In this episode of the Identity at the Center Podcast, hosts Jeff and Jim delve into the intricacies of compliance, governance, and cybersecurity with special guest and colleague Kia Smith, a director in RSM's Security and Privacy Risk Consulting practice. They explore the foundational role of compliance activities such as Sarbanes-Oxley, the crucial need to align governance with security, and the rising complexity of regulatory environments driven by third-party dependencies. Kia provides valuable insights into the Cybersecurity Maturity Model Certification (CMMC) and its widespread implications for industries beyond defense. The discussion also touches upon the relevance of legal language in contracts to manage risk effectively, the role of AI in compliance frameworks, and the importance of continuous compliance validation.
Chapters
00:00 Understanding Compliance: Beyond Check-the-Box
01:58 Introduction to the Podcast
03:46 The Importance of a Well-Rounded Identity Professional
06:38 Upcoming Conferences and Discount Codes
08:51 Meet Our Guest: Kia Smith
09:36 Kia's Journey from Law to Cybersecurity
13:50 The Role of a Director in Consulting
19:37 Compliance vs. Security: A Balanced Approach
21:41 The Evolving Regulatory Landscape
25:00 Managing Third-Party Risks
32:21 Setting IAM Security Standards
32:54 Cloud Service Offerings and FedRAMP
34:07 Procurement and Security Collaboration
34:45 Contractual Security Requirements
35:24 Business Involvement in Security Decisions
36:26 Reviewing Security Practices
37:10 Governance and Risk Acceptance
41:12 Impact of Regulations on Industries
42:58 CMMC and Its Broad Implications
51:30 AI in Compliance and Cybersecurity
55:33 Pickle Pops and Lighthearted Farewell
Connect with Kia: https://www.linkedin.com/in/kia-smith-mpp-cisa/
Learn more about RSM’s Digital Identity Consulting: https://rsmus.com/services/risk-fraud-cybersecurity/cybersecurity-business-vulnerability/identity-and-access.html?cmpid=ola:45559-idac:bb01
Conference Discounts!
Gartner IAM Summit - Code IDAC425 saves 425€: https://www.gartner.com/en/conferences/emea/identity-access-management-uk
European Identity and Cloud Conference 2025 - Use code idac25mko for 25% off: https://www.kuppingercole.com/events/eic2025?ref=partneridac
Identiverse 2025 - Use code IDV25-IDAC25 for 25% off: https://identiverse.com/
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
Identity at the Center