#319 - Identity Security & Cyber Resilience with David Mahdi of Transmit Security

Nov 25, 2024

David Mahdi, CIO at Transmit Security and former Gartner analyst, brings deep experience in identity security and machine identities. He discusses why IAM must evolve into identity security, the rise and governance challenges of non-human identities, convergence of identity and cybersecurity, and the importance of cyber resilience and behavior-based monitoring.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Identity Security Is IAM's Next Evolution

Identity security is an evolution beyond IAM focused on threat awareness, behavior, and risk, not just joiner/mover/leaver productivity functions.
David Mahdi maps his career from endpoint security to Gartner to argue IAM must add behavior and threat context to be effective.

ADVICE

Add Behavior Detection And ML To Identity Controls

Do instrument identity usage and apply ML to spot normal versus abnormal behavior so you can act when identities behave oddly.
Jim McDonald and David Mahdi recommend layering behavioral detection (not just UEBA nostalgia) with automation to respond to anomalies.

INSIGHT

Productivity-First IAM Left A Security Gap

IAM vendors were built for productivity and thus left a security 'steel' gap in identity foundations that attackers exploit.
Mahdi points to high-profile breaches and MFA fatigue as proof that productivity-first designs are insufficient.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

In this episode of the Identity at the Center podcast, Jim McDonald is joined by guest David Mahdi, CIO at Transmit Security and former Gartner analyst. The discussion delves into the challenges of identity security and the necessity of transitioning from IAM to identity security to mitigate privacy, fraud, and scam risks. They explore the convergence of cybersecurity and identity, the rise of non-human identities, and the importance of cyber resilience. David shares insights from his global experiences and highlights the importance of behavior-based monitoring for both human and non-human identities. The episode wraps up with a lighter note as they discuss the perfect trail mix ingredients.

00:00 Welcome to the Identity at the Center Podcast 01:12 Guest Introduction: David Mahdi 02:35 The Evolution of Identity Security 04:13 The Importance of Identity Security 05:26 David Mahdi's Journey in Identity Security 07:20 Challenges in Identity and Access Management 10:10 The Role of Machine Learning in Identity Security 12:19 The Future of Identity Security 22:52 The Need for Convergence in Identity and Security Teams 33:01 Non-Human Identities and Their Management 41:00 Defining Roles and Responsibilities 41:46 Ignoring Non-Human Accounts 42:38 Emerging Threats and Risk Management 44:33 The Importance of Identity Security 46:46 Cyber Resilience in Modern Organizations 49:24 Cloud Services and Backup Plans 51:26 Ransomware and Data Access Governance 54:27 The Future of Identity Security 01:07:53 Trail Mix and Lighter Notes 01:14:32 Closing Remarks and Upcoming Events

Connect with David: https://www.linkedin.com/in/dmahdi/

Learn more about Transmit Security: https://transmitsecurity.com/

Gartner IAM Summit - Save $375 on registration using our exclusive code IDAC375: https://www.gartner.com/en/conferences/na/identity-access-management-us

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at http://idacpodcast.com

Keywords: Identity Security, IAM, Cyber Resilience, Machine Identity, Non-Human Identity, Digital Transformation, Cloud Security, Zero Trust, Data Breach, Risk Management, ITDR, MFA Fatigue, Deepfakes, Gen AI, Copilot, Claude AI, Decentralized Identity, Quantum Computing, Ransomware, Data Access Governance, Transmit Security, Gartner IAM Summit, FIDO Authenticate Conference.