurity and the significance of organizational cyber awareness. Additionally, he talks about the role of generative AI in the industry and the potential risks it poses, such as sophisticated deepfake attacks and ransomware threats.This episode offers valuable perspectives on how businesses can navigate the complexities of digital transformation while maintaining robust security measures to safeguard their operations and identities.

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Umaimah Khan, CEO & Co-Founder at Opal Security, a data-centric identity security platform that has raised $32 Million in funding.   Here are the most interesting points from our conversation:   Background and Start: Umaimah initially aimed to be a math professor before transitioning to cryptography and ultimately catching the startup bug. Her experience at various startups, especially with scaling security and compliance systems, directly influenced her founding of Opal Security. Early Days of Opal Security: The first three months of Opal Security involved intense research and discussions to shape the product's architecture, deeply influenced by Umaimah's background in cryptography and her prior startup experiences. Unique Challenges of Identity Security: Umaimah views identity security as one of the last great enterprise frontiers, difficult to solve due to constant technological evolutions that outpace the ability of security protocols to adapt. Marketing Philosophy: Opal Security aims to cut through typical marketing noise by directly demonstrating the tangible value of their products to customers, contrasting with the complex and often opaque marketing strategies prevalent in the security sector. Approach to Scaling Adoption: Umaimah emphasizes the importance of user-friendly product design even in complex enterprise environments, drawing parallels to Slack's transformation of IRC into a tool accessible beyond engineering teams. Vision for the Future: Looking ahead, Umaimah sees Opal Security playing a critical role in shaping the future of access and authorization as technological landscapes and regulatory environments evolve, potentially impacting how identity security is approached globally. //   Sponsors: Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership. www.FrontLines.io The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe.  www.GlobalTalent.co  

In this episode of Trust Issues, we dig into the recent the global IT outage caused by a CrowdStrike software update, which impacted millions of Microsoft Windows endpoints and disrupted many sectors. This "black swan" event highlights, among other things, the importance of preparedness, adaptability and robust crisis management. CyberArk Global Chief Information Officer (CIO) Omer Grossman discusses with host David Puner the outage's ramifications, the shaking of trust in technology – and the criticality of resilience against cyberthreats. This conversation underscores the need to be ready for the unexpected and the value of adaptability and resilience in unforeseen circumstances. 

Identity, the security threat that keeps on giving. For the 17th year in a row, identity is one of the top threats identified in the Verizon DBIR. Why? Dor Fledel, Senior Director of Product Management at Okta and Co-Founder of Spera, joins Business Security Weekly to discuss the challenges of identity and how to solve them. From numerous disparate identity systems to a proliferation is SaaS application usage, Dor explains why Identity SecurityPosture Management is critical component to identify vulnerabilities, prioritize risks, and streamline remediation. If you're struggling with securing your identities, don't miss this interview. Segment Resources: https://www.okta.com/products/identity-security-posture-management/ https://www.okta.com/secure-identity-commitment/ This segment is sponsored by Okta. Visit https://www.securityweekly.com/okta to learn more about them! The CISO role has been evolving for 20 years, but the last 2 years have accelerated that evolution. Some might say it's evolving into extinction. What are the factors driving this evolution? Allan Alford, CEO at Alford and Adams Consulting and host of The Cyber Ranch Podcast, joins Business Security Weekly to discuss this evolution and some of the factors driving these trends. In this interview, Allan will share his insights: Migratory Trends of the CISO CISO Skill Sets: Technical or Business? The Language of the CISO Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-358

Identity, the security threat that keeps on giving. For the 17th year in a row, identity is one of the top threats identified in the Verizon DBIR. Why? Dor Fledel, Senior Director of Product Management at Okta and Co-Founder of Spera, joins Business Security Weekly to discuss the challenges of identity and how to solve them. From numerous disparate identity systems to a proliferation is SaaS application usage, Dor explains why Identity SecurityPosture Management is critical component to identify vulnerabilities, prioritize risks, and streamline remediation. If you're struggling with securing your identities, don't miss this interview. Segment Resources: https://www.okta.com/products/identity-security-posture-management/ https://www.okta.com/secure-identity-commitment/ This segment is sponsored by Okta. Visit https://www.securityweekly.com/okta to learn more about them! Show Notes: https://securityweekly.com/bsw-358

