Identity at the Center

Join hosts Jeff Steadman and Jim McDonald for a special live episode recorded on location at Identiverse DC! In this interactive session, Jeff and Jim host a game of "Majority Rules," where the audience competes not to answer correctly, but to guess the most popular answer in the room.The game covers a wide range of topics, from the trivial (worst conference swag and the official uniform of an IAM architect) to the technical (securing API keys, the biggest bottlenecks in IGA, and the primary causes of role explosion).Things get intense halfway through with the introduction of the Battle Royale rules, where picking the minority answer sends a player's score back to zero. Watch to see who survives the explosions and takes home the grand prize.Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comChapter Timestamps00:00 Intro to Identity at the Center Live00:36 Explaining the Rules of Majority Rules04:25 Question 1: The Worst Conference Swag06:00 Question 2: Replying to Access Denied07:05 Question 3: AI in Identity Management08:40 Question 4: Favorite MFA Method10:12 Question 5: Least Favorite Auth Factor11:15 Turning up the Heat: Battle Royale Mode12:10 Question 6: Why RBAC is Difficult at Scale13:30 Question 7: The IAM Architect Uniform14:50 Question 8: Best Place to Hide a Secret16:15 Question 9: Protocols You Secretly Miss17:25 Question 10: Most Hated Specialized Key18:40 Question 11: Conference Responsibilities20:00 Question 12: Securing API Keys21:20 Question 13: Secrets to Surviving Keynotes22:55 Question 14: The Biggest Bottleneck in IGA24:45 Question 15: Causes of Role Explosion25:50 Question 16: What Breaks First After a Schema Update26:40 Final Question: Fastest Way to Confuse a User27:40 Crowning the WinnerKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Identiverse, Identiverse DC, IAM, Identity and Access Management, Cybersecurity, InfoSec Game Show, Live Podcast, Majority Rules, MFA, IGA, API Security, RBAC, Role Explosion, Tech Humor, Cyberrisk Alliance

In this lively discussion, John DelMauro, Executive VP at Cyber Risk Alliance, shares insights on the vibrant atmosphere of Identiverse DC compared to massive Las Vegas events. He explores the rising influence of AI in marketing and event planning and gives a sneak peek into innovative networking algorithms for future gatherings. John also shares his dream conference idea centered around health and longevity, while the hosts reveal their quirky conference aspirations. It's a captivating glimpse into the future of identity and event experiences!

Tobin South, co-chair of the OpenID Foundation's AI Identity Management Community Group, dives into the future of identity management for agentic AI. He discusses the evolution of AI perceptions, particularly after ChatGPT, and explains the vital distinctions between users and AI agents. Tobin provides insights on the Model Context Protocol (MCP), emphasizing its role in safe automation and identity governance. He also tackles the challenges of impersonation versus delegation risks, while sharing practical advice for developers navigating the AI landscape.

David Goldschlag, CEO and co-founder of Aembit, discusses securing non-human access amidst the rise of AI agents. With a rich history that includes contributions to Tor, he highlights the critical flaws in using human credentials for AI, such as increasing theft risks and undermining security. David emphasizes the need for a shift to managing access policies and outlines real-world use cases in finance and retail. He also explores hybrid versus autonomous agents, the importance of audit measures, and offers practical advice for identity practitioners navigating this rapidly evolving landscape.

Join John Tolbert, Director of Cybersecurity Research at KuppingerCole Analysts, as he unpacks the complex world of Fraud Reduction Intelligence Platforms (FRIP). He covers the six essential capabilities of fraud systems and the dual role of AI in preventing and facilitating fraud. Dive into the importance of shared signals among vendors and how usability dictates FRI adoption. Plus, enjoy a light-hearted chat about favorite concerts and legendary bands they wish they'd seen. It's a blend of serious insights and fun musical nostalgia!

In this engaging discussion, Mike Reiring, a Principal at RSM with a focus on managed services, dives into how MSPs are evolving in the tech landscape. He highlights the critical differences between MSPs and MSSPs, stressing the importance of choosing a partner that values transparency and cultural fit. The conversation also explores the impact of AI on help desks and problem management, as well as the challenges of vendor gaps and identity risk. Mike shares his passion for photography, linking creativity to tech and continuous learning.

Join Ross Young, a seasoned cybersecurity leader and co-host of the CISO Tradecraft podcast, alongside G Mark Hardy, a veteran cybersecurity expert and instructor. They dive into pressing CISO concerns, including AI security, identity management, and the challenges of deep fakes. The duo discusses identity as the new perimeter in security and offers practical strategies for securing funding for identity initiatives. They also speculate on AI's impact on cybersecurity careers and share insights about non-human identities and the importance of governance.

In a fascinating discussion, Dr. Heiko Klarl reveals how Nexis enhances authorization governance for modern enterprises. He underscores the significance of visibility in identity systems and introduces the innovative Identity Visibility and Intelligence Platform. The conversation delves into Nexis's health check service, which identifies risks and minimizes unnecessary access, potentially saving on licensing costs. Listeners will learn how automation and integration streamline application onboarding and amplify the impact of identity programs.

Andrew Shikiar, Executive Director of the FIDO Alliance, shares insights from Authenticate 2025. With over 3 billion passkeys now securing accounts, he discusses their importance in the fight against phishing and the AI arms race. Andrew introduces the Passkey Index, aiming to streamline deployment benchmarks, and reveals FIDO's strategy to tackle challenges in digital credentials and wallet usability. He highlights global trends in passkey adoption and announces the exciting launch of Authenticate APAC in Singapore.

Dr. Tina Srivastava, PhD, a board member of IDPro and co-founder of Badge Inc., dives into the world of identity and AI. She explores the shift from physical hacks to AI-driven threats like supercharged phishing, emphasizing the urgent need for security evolution. Tina discusses the challenges of synced passkeys and vulnerabilities in account recovery. Additionally, she highlights the supportive IDPro community's role in combating these threats and announces new member-driven committees aimed at enhancing engagement and governance.