#305 - Identity Week America with Ryan Galluzzo of NIST
Identity at the Center16 Syys 2024

#305 - Identity Week America with Ryan Galluzzo of NIST

In this episode of the Identity at the Center podcast, Jeff and Jim are live at the Identity Week America conference in Washington, DC. Welcoming Ryan Galluzzo, Identity Management Program Lead at NIST, they dive into recent NIST updates, including a mobile driver's license project, changes in public comment and revision processes, and the significance of user-controlled wallets. They also touch on self-sovereign identity, risk management, evolution in identity assurance levels, and the vital role of continuous evaluation and improvement. The episode concludes with a light-hearted discussion on the inquisitive nature of children and the spontaneous, enriching conversations that happen at industry conferences.

00:00 Welcome to Identity at the Center Podcast

01:26 Conference Highlights and Networking

02:47 Panel Discussions and Key Takeaways

05:07 Mobile Driver's License Project

07:09 Public Comment Draft and Feedback

11:40 Self-Sovereign Identity and Trust Issues

16:41 NIST Guidance and Risk Management

28:47 Introduction to RMF and Assurance Levels

29:05 Contextualizing Assurance Levels for Different Users

30:25 Continuous Evaluation and Improvement

34:28 User-Controlled Wallets and Federation

35:59 Account Recovery and Assurance Levels

37:18 Overview of NIST 800-63 Documents

51:25 Existential Questions and Personal Anecdotes

55:25 Conclusion and Final Thoughts

Connect with Ryan: ⁠https://www.linkedin.com/in/ryan-galluzzo-a100563b/⁠

Authenticate Conference - Use code IDAC15 for 15% off: ⁠https://authenticatecon.com/event/authenticate-2024-conference/⁠

Connect with us on LinkedIn:

Jim McDonald: ⁠https://www.linkedin.com/in/jimmcdonaldpmp/⁠

Jeff Steadman: ⁠https://www.linkedin.com/in/jeffsteadman/⁠

Visit the show on the web at ⁠http://idacpodcast.com⁠ and watch at ⁠https://www.youtube.com/@idacpodcast

Jaksot(394)

Identity At The Center #42 - Ron's IAM Program Framework

Identity At The Center #42 - Ron's IAM Program Framework

Jim and Jeff talk with Ron about the IAM program framework he is developing and some of the challenges some organizations face when it comes to IAM context and operations. Want to join the conversation? Leave us a message here: anchor.fm/identity-at-the-center/message or email us at questions@identityatthecenter.com.

4 Touko 202037min

Identity At The Center #41 - Server Access Management 101 with Paul

Identity At The Center #41 - Server Access Management 101 with Paul

Jim and Jeff talk with Paul Volosen from Centrify about the IAM concepts used to secure server access. Want to join the conversation? Leave us a message here: anchor.fm/identity-at-the-center/message or email us at questions@identityatthecenter.com.

27 Huhti 202051min

Identity At The Center #40 - IAM ROI

Identity At The Center #40 - IAM ROI

Jim and Jeff talk about how to develop a Return on Investment (ROI) strategy when it comes to IAM. Link to Auth0 Forrester report we discuss: https://auth0.com/forrester-total-economic-impact/ Risk Management Concepts: https://resources.infosecinstitute.com/category/certifications-training/cissp/domains/security-and-risk-management/cissp-risk-management-concepts/ Want to join the conversation? Leave us a message here: anchor.fm/identity-at-the-center/message or email us at questions@identityatthecenter.com.

20 Huhti 202039min

Identity At The Center #39 - Digital Transformation and CIAM

Identity At The Center #39 - Digital Transformation and CIAM

Jim and Jeff talk about how consumer/customer IAM (CIAM) is a fundamental part of a digital transformation strategy. Want to join the conversation? Leave us a message here: anchor.fm/identity-at-the-center/message or email us at questions@identityatthecenter.com.

13 Huhti 202042min

Identity At The Center #38 - Data Privacy Regulations are Dead On Arrival with Richard Bird

Identity At The Center #38 - Data Privacy Regulations are Dead On Arrival with Richard Bird

Jim and Jeff talk with Richard Bird, Chief Customer Information Officer at Ping Identity, about data privacy and why data privacy regulations are dead on arrival. LinkedIn article by Richard: https://www.linkedin.com/pulse/data-privacy-joke-your-town-nation-richard-bird/ Want to join the conversation? Leave us a message here: anchor.fm/identity-at-the-center/message or email us at questions@identityatthecenter.com.

6 Huhti 202050min

Identity At The Center #37 - Access Management with Andy

Identity At The Center #37 - Access Management with Andy

Jim and Jeff talk with Andy Clark, Principal Consultant at Okta, about access management including the why's of OIDC and SAML, scopes, and flows. To register for the free virtual Oktane 2020 conference, visit https://www.oktane20.com/ Want to join the conversation? Leave us a message here: anchor.fm/identity-at-the-center/message or email us at questions@identityatthecenter.com.

30 Maalis 202036min

Identity At The Center #36 - Assessing CIAM Maturity

Identity At The Center #36 - Assessing CIAM Maturity

Jim and Jeff talk about how assessing CIAM (customer/consumer identity & access management) can be different than an enterprise IAM assessment. Want to join the conversation? Leave us a message here: anchor.fm/identity-at-the-center/message or email us at questions@identityatthecenter.com.

23 Maalis 202050min

Identity At The Center #35 - Managing IAM Through A Pandemic

Identity At The Center #35 - Managing IAM Through A Pandemic

Jim and Jeff talk about the current global health situation and things to consider from an IAM perspective. Jeff also finds a way to talk baseball with Jim as it relates to the Houston Astros and their brute force hacking of pitchers and catchers for the last few seasons (allegedly). Want to join the conversation? Leave us a message here: anchor.fm/identity-at-the-center/message or email us at questions@identityatthecenter.com.

16 Maalis 202045min