#319 - Identity Security & Cyber Resilience with David Mahdi of Transmit Security

Join Jim McDonald and Jeff Steadman on Identity at the Center as they sit down with Kristina Yasuda, Product Owner, and Dr. Torsten Lodderstedt, Project Lead for the German EUDI Wallet project. Recorded at EIC 2025, this episode delves into the ambitious European Union initiative to create a digital identity wallet for all its citizens.Kristina and Torsten discuss the vision behind the EUDI Wallet, the political will driving it, and the funding making it a reality. They explore the challenges and complexities of aligning multiple parties, standardizing technical specifications, and the goal of digitizing everything from government-issued IDs to driving licenses and ePrescriptions.Learn about the Federal Agency for Breakthrough Innovation (SPRIN-D), the importance of a transparent and collaborative development process, and how Germany aims to provide a secure, privacy-preserving, and interoperable digital wallet ecosystem. The discussion also touches on digital sovereignty, the role of platform providers like Google and Apple, the aggressive timelines, and the potential global impact of this initiative.Find out how the EUDI Wallet aims to put users in the driver's seat, ensure non-discriminatory access, and foster a flourishing digital economy in Europe.Chapters00:00 Introduction: Vision, Political Will, and Funding00:50 Blockchain vs Federated Identity: Bridging the Gap01:47 Welcome to the Identity of the Center Podcast03:18 Meet the Guests: German EUDI Wallet Project03:42 Christina's Journey into Identity06:05 Torsten's Background in Identity08:31 The EUDI Wallet Project: Scope and Goals12:19 Challenges and Opportunities in Digital Identity15:38 Production and Adoption of Digital Wallets20:53 Digital Sovereignty and Interoperability26:16 Government's Role in Digital Identity26:54 Certification and Recognition of Wallet Providers27:21 Cultural Differences in Government-Provided IDs27:53 Challenges and Timelines for Digital Wallet Implementation28:25 Legal Obligations and Compliance29:10 Public vs. Private Sector in Digital Identity30:13 Barriers to Widespread Adoption31:26 Complexities of Wallet-Based Systems33:23 Global Interoperability and Standards33:59 Technical Specifications and Convergence36:05 Multi-Step Process for Implementation38:26 Transition Period and Global Considerations42:49 Digital Driver's License and Real-World Applications46:17 Final Thoughts and Future Outlook46:23 Fun and Lighthearted EndingConnect with Kristina: https://www.linkedin.com/in/kristinayasudaConnect with Dr. Torsten: https://www.linkedin.com/in/dr-torsten-lodderstedt/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:EUDI Wallet, Digital Identity, European Union, Germany, Kristina Yasuda, Torsten Lodderstedt, Identity Management, Self-Sovereign Identity (SSI), Digital Sovereignty, Interoperability, Technical Standards, OpenID, Verified Credentials, Federal Agency for Breakthrough Innovation, Sprint, EIC 2025, Government Issued ID, Digital Transformation, Privacy, Security, User Control, Mobile Driver's License, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald#EUDIWallet #DigitalIdentity #EuropeanUnion #Germany #KristinaYasuda #TorstenLodderstedt #IdentityManagement #SelfSovereignIdentity #SSI #DigitalSovereignty #Interoperability #OpenID #VerifiedCredentials #EIC2025 #GovernmentID #DigitalTransformation #Privacy #Security #UserControl #MobileDriverLicense #IDAC #IdentityAtTheCenter #JeffSteadman #JimMcDonald #DigitalWallet #EU

