The Rise Of Contextual Access And Adaptive Security

7 snips

Apr 4, 2026

John Walsh, a technology executive specializing in endpoint and edge security who drives zero trust and IT/OT convergence at IGEL, discusses real-world moves from theory to implementation. He covers IGEL’s growth into IT and OT, persona-based adaptive secure desktops, AI-driven increases in threat velocity, and protections for non-human identities. The focus is on contextual, least-privilege access and preventative control.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

IGEL Driving IT‑OT Convergence

IGEL is becoming a global standard across IT and OT, enabling contextual access controls on factory floors and kiosks.
John Walsh described integrations with Siemens/Rockwell, RDP support, and immutable read-only execution planes to meet ISA/IEC 62443 needs.

INSIGHT

Adaptive Secure Desktop Goes Persona Based

Adaptive secure desktops move beyond VDI to persona‑based sessions on shared stations with contextual and least‑privilege access.
Walsh used healthcare (nurses/doctors at same workstation) and manufacturing shipping stations as concrete examples.

INSIGHT

AI Compresses Vulnerability Timelines

Attack velocity has compressed from ~45–50 days to about 5 days between vulnerability discovery and exploit, amplified by AI.
Walsh warned this forces a shift toward preventative, zero‑trust controls because humans and traditional detection can't keep pace.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

What does it really take to move from talking about Zero Trust… to actually making it work in the real world?

Recording live from IGEL Now And Next in Miami, I caught up with John Walsh for what has now become something of a tradition, our third conversation together, and one that reflects just how much has changed in the last 12 months.

When we last spoke, the focus was on securing the edge and rethinking security through a preventative lens. This time, the conversation has expanded from IT to OT, from devices to platforms, and from theory to real-world implementation across manufacturing floors, healthcare environments, and government organizations.

John shared how IGEL is increasingly being adopted as a global standard across both IT and operational environments, bringing new challenges and new insights. From kiosks and signage on factory floors to shared workstations in hospitals, the need for persona-based and now context-aware access is becoming far more than a technical concept. It is shaping how organizations think about identity, risk, and control at scale.

We also explored how the idea of the "adaptive secure desktop" is evolving beyond traditional VDI thinking. Instead of static devices, the focus is shifting toward environments that respond dynamically to the user, their role, their location, and the level of risk in that moment. It raises an important question. How do you deliver that level of control without introducing friction for the user?

AI inevitably entered the conversation, but not in the way many might expect. Rather than focusing on features, John highlighted the acceleration of threat velocity. The time between vulnerability discovery and exploitation is shrinking rapidly, and with AI amplifying that speed, traditional detection and response models are struggling to keep up. The implication is clear. Security strategies need to shift toward prevention and control, not just reaction.

We also touched on emerging challenges around agentic AI, non-human identities, and the need to apply Zero Trust principles beyond people to machines. As organizations begin to explore these new models, questions around identity, access, and guardrails are becoming more complex and more urgent.

And throughout the conversation, one theme kept coming back and reducing complexity while increasing control. Whether it is through immutable operating systems, centralized policy enforcement, or contextual access, the goal is to simplify the environment while strengthening security outcomes.

As organizations continue their journey toward modernization, one question remains: Are we still layering new technology onto old models, or are we ready to rethink how access, identity, and control are delivered from the ground up?

What do you think, is Zero Trust finally becoming real at the endpoint, or is there still a gap between strategy and execution?