#367 - RSM & IDAC Present - The Intersection of Attack Surface Management and Identity

Join hosts Jeff Steadman and Jim McDonald as they explore the critical intersection of attack surface management (ASM) and digital identity with Dan Lauritzen, Director with RSM Defense - RSM’s Managed Security Team. This episode dives deep into how identity has become a key component of your organization's attack surface and why breaking down silos between identity teams and Security Operations Centers is more crucial than ever.

Dan brings a unique perspective from his military background as a human intelligence collector to his current role in detection and response. Learn about the cyber kill chain, understand when you might have too much data, and discover practical strategies for treating identities as assets that need continuous protection.

Whether you're an identity practitioner looking to expand your security knowledge or a cybersecurity professional wanting to better understand identity's role in attack surface management, this conversation offers valuable insights and actionable takeaways.

Key topics include XDR platforms, ITDR tools, the evolution from legacy SIEM to modern detection systems, and why the future of security requires collaboration between traditionally separate teams.

Chapter Timestamps

00:00 - Introduction and Industry Trends

01:00 - AI and Technology Disruption Discussion

02:00 - Upcoming Conference Schedule and Discount Codes

04:00 - Podcast Milestone - Approaching One Million Downloads

06:30 - Introducing Dan Lauritzen and RSM Defense Team

09:00 - Dan's Background - From Military to Cybersecurity

12:00 - What is Attack Surface Management?

14:00 - Treating Identities as Assets

16:00 - The Cyber Kill Chain Explained

18:00 - Why Identity and SOC Teams Operate in Silos

21:00 - The Role of Data in Modern Security Operations

23:00 - Continuous Identity Management and Shared Signals Framework

26:00 - Can You Have Too Much Data?

29:00 - Breaking Down Silos Between Identity and SOC Teams

32:00 - Practical Collaboration Strategies

34:00 - SIEM vs XDR vs ITDR - Understanding the Tool Landscape

41:00 - Pragmatic Security Strategies and Metrics

44:00 - Biggest Misconceptions About Attack Surface Management

45:00 - Military Background - Human Intelligence Collection

48:00 - Communication Tips for Better Information Gathering

51:00 - Closing and Contact Information

Connect with Dan: https://www.linkedin.com/in/daniel-lauritzen-67545045/

Cyber Kill Chain: https://en.wikipedia.org/wiki/Cyber_kill_chain

Learn more about RSM:

• RSM Defense Managed Security: https://rsmus.com/services/risk-fraud-cybersecurity/managed-security-services.html
• RSM Digital Identity: https://rsmus.com/services/risk-fraud-cybersecurity/cybersecurity-business-vulnerability/identity-and-access.html

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at http://idacpodcast.com

Keywords

IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Dan Lauritzen, RSM, attack surface management, cybersecurity, digital identity, SOC, Security Operations Center, XDR, ITDR, SIEM, cyber kill chain, detection and response, identity security, human intelligence, military cybersecurity, continuous identity management, shared signals framework, UEBA, threat detection, zero trust, privileged access management, identity governance, security metrics, vendor management, cloud security, endpoint security, data correlation, security silos, collaboration strategies, identity assets, orphaned accounts, entitlement creep, attack surface reduction, security automation, AI in security, machine learning security, identity sprawl, security tools, cybersecurity consulting, managed security services, security monitoring, incident response, threat hunting, vulnerability management, risk assessment, compliance, security architecture, defense strategy