The emergence of generative AI has caused us to rethink things on two fronts: how we consume threat detection data, as defenders how we need to shift our thinking and approaches to prepare for attackers' newfound GenAI capabilities But wait - is GenAI even useful for defenders or attackers? We'll dive deep into the state of AI as it pertains to security operations, just as Gartner announces that AI is hitting the trough of disillusionment. What better time to dispel the hype and focus on where real progress can be made? Edward Wu thinks so! Understandably so, as his startup, Dropzone.ai is making a big bet on generative AI to change the face (and pace) of security operations. We'll talk about what has changed here, and I have so many questions: after many generations of AI/ML technology in security, is the current gen really that dramatically different? Dropzone is far from the only startup with the same idea here, how will they differentiate? Is the problem that we need more help than we can possibly hire, or are we fundamentally doing something wrong in security operations? Specifically, what is this tech doing to help? Finally, we'll wrap by talking about where this tech goes next, and can we get there with current technology, or are we dependent on more breakthroughs from companies like OpenAI, Anthropic, and Meta? This week, on Enterprise Security Weekly, we've got: Identity Security gets more funding Wiz walks away BlackHat Announces Startup Spotlight Finalists Crowdstrike post mortem Simple Security Tricks are the Best Security Tricks Splitting the CISO role Web scraping for AI is out of control SEC vs Solarwinds Vaping the Internet Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-369

The emergence of generative AI has caused us to rethink things on two fronts: how we consume threat detection data, as defenders how we need to shift our thinking and approaches to prepare for attackers' newfound GenAI capabilities But wait - is GenAI even useful for defenders or attackers? We'll dive deep into the state of AI as it pertains to security operations, just as Gartner announces that AI is hitting the trough of disillusionment. What better time to dispel the hype and focus on where real progress can be made? Edward Wu thinks so! Understandably so, as his startup, Dropzone.ai is making a big bet on generative AI to change the face (and pace) of security operations. We'll talk about what has changed here, and I have so many questions: after many generations of AI/ML technology in security, is the current gen really that dramatically different? Dropzone is far from the only startup with the same idea here, how will they differentiate? Is the problem that we need more help than we can possibly hire, or are we fundamentally doing something wrong in security operations? Specifically, what is this tech doing to help? Finally, we'll wrap by talking about where this tech goes next, and can we get there with current technology, or are we dependent on more breakthroughs from companies like OpenAI, Anthropic, and Meta? This week, on Enterprise Security Weekly, we've got: Identity Security gets more funding Wiz walks away BlackHat Announces Startup Spotlight Finalists Crowdstrike post mortem Simple Security Tricks are the Best Security Tricks Splitting the CISO role Web scraping for AI is out of control SEC vs Solarwinds Vaping the Internet Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-369

In this episode of the Trust Issues podcast, we explore the transformative impact of artificial intelligence (AI) on identity security. Guest Peretz Regev, CyberArk's Chief Product Officer, joins host David Puner, for a discussion about how AI is reshaping cyber protection, offering solutions that are as intelligent as they are intuitive. With the ability to predict threats and adapt with unprecedented agility, AI is ushering in a new era of proactive security. Regev shares insights into the company's strategic vision and the role of AI in enhancing customer security and productivity. He also discusses the launch of CyberArk's AI Center of Excellence and the introduction of CyberArk CORA AI, an umbrella of AI capabilities infused within CyberArk's products.Join us as we examine the challenges and opportunities presented by AI in the cybersecurity landscape, the importance of fostering a culture of innovation and how CyberArk is leading the charge in securing identities in the AI era. This episode is a must-listen for anyone interested in the intersection of AI and identity security – and the future of cyber protection.