9 Kesä 202551min

This episode is sponsored by Duo. Visit duo.com to learn more.Join Jim McDonald and Jeff Steadman on this sponsored episode of the Identity at the Center Podcast, brought to you by Duo! We welcome back Matt Caulfield, VP of Duo and Identity at Cisco, to discuss the ongoing "identity crisis" in security, where 60% of attacks have identity as a key component. Matt introduces Duo's new Security-First IAM, a revolutionary approach that prioritizes security by making it the default, enabling easy passwordless adoption, and building in phishing resistance from day zero.Discover how Duo is differentiating itself in a crowded market by focusing on end-to-end phishing resistance capabilities and user-centric security. Matt shares insights into Cisco's innovation culture, drawing from his experience as a founder and the integration of acquired technologies like ORT into Duo's identity intelligence, including a new trust scoring mechanism to identify compromised accounts.We also delve into the powerful insights from Cisco Talos, whose research on identity-based attacks directly influences Duo's product development, and how customer feedback is shaping the future of identity security. Explore the exciting innovations in authentication, including Duo's proximity verification for phishing-resistant, passwordless access, and the continuous authentication capabilities powered by Duo Desktop and Identity Intelligence.Finally, Matt discusses the impact of AI on identity security, both in enabling attackers and enhancing defense mechanisms like the new Duo AI assistant for administrators. The conversation concludes with a look into the future of identity, including the challenges and opportunities presented by machine and agentic AI identities, and the critical need for advanced authorization solutions.Don't forget to visit duo.com for more information!Chapter Timestamps:00:00:00 - Introduction to the Identity Crisis and Security First IAM00:02:22 - Welcome to the Identity at the Center Podcast & Sponsored Episode Introduction00:03:00 - Introducing Matt Caulfield and His Journey at Duo/Cisco00:04:35 - Defining the Digital Identity Crisis00:06:04 - Understanding Security-First IAM00:07:17 - Differentiating Duo's Identity Solution00:08:36 - Cisco's Acquisition Strategy and Continued Innovation00:10:55 - The Impact of Cisco Talos Intelligence00:14:39 - Customer Insights and Challenges in Identity00:16:50 - Is Authentication Solved? Innovation in Phishing Resistance00:19:32 - AI's Impact on Identity Security and Future Threats00:21:55 - How Duo is Leveraging AI Internally and for Customers00:24:00 - Duo's Repositioning: From MFA to Identity and Access Management00:25:27 - Shifting Metrics of Success for Duo Customers00:27:44 - Workforce, Extended Workforce, and B2B Use Cases for Duo IAM00:29:48 - Deep Dive into Proximity-Based Authentication00:32:31 - The Importance of Phishing Resistance in Duo's Strategy00:35:57 - Continuous Authentication and Shared Signals Framework00:39:07 - Identity as a Core Pillar of SASE00:40:32 - Why Shared Signals Framework is a Key Investment for Duo00:43:25 - Future Outlook for Identity Practitioners: Passwordless and AI00:46:27 - Agentic AI and the Future of Authorization00:48:53 - Jim's Swag Tips for Identiverse00:51:57 - Final Thoughts from Matt CaulfieldConnect with Matt: https://www.linkedin.com/in/mcaulfie/Learn more about Duo: https://duo.com/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.com#idac #IdentitySecurity #Cybersecurity #DuoSecurity

4 Kesä 202553min

In this episode of Identity at the Center, Jeff Steadman and Jim McDonald are joined by Alejandro Leal, Senior Analyst at KuppingerCole, live from the EIC 2025 stage in Berlin, Germany.Alejandro delves into the critical distinctions between misinformation and disinformation, exploring their historical context and how they manifest in today's technological landscape, particularly within social media and legacy media. He discusses the intent behind disinformation, often aimed at creating chaos or confusion, versus misinformation, which can be an unintentional spread of false or inaccurate information.Chapters:00:00:00 Defining Misinformation vs. Disinformation & Historical Context00:02:00 Introduction at EIC 2025 & Guest Welcome00:06:14 The Role of Intent, Generative AI, and Countermeasures00:12:15 Impact of Mis/Disinformation on Business, Politics, and Philosophy00:16:02 How Mis/Disinformation Intersects with Identity Management00:18:07 Balancing Anonymity, Privacy, and Truthful Content Online00:23:09 Connecting to Digital Identity, Verification, and Potential Solutions (AI Labeling, VCs)00:26:45 AI Guardrails, Free Speech vs. Hate Speech, and Authenticity00:29:24 Worst-Case Scenarios and the Global Impact of Mis/Disinformation00:31:24 Actionable Advice: Responsibility and Critical Thinking00:35:38 Book Recommendation: "The Question Concerning Technology"00:39:31 Wrapping Up and Final ThoughtsConnect with Alejandro: https://www.linkedin.com/in/alejandro-leal-a127bb153/The Question Concerning Technology (essay): https://bpb-us-e2.wpmucdn.com/sites.uci.edu/dist/a/3282/files/2018/01/Heidegger_TheQuestionConcerningTechnology.pdfConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Alejandro Leal, KuppingerCole, EIC 2025, Misinformation, Disinformation, Identity and Access Management, IAM, Digital Identity, Cybersecurity, Tech Podcast, Technology Ethics, Generative AI, AI Ethics, Truth in Media, Social Media Responsibility, Privacy Rights, Verifiable Credentials, Critical Thinking Skills, Fake News, Online Safety, Political Disinformation, Business Reputation, Philosophical Tech Discussions, Martin Heidegger, The Question Concerning Technology.

