1 00:00:05,280 --> 00:00:10,440 This is identity at the center. If it has anything to do with 2 00:00:10,520 --> 00:00:17,960 IAM, this is the go to podcast now your hosts Jim McDonald and 3 00:00:17,960 --> 00:00:22,160 Jeff Stedman. Welcome to the Identity at the 4 00:00:22,160 --> 00:00:24,000 Center podcast. I'm Jeff and that's Jim. 5 00:00:24,040 --> 00:00:26,240 Hey, Jim. Hey, Jeff, how are you? 6 00:00:26,720 --> 00:00:29,280 Oh, not so bad yourself. Good, good. 7 00:00:29,280 --> 00:00:31,560 I'm wondering if anybody else can hear my breathing. 8 00:00:31,800 --> 00:00:33,800 Right before we went on, you said heavy breathing. 9 00:00:33,840 --> 00:00:36,000 I'm like, darn it. Sound like Darth Vader? 10 00:00:36,760 --> 00:00:42,000 Yes, Jeff, I am your father. You are not my father, that I 11 00:00:42,000 --> 00:00:45,520 saw like Maury Povich. Yeah. 12 00:00:45,840 --> 00:00:51,360 Or what is what was that, that TV show that was real popular in 13 00:00:51,360 --> 00:00:53,640 the 90s? Which one? 14 00:00:53,640 --> 00:00:56,680 Yeah, we're the Jerry Springer. Oh, yeah, Springer. 15 00:00:56,680 --> 00:00:57,600 Sorry. That's that's what I was 16 00:00:57,600 --> 00:00:58,000 thinking. Yeah. 17 00:00:58,000 --> 00:00:59,560 Yeah. You're not my father or you're 18 00:00:59,560 --> 00:01:02,760 not the father. You're you're not the father. 19 00:01:03,120 --> 00:01:05,680 Yeah. So yeah, you've been on the 20 00:01:05,680 --> 00:01:07,600 road. You're actually, we're 21 00:01:07,600 --> 00:01:09,680 connected. And you're in a hotel room. 22 00:01:09,800 --> 00:01:13,800 Another bland hotel room. Shocking, right? 23 00:01:13,800 --> 00:01:19,280 Yeah, I am currently in Reno, NV and was in Las Vegas earlier 24 00:01:19,280 --> 00:01:21,760 this week. Was at the sale point sales 25 00:01:21,760 --> 00:01:23,960 kickoff for kind of all the partners and stuff like that. 26 00:01:23,960 --> 00:01:26,680 First time attending one of those was kind of interesting 27 00:01:26,680 --> 00:01:28,480 and fun. Met a lot of great people and 28 00:01:29,200 --> 00:01:34,760 give a shout out to Bobby, Alec, Katz, Ahmed, Ashley. 29 00:01:34,760 --> 00:01:36,960 I'm sure there were others. Those are kind of the immediate 30 00:01:36,960 --> 00:01:38,000 people that were sitting around us. 31 00:01:38,000 --> 00:01:40,560 We went to dinner one of the night, so it's kind of a lot of 32 00:01:40,560 --> 00:01:43,520 fun to kind of talk with them and see what's going on in the 33 00:01:43,520 --> 00:01:45,400 real world and from their perspective, But it's 34 00:01:45,880 --> 00:01:50,040 interesting. Vegas was surprisingly empty for 35 00:01:50,040 --> 00:01:52,200 what I'm used to. Usually there's a lot of people 36 00:01:52,200 --> 00:01:54,840 there, and it just seemed like it was like the calm for the 37 00:01:54,840 --> 00:01:58,400 storm before the Super Bowl arrives there in a couple weeks. 38 00:01:58,400 --> 00:02:03,600 So yeah, it was interesting to just not be inundated with 39 00:02:03,600 --> 00:02:04,280 people ever. It was. 40 00:02:04,360 --> 00:02:05,960 It was actually kind of, kind of pleasant. 41 00:02:07,480 --> 00:02:09,320 Yeah. Don't you think it's interesting 42 00:02:09,320 --> 00:02:13,400 how the whole world is fixated on whether or not Taylor Swift 43 00:02:13,400 --> 00:02:15,400 is going to be able to make it to the game? 44 00:02:15,400 --> 00:02:18,360 I mean, like, that's what everybody's talking about. 45 00:02:18,720 --> 00:02:22,120 Did you see that the embassy in Japan put out a press release. 46 00:02:22,760 --> 00:02:25,560 I read this this morning. They put this out that basically 47 00:02:25,560 --> 00:02:29,640 says there is plenty of time for Taylor Swift to make it to the 48 00:02:29,640 --> 00:02:32,360 Super Bowl. And because she's playing a a 49 00:02:32,360 --> 00:02:35,000 show in Tokyo the night the the night before. 50 00:02:35,320 --> 00:02:38,360 But because of time changes and stuff like that, if she leaves 51 00:02:38,360 --> 00:02:41,440 after the show, she should be getting there in plenty of time. 52 00:02:41,440 --> 00:02:44,760 But there was like concern that you know, would she be late, 53 00:02:45,320 --> 00:02:48,440 will she cut the show short to try and make it? 54 00:02:48,840 --> 00:02:51,040 I mean it's just it's gotten pretty ridiculous. 