#397 - RSM & IDAC Present - The Intersection of Resiliency, Recovery, and IAM

Jeff Steadman is joined by RSM colleagues Rich Servillas and Charles John to explore the critical intersection of identity access management, operational resilience, and disaster recovery. Rich, a director from the cyber response group, shares insights from the front lines of ransomware and cloud intrusions, while Chuck, director of operational resilience, discusses the importance of business continuity planning. The conversation covers the true impact of security incidents on brand reputation and operations, the necessity of out-of-band communication, and why identity is often the first thing challenged and the last thing trusted during a crisis. The guests also provide practical advice for IAM professionals on reducing blast radius through standing privilege reduction and robust logging.

Connect with Rich: https://www.linkedin.com/in/richard-servillas-041a0551/

Connect with Chuck: https://www.linkedin.com/in/chuckjohn/

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at http://idacpodcast.com

Timestamps:

00:00:00 - Introduction and 2026 conference outlook

00:01:44 - Introducing guests Rich and Chuck from RSM

00:03:56 - Defining operational resilience and business continuity

00:06:22 - When and how to start the planning process

00:09:55 - Chuck's background in public health and emergency management

00:12:44 - The broad impact of incidents on brand and operations

00:16:45 - Key elements every recovery plan must include

00:19:14 - Defining incident severity and matrixes

00:21:52 - Identity as the new perimeter and its operational dependencies

00:24:57 - Why hackers log in rather than break in

00:26:46 - The first hours of a cyber incident response

00:29:35 - Current threat trends and the role of AI

00:31:29 - Updating plans through post-action debriefs

00:34:31 - Cyber insurance gaps and contractual SLAs

00:40:24 - Advice for identity professionals on reducing blast radius

00:46:10 - Personal milestones and looking forward to 2026

Keywords:

IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, IAM, Cybersecurity, Business Continuity, Disaster Recovery, Operational Resilience, RSM, Incident Response, Ransomware, Cyber Insurance, Identity Governance