2 Kesä 202540min

In this episode of Identity at the Center, hosts Jeff Steadman and Jim McDonald are joined by Jerome Thorstenson, IAM Architect with Salling Group, live from EIC 2025 in Berlin! Jerome shares his insights on B2B identity, the challenges of managing access for a complex supply chain, and the importance of an identity-first approach.Discover how Salling Group, operating major labels like Target and Starbucks, handles identity for thousands of employees and external partners. Jerome dives into the complexities of balancing security, user experience, and the practicalities of implementing IGA and ABAC.From navigating the challenges of data quality and high employee turnover to the nuances of transitioning between IGA systems, this episode offers valuable insights for identity practitioners.Chapter Timestamps:00:00:00 - B2B Identity Challenges00:02:14 - Welcome to Identity at the Center from EIC 202500:04:14 - Jerome's Journey into Identity00:05:19 - Salling Group Overview00:06:57 - Securing B2B - Jerome's Presentation00:10:54 - Controlling Access in B2B00:11:41 - Identity as a Product00:14:51 - The Role of the IAM Practitioner00:16:31 - ABAC as a Game Changer00:21:00 - Language Considerations in a European Context00:22:33 - Employee Turnover Challenges00:25:07 - IGA Implementation Insights00:29:28 - Identity Fabric Discussion00:31:21 - Jerome's Caribbean Background00:34:06 - Wrap-up and Contact InformationConnect with Jerome: https://www.linkedin.com/in/jetdk/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, EIC 2025, B2B Identity, Identity First Security, IAM, Identity and Access Management, Supply Chain Security, IGA, ABAC, Attribute-Based Access Control, Role-Based Access Control, Identity Fabric, Digital Identity, Cybersecurity, Data Quality, Employee Turnover, Caribbean

26 Touko 202535min

This episode is sponsored by SlashID. Visit https://www.slashid.com/idac to learn more.In this sponsored episode of the Identity at the Center Podcast, hosts Jeff and Jim interview Vincenzo Iozzo, CEO of SlashID, to discuss the current landscape and innovations they are making in Identity and Access Management (IAM). Vincenzo, who has a background in offensive security and experience at CrowdStrike, explains how SlashID uses Large Language Models (LLMs) to enhance visibility and posture beyond traditional Identity Governance and Administration (IGA) and Privileged Access Management (PAM) tools. Slash ID focuses on real-time detection and response to identity-based threats, addressing gaps that compliance-driven IGA systems miss. The episode also covers the advantages of SlashID’s platform, including monitoring privileged identities, automating policy generation for least privilege, and integrating with existing security infrastructure. The conversation delves into the challenges of identity-related breaches and the importance of balancing compliance with robust security measures. Vincenzo also shares his experiences from the offensive security world, including hacking competitions and the evolving threat landscape.Timestamps00:00 Introduction to Real-Time Identity Security01:20 Welcome to the Identity at the Center Podcast02:18 Meet Vincenzo Iozzo, CEO of SlashID02:37 Vincenzo's Journey into Digital Identity04:26 The Genesis of SlashID08:16 Challenges in Identity Governance and Administration (IGA)14:41 The Prevalence of Identity-Related Breaches19:06 Detection and Response Strategies24:30 Lifecycle Issues Detection26:11 Remediation Strategies28:57 Integration with Existing Tools30:27 Customer Success Metrics34:10 Setting Up and Deploying SlashID35:48 Live Demo Walkthrough41:48 Challenges in Cybersecurity45:16 Final Thoughts and Contact InformationConnect with Vincenzo: https://www.linkedin.com/in/vincenzoiozzo/Learn more about SlashID: https://www.slashid.com/idacConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.com and watch at https://www.youtube.com/@idacpodcast

21 Touko 202546min

In this episode of Identity at the Center, hosts Jeff Steadman and Jim McDonald welcome back Henrique Teixeira, SVP of Strategy at Saviynt, for his third appearance on the show. Henrique dives deep into his transition from Gartner analyst to IAM vendor executive, sharing candid insights on career changes, identity security trends, and what it's like to travel the world advocating for better identity practices.The conversation ranges from AI's evolving role in IAM to the nuances of building a strong network and social media presence. Henrique also previews his upcoming podcast and makes compelling analogies between IAM and Formula One, stand-up comedy, and even Rob Zombie lyrics.Whether you're a seasoned identity professional or new to the space, this episode offers valuable takeaways on navigating the IAM landscape, tackling app onboarding, and preparing for the rise of AI agents.Timestamps:00:00 - Henrique on trends and AI as stand-up comedy02:08 - Jim & Jeff intro, shoutout to sponsors04:59 - Henrique joins and talks about conferences07:31 - Henrique’s Gartner to Saviynt transition10:00 - Leadership, strategy, and parallels with Formula One16:07 - Building a network and making career shifts21:09 - Travel life and routines for road warriors26:00 - LinkedIn influence and organic community growth30:31 - IAM set pieces: From Rob Zombie to AI34:00 - Predictions and trends for 202639:00 - AI agents and the new identity security frontier45:18 - Revisiting IAM basics before jumping ahead50:15 - Identity security vs. traditional IAM definitions55:23 - Henrique teases upcoming Saviynt podcast58:45 - AI in music and creative tools for musiciansConnect with Henrique: https://www.linkedin.com/in/bernardes/Learn more about Saviynt: https://saviynt.com/Conference Discounts!Identiverse 2025 - Use code IDV25-IDAC25 for 25% off: https://identiverse.com/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:Henrique Teixeira, Saviynt, Identity at the Center, IAM podcast, identity security, digital identity, cybersecurity trends, AI in IAM, agentic AI, post-cloud identity, LinkedIn IAM influencers, IAM career advice, Gartner alumni, IAM conferences, EIC 2025, Identitiverse, Rob Zombie IAM, application onboarding IAM, IGA strategy, identity trends 2026, IAM predictions

