#356 - Mr. NHI, Lalit Choda, on Securing the Exploding World of NHI

Jun 23, 2025

Lalit Choda, founder and CEO of the Non-Human Identity Management Group and former investment-banking identity practitioner, walks through the exploding world of non-human identities. He covers why NHIs are trending, the scale and discovery challenges, limits of PAM and IGA, vaulting and metadata pitfalls, risk-based prioritization, and the new threats introduced by AI.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ANECDOTE

From Weekend White Paper To NHI Community

Lalit created the Non-Human Identity Management Group and NHIMG.org after publishing a weekend white paper that unexpectedly drew major attention.
That side project grew into a full-time mission to educate and evangelize NHI best practices.

INSIGHT

Hyperfragmentation Drives NHI Risk

Hyperfragmentation (multi-cloud, SaaS, containers, APIs) has exploded NHI risk and discovery surface area.
Threat actors now harvest exposed secrets (e.g., millions in GitHub) to bypass human credential attacks.

INSIGHT

What A Non‑Human Identity Really Is

Non-human identities are digital credentials used by applications, automated processes, and devices to operate without humans.
They underpin almost all software operations and require identity thinking similar to humans.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

Join Jim McDonald and Jeff Steadman on the Identity at the Center podcast as they welcome Lalit Choda, founder and CEO of the Non-Human Identity Management Group. Lalit, also known as "Mr. NHI," shares his journey from investment banking to becoming a leading expert in non-human identities. This episode delves into the critical and often overlooked world of NHI, exploring why it's such a hot topic now, the challenges practitioners face in managing these identities, and how to approach the problem from a risk-based perspective. Lalit discusses the limitations of traditional PAM and IGA tools for NHI, the importance of foundational controls, and the alarming implications of AI on non-human identity management. Plus, hear a fun segment about vinyl records and some surprising finds!

Chapter Timestamps:00:00:00 - Introduction to Lalit Choda and the NHI Community00:02:31 - Welcome to the Identity at the Center Podcast & IdentiVerse Discussion00:06:18 - Lalit Choda's Identity Origin Story: From Mr. SOX to Mr. NHI00:12:03 - Why Non-Human Identities Are a Big Deal Right Now00:15:37 - Defining NHI and the Practitioner's Framework00:19:13 - The Scale and Challenges of NHI Management00:23:01 - New Types of NHI and Tooling Limitations00:27:12 - The Lack of a Single Source of Truth for NHI00:33:57 - Prioritizing NHI Management and the Role of PAM00:38:58 - A Risk-Based Approach to NHI and Foundational Controls00:48:15 - What Scares Lalit Most About NHI (and AI)00:50:54 - Lalit's Impressive Vinyl Collection00:56:38 - Jim and Jeff's First, Best, and Favorite Albums01:01:15 - The Intersection of Music and Non-Human Identities01:02:00 - Wrapping Up & Where to Find More Information

Connect with Lalit: https://www.linkedin.com/in/lalit-choda-5b924120/

Non-Human Identity Management Group: https://www.nhimg.org/

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at http://idacpodcast.com

Keywords:Lalit Choda, Non-Human Identity, NHI, Machine Identity, Workload Identity, Identity Management, Cybersecurity, PAM, IGA, Privilege Access Management, Identity Governance and Administration, Secrets Management, Cloud Security, AI, Artificial Intelligence, DevSecOps, Risk-Based Approach, Identity Security, Service Accounts, Identity at the Center, IDAC, Jeff Steadman, Jim McDonald, IdentiVerse, Vinyl Collection, Podcast, Mr. NHI

#idac #nonhumanidentity #machineidentity #cybersecurity #identityaccessmanagement #IAM #infosec #digitalidentity #workloadsecurity #devsecops #cloudsecurity #privilegedaccessmanagement #identitygovernance #zerotrust #nhi #mrnhi