55 00:02:51,040 --> 00:02:52,840 I've never, I don't think I've. I can't really. 56 00:02:52,840 --> 00:02:55,520 Last time there was like this phenomenon around somebody, an 57 00:02:55,520 --> 00:03:00,560 individual that was really impacting the NFL world. 58 00:03:00,560 --> 00:03:02,560 It's kind of crazy. What do you think of Taylor 59 00:03:02,560 --> 00:03:03,640 Swift? Are you a fan? 60 00:03:03,680 --> 00:03:05,560 Nah, I didn't. I don't really care. 61 00:03:06,000 --> 00:03:08,480 Or another. I'm sure she's a talented singer 62 00:03:08,480 --> 00:03:10,680 or songwriter, but I don't really listen to anything. 63 00:03:11,760 --> 00:03:14,560 Yeah, yeah, I I think she has some catchy. 64 00:03:14,560 --> 00:03:17,520 Songs that I like and But You're a Road Warrior. 65 00:03:19,120 --> 00:03:22,160 You're I mean, like I used to say I've been a road warrior for 66 00:03:22,160 --> 00:03:25,120 20 years, which I kind of feel was true. 67 00:03:25,120 --> 00:03:29,040 I mean I wasn't like the elite traveler like you are today. 68 00:03:29,040 --> 00:03:33,200 But I mean I was one to three weeks on the road every month 69 00:03:33,200 --> 00:03:37,040 for like 20 years. You're like you live out of out 70 00:03:37,120 --> 00:03:40,680 of your suitcase now. Yeah, I think it's just this I I 71 00:03:40,680 --> 00:03:43,280 think that's kind of a little bit of my role at the moment. 72 00:03:43,280 --> 00:03:47,280 So kind of utility player doing what I need to do but definitely 73 00:03:47,280 --> 00:03:49,960 not something that has been historic. 74 00:03:50,240 --> 00:03:53,440 Historical at least for me last year is really kind of when it 75 00:03:53,440 --> 00:03:55,760 picked up. But I enjoy it gets me out 76 00:03:55,960 --> 00:03:58,880 talking to people which is what I like to do and talk to a lot 77 00:03:58,880 --> 00:04:01,160 of really smart people. Got to have a really nice dinner 78 00:04:01,160 --> 00:04:05,120 with friend Bert who I used to work with so way back in the day 79 00:04:05,120 --> 00:04:07,840 and kind of listen to him. I am trying like heck to get him 80 00:04:07,840 --> 00:04:10,920 on the show. We actually were sitting there, 81 00:04:10,920 --> 00:04:13,000 we were talking over dinner and just kind of catching up because 82 00:04:13,000 --> 00:04:14,880 it had been a while since we'd seen each other. 83 00:04:15,320 --> 00:04:20,720 And he's, he was talking about keeping your vendors accountable 84 00:04:20,720 --> 00:04:23,840 and honest and making sure you get the most value out of the 85 00:04:23,840 --> 00:04:25,720 products that you're buying. I was like, that's it. 86 00:04:25,720 --> 00:04:29,680 That's our episode right there. So yeah, that's that's one I've 87 00:04:29,680 --> 00:04:31,560 been working on for a while. And hopefully, Bert, if you're 88 00:04:31,560 --> 00:04:32,920 listening, we got to get you on, man. 89 00:04:34,320 --> 00:04:37,760 Yeah, let's face it, Bert is sounds like he's the he's the 90 00:04:37,760 --> 00:04:42,480 person or exemplifies living in the real world of identity. 91 00:04:42,480 --> 00:04:46,560 He's the practitioner out there making it happen, but he doesn't 92 00:04:46,560 --> 00:04:47,920 really think. Of himself as an identity 93 00:04:47,920 --> 00:04:50,120 person. I mean he's a he's a siso and 94 00:04:50,560 --> 00:04:52,360 that's happened. I used to work for him back in 95 00:04:52,360 --> 00:04:56,560 one of my prior roles and you know I it's it's interesting. 96 00:04:56,720 --> 00:04:58,600 You know it's like well, I don't really, you know, I'm not I'm 97 00:04:58,600 --> 00:05:00,880 not an identity. It's like yeah, we, but we talk 98 00:05:00,880 --> 00:05:03,080 about so many other information security things as well, right. 99 00:05:03,080 --> 00:05:04,760 Identity's part of information security. 100 00:05:04,760 --> 00:05:07,640 It's one of the, in my mind, one of the pillars from a security 101 00:05:07,640 --> 00:05:09,520 strategy like there is you. Could say there are things. 