In the latest episode of the Trust Issues podcast, the focus is on the criticality of time in organizational security. The conversation with host David Puner and guest Katherine Mowen, SVP of Information Security at Rate (formerly Guaranteed Rate), highlights the importance of swift decision-making and prompt threat response. They discuss the role of just-in-time (JIT) access and AI in accelerating response times, as well as the ever-evolving threat landscape that requires constant vigilance. The episode emphasizes the strategies and technologies shaping the future of cybersecurity, particularly at the intersection of time management and identity protection. Join us for a timely discussion that underscores the intersection of time management and identity protection.

In this special 5-year anniversary episode of the Identity at the Center podcast, hosts Jeff and Jim dive deep into the ongoing debate between centralized and decentralized identity management. They discuss key concepts such as single sign-on, the importance of evaluating and questioning identity management strategies, and the need to balance usability with security. The episode also covers the importance of having an IAM strategy and roadmap, detailing the steps to create, assess, develop recommendations, build a roadmap, and communicate effectively. They share personal insights, funny behind-the-scenes stories, and emphasize the value of community support. The episode concludes with Jim and Jeff looking forward to the future of the podcast and thanking their listeners for their continued engagement. 00:00 Introduction and Greetings 00:25 Centralized vs Decentralized Identity Management 03:19 Risk-Based Approach to Identity Management 05:10 The IAM Submarine Analogy 06:40 Podcast Milestones and Community Engagement 08:37 Reflections on Podcast Journey 16:47 Developing an IAM Strategy 33:02 The Magic Number: Why Three is Key 33:12 Grouping Recommendations into Projects 35:21 The Importance of Strategy Over Tactics 36:22 Creating and Implementing a Roadmap 37:59 Customizing Your Roadmap for Your Organization 42:39 Prioritizing and Communicating Your Strategy 49:03 Maintaining Momentum and Adjusting the Roadmap 55:09 Behind the Scenes: Podcast Production Insights Attending Identity Week in Europe, America, or Asia? Use our discount code IDAC30 for 30% off your registration fee! Learn more at: Europe: https://www.terrapinn.com/exhibition/identity-week/ America: https://www.terrapinn.com/exhibition/identity-week-america Asia: https://www.terrapinn.com/exhibition/identity-week-asia/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com and watch at https://www.youtube.com/@idacpodcast

In this episode of Trust Issues, Daniel Schwartzer, CyberArk's Chief Product Technologist and leader of the company's Artificial Intelligence (AI) Center of Excellence, joins host David Puner for a conversation that explores AI's transformative impact on identity and access management (IAM). Schwartzer discusses how CyberArk's AI Center of Excellence is equipping the R&D team to innovate continuously and stay ahead of AI-enabled threats. Learn about the future of AI in IAM, the role of AI in shaping new business models and the importance of an experimentation culture in driving user experience (UX) improvements. Gain insights into the methodical, data-driven approaches to monetization strategies and the significance of learning from on-the-job experiences. This episode is a must-listen for anyone interested in the intersection of AI and IAM, and the opportunities it presents for leading the transition in the industry. Tune in to uncover what's coming down the AI pike and how it will influence the future of IAM.For more from Daniel on this subject, check out his recent blog, "Predicting the Future of AI in Identity and Access Management." 

