348: Alex Bovee – Identity in the Age of Agentic AI

In this episode, Steve speaks with Alex Bovee, co-founder and CEO of C1, a technology company focused on identity security online. Steve and Alex discuss why identity still often is an afterthought when businesses look at their risk profiles and how governance is changing as employees get access to more and more systems. Alex also shares his thoughts on how to translate identity management to board members and how to adapt technology so that it fits your team, not the other way around.

Key Takeaways:

1. Identity must be treated as a strategic risk.
2. When it comes to protecting your business against deepfakes, tried and true verification methods like MFA and multi-step approval processes remain best practice.
3. Choosing robust but user-friendly technology is important for attracting and retaining new talent.

Tune in to hear more about:

1. The deepfake challenge (6:14)
2. Automated identity governance (8:33)
3. Empowering a culture of trust through identity strategy (12:20)

Standout Quotes:

1. “I would say that most forward-thinking CISOs 100% view identity as one of the most important pillars in their company that they need to protect and secure.” - Alex Bovee
2. “There's different, I would say, classes of deepfake-type attacks. There's more of your broad-based social engineering type attacks, and I think one of the impacts of AI on that is that AI is able to do that at scale and in a very targeted way. I think we're gonna see a lot of asymmetry happening in those types of attacks. And then the second category is much more of your targeted attack, where you're trying to deepfake the CEO calling the CFO, asking for an immediate wire transfer to pay for something.” - Alex Bovee
3. “The best kind of security controls are the ones that are just in place that work, that are silent, and you don't know they're there, but they let you do your job.” - Alex Bovee

Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter

From the Information Security Forum, the leading authority on cyber, information security, and risk management.