19 Touko 20251h 17min

Eve Maler returns to Identity at the Center for her seventh episode, bringing her signature insight and humor to a deep conversation about the state of digital identity. Jeff and Jim explore the gap between lagging IAM programs and next-gen technologies with Eve, who dives into her research on non-human identities, the power of identity services as products, and how martech and adtech intersect with customer IAM. Plus, get a preview of her EIC talk and the latest on Identi-Squabble, the identity game show set for Identiverse. Don't miss this packed and playful discussion!Timestamps:00:00 - Assume breach, assume tracking02:03 - Jim’s IAM theory and gap analysis10:00 - Identi-Squabble game show preview13:00 - Eve joins, talks SXSW experience18:00 - Non-traditional Venn diagrams & stakeholder models22:00 - Personhood credentials and digital death27:00 - MarTech, AdTech, and the identity connection35:00 - Consent is dead: what it means for IAM47:00 - Treating identity as a product50:00 - Identity’s role in organizational silos53:00 - Identity Security: what is it really?59:00 - Is “identity” big enough to hold all these qualifiers?01:00:00 - Lighter note: would you rather meet past or future self?Connect with Eve: https://www.linkedin.com/in/evemaler/Venn Factory: https://www.vennfactory.com/Conference Discounts!Identiverse 2025 - Use code IDV25-IDAC25 for 25% off: https://identiverse.com/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:Eve Maler, IAM, Identity at the Center, Identiverse, Identisquabble, Martech, Adtech, Personhood Credentials, Identity Security, Consent Management, Non-Human Identity, Identity as Product, Digital Identity, Venn Factory, Identity Governance, IAM Strategy, South by Southwest Identity, Privacy by Design

12 Touko 20251h 7min

In this episode of the Identity at the Center Podcast, hosts Jeff and Jim discuss with Simon Moffatt, founder of The Cyber Hut and identity researcher, the integral role of identity in security, productivity, and online services. They dive into Simon's journey in the identity space, the importance of fresh analytical tools, and his new book, 'IAM at 2035,' which delves into the future of identity security. The discussion also covers AI's impact on consulting and identity, the importance of non-human identities being tied to carbon life forms, and potential scenarios of AI taking over various roles. The episode wraps up with a light-hearted chat about potential fictional writing endeavors.Timestamps00:00 The Importance of Identity in Technology01:53 Podcast Introduction and Listener Engagement04:57 Conference Announcements and Exciting Events07:47 Guest Introduction: Simon Moffatt10:34 Simon's Journey into Identity and Access Management17:22 The Cyber Hut and Emerging Technologies19:19 Content Creation and Writing Process23:30 The Analyst Brief Podcast25:50 Moffatt's Laws of Identity Security32:40 The Importance of Accountability in AI33:07 Autonomous Decision Making and Accountability35:11 AI's Impact on Jobs and Consulting37:14 The Future of AI and Human Creativity40:22 Challenges and Opportunities in AI43:32 Introducing the Book: IAM at 203556:59 Writing and Creativity: Fictional Ideas01:06:15 Conclusion and Final ThoughtsConnect with Simon: https://www.linkedin.com/in/simonmoffatt/The Cyber Hut: https://www.thecyberhut.com/IAM Radar: https://iamradar.thecyberhut.com/The Analyst Brief Podcast: https://creators.spotify.com/pod/profile/the-cyber-hut/IAM at 2035 Book: https://us.amazon.com/IAM-2035-Future-Identity-Security-ebook/dp/B0D2516SQPConference Discounts!European Identity and Cloud Conference 2025 - Use code idac25mko for 25% off: https://www.kuppingercole.com/events/eic2025?ref=partneridacIdentiverse 2025 - Use code IDV25-IDAC25 for 25% off: https://identiverse.com/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:IAM, identity and access management, Simon Moffatt, The Cyber Hut, IAM at 2035, Moffatt Laws, digital identity, identity security, AI accountability, AI and identity, identity podcast, Jeff Steadman, Jim McDonald, identity at the center, IdentiSquabble, identity consulting, future of IAM, identity trends, identity conference

5 Touko 20251h 7min