"Identity security has been around forever though", you might be thinking. Allow me to clarify. Identity is the largest cybersecurity product category, but most of it is focused on identity governance, authentication, multi-factor, etc. Very little of it is focused on operational identity security. It's this trend, where we recently (within the last 2 years) started seeing the ITDR (Identity Threat Detection and Response) acronym that we'll be focused on today. Particularly: Why is this trend/spike occurring now? What was or is missing to do identity security properly? What does the future of securing identity look like? And it's difficult to do better for this conversation than Will Lin. He spent the last half decade as a VC. On a daily basis, he was looking at the big picture of cybersecurity markets and trends. He discussed security challenges with CISOs and other security buyers on a regular basis, both directly and through the Security Tinkerers community he founded. All this led to a decision to quit the VC world to become a founder himself. Of all the categories he could have chosen, he chose identity security, and that's why we're happy to have him for this conversation. Segment Resources: The Future of Identity AKA Identity promo video focused on the future of Identity We start off discussing the latest round of fundings, centered largely around data security and securing LLM use. This dovetails into a discussion about marketing language and how difficult it can be for buyers to work out what the latest round of early stage startups are doing. Next, we discuss Cloudflare and Bugcrowd's acquisitions, as well as Synopsys's divestiture of its appsec portfolio. From here, we dive into a raft of new features across both IT and cybersecurity products, like Azure, Dashlane, LastPass, and PagerDuty. Discussing Huntress's active remediation feature triggers a conversation about this latest product trend: vendors seem to think buyers are ready for fully automated remediation actions. We're not so sure they are. To wrap up the cybersecurity coverage, Brandon Dixon has an interesting tutorial regarding a Security Copilot use case that looks a LOT like the default phishing enrichment use case that has been used for every SOAR POC ever. To clarify, this is a great piece in that it is all practical, has no marketing fluff, and shows you how to do something useful with Security Copilot. Where it pulls up short is managing to live up to the hype we've been hearing about Security Copilot from day one. We agree to table the discussion on Microsoft Recall until we know more about what GA of the feature will look like, and then dig into a VERY interesting squirrel story about an audio-based hacking puzzle created by a rock band. The interview will delve into the healthcare industry's tumultuous year in 2023, marked by 124 million breached health records across 725 hacking incidents (according to The HIPAA Journal). This interview will explore the critical role that MSSPs play in safeguarding health data and systems against potential security incidents, such as ransomware and business email compromise attacks. Jim Broome will share how to proactively prepare for an incident - including establishing a comprehensive incident response plan, outlining strategies for containment, restoration, and ongoing security operations, and how an MSSP can help. Segment Resources: Tales from the Road Blog: An External Pen Test at a Healthcare Organization Reveals the Dangers of the Dark Web - https://www.directdefense.com/tales-from-the-road-an-external-pen-test-reveals-the-dangers-of-the-dark-web/ 2023 Security Operations Threat Report: https://go.directdefense.com/2023-Security-Operations-Threat-Report This segment is sponsored by DirectDefense. Visit https://securityweekly.com/directdefensersac to learn more about them! In the dynamic landscape of cybersecurity, the urgency to eliminate passwords as a security vulnerability has never been more critical. Organizations are continuing to face a surge in the variety and complexity of cyber threats at historical rates, often fueled by compromised employee login credentials – resulting from attacks such as phishing which has been exacerbated by the rise in use of Artificial Intelligence (AI). The 2023 Verizon Data Breach Investigations Report underscores the staggering impact of breaches caused by stolen credentials, accounting for a staggering 74% of incidents. Christopher Harrell, Yubico's Chief Technology Officer, shares how organizations can achieve passwordless authentication at scale with high assurance phishing-resistant multi-factor authentication (MFA) to elevate their security posture against phishing attacks while creating phishing-resistant users. Segment Resources: https://www.yubico.com/blog/empowering-enterprise-security-at-scale-with-new-product-innovations-yubikey-5-7-and-yubico-authenticator-7/ https://www.yubico.com/press-releases/yubicos-key-product-innovations-empower-enterprise-security-and-phishing-resistant-passwordless-authentication-at-scale/ This segment is sponsored by Yubico. Visit https://securityweekly.com/yubicorsac to learn more about them! In this podcast segment, we delve into Sophos' fifth annual State of Ransomware report, exploring significant findings and trends in the evolving ransomware landscape. We'll discuss the sharp increase in recovery costs, the strategic targeting of backups by hackers, and the evolving role of cyber insurance in ransom payments. Our discussion will provide insights into how organizations can adapt their cybersecurity measures to mitigate these heightened threats and recover more effectively from attacks. Segment Resources: Blog: The State of Ransomware 2024 Report: https://assets.sophos.com/X24WTUEQ/at/9brgj5n44hqvgsp5f5bqcps/sophos-state-of-ransomware-2024-wp.pdf Press release: Ransomware Payments Increase 500% In the Last Year, Finds Sophos State of Ransomware Report This segment is sponsored by Sophos. Visit https://www.securityweekly.com/sophosrsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-364