102 00:05:09,520 --> 00:05:11,880 We can talk about it is Epicenter for sure. 103 00:05:12,640 --> 00:05:14,560 We heard it from this. So you know Ryan? 104 00:05:15,960 --> 00:05:20,840 Yeah, Ryan, Ryan, last episode really nailed that. 105 00:05:22,000 --> 00:05:24,720 But we were talking about, I was in a meeting, I think I was with 106 00:05:24,720 --> 00:05:28,160 you and someone was talking about, you know, Microsoft and 107 00:05:28,160 --> 00:05:31,560 all their different offerings, like a Venn diagram of 108 00:05:31,800 --> 00:05:33,880 overlapping. And I was thinking to myself, 109 00:05:33,880 --> 00:05:36,680 hey, I I know what the center of that Venn diagram is. 110 00:05:36,680 --> 00:05:41,400 It's the identity. Yeah, I mean, it's everywhere. 111 00:05:41,400 --> 00:05:43,600 You can't escape it. Like, what industry do you 112 00:05:43,600 --> 00:05:45,320 specialize in Friday? All of them. 113 00:05:46,240 --> 00:05:49,280 Every industry uses it. So, I mean, that's obviously 114 00:05:49,280 --> 00:05:53,560 maybe my selfish view of the IM space, but everybody is doing 115 00:05:53,560 --> 00:05:57,440 identity and there are a lot of overwrap in use cases. 116 00:05:57,760 --> 00:06:00,440 You know, I hate to say it, but not everyone is special, right? 117 00:06:01,520 --> 00:06:04,480 There are certainly some unique use cases, but there's a lot of 118 00:06:05,040 --> 00:06:08,280 common things that stretch across no matter what industry 119 00:06:08,280 --> 00:06:11,400 or vertical or size of organization, everyone is 120 00:06:11,400 --> 00:06:12,720 dealing with things in the identity world. 121 00:06:13,360 --> 00:06:16,080 Yeah, so we've been teasing this episode for a while. 122 00:06:16,080 --> 00:06:22,360 It's the five questions that we were asking people to leave us 123 00:06:22,360 --> 00:06:26,520 voicemails with questions. We got a lot more than five. 124 00:06:26,880 --> 00:06:34,800 We only pick five because we're giving away some donated codes 125 00:06:34,800 --> 00:06:38,360 to download the e-book Learning Digital Identity by Phil Winley. 126 00:06:38,360 --> 00:06:42,480 Phil's gracious enough to get us those codes. 127 00:06:42,640 --> 00:06:45,720 So today's the day where we're going to play those questions 128 00:06:46,120 --> 00:06:49,160 and then answer them the best we can. 129 00:06:51,000 --> 00:06:53,360 Yeah, it was. I mean there were a lot of good 130 00:06:53,360 --> 00:06:55,360 questions. So it's kind of hard to like 131 00:06:55,360 --> 00:06:56,680 choose those. Oh, that's a great was like 132 00:06:56,680 --> 00:06:59,480 maybe we should do a whole show around that or, you know, I love 133 00:06:59,480 --> 00:07:02,120 that for for different reasons. But yeah, these are the ones 134 00:07:02,120 --> 00:07:05,560 that we kind of settled on. And I don't know how do we want 135 00:07:05,560 --> 00:07:07,040 to go into this? Do we want to go into that, do 136 00:07:07,040 --> 00:07:09,280 everything else we want to cover before we start going to 137 00:07:09,280 --> 00:07:10,680 voicemail? Yeah, we should talk about 138 00:07:11,040 --> 00:07:14,080 Identity Week, right? I mean, those are upcoming and 139 00:07:14,080 --> 00:07:16,600 we've got a fantastic discount code. 140 00:07:16,600 --> 00:07:21,640 So we've got Identity Week is a conference that hits Europe, 141 00:07:21,760 --> 00:07:25,080 Asia and America. So Europe is in Amsterdam June 142 00:07:25,080 --> 00:07:29,880 11th through 12th, America's in DC September 11th and 12th, and 143 00:07:29,920 --> 00:07:32,640 we'll be at that one Singapore. We'll be at the sorry in 144 00:07:32,640 --> 00:07:35,600 America, so we'll be at the. We'll be at the 1:00, we'll be 145 00:07:35,600 --> 00:07:40,080 there and then Asia is in Singapore, October 22nd and 146 00:07:40,080 --> 00:07:42,560 23rd. Wish we would be there, but I 147 00:07:42,560 --> 00:07:44,440 don't think we're going to be anyway. 148 00:07:44,440 --> 00:07:49,360 That discount code is IDAC 30. It gives you 30% off for 149 00:07:49,360 --> 00:07:54,160 registering for any or all of those those conferences. 150 00:07:54,160 --> 00:07:57,520 So that's one of the things that we do is like we're going out 151 00:07:57,520 --> 00:07:59,280 there and trying to get these discount codes. 152 00:07:59,280 --> 00:08:04,720 We don't benefit directly from them, but you know, we're doing 153 00:08:04,720 --> 00:08:07,760 it for the folks who listen and hopefully they can get save 154 00:08:07,760 --> 00:08:10,440 their organizations a few bucks or if they're paying for it out 155 00:08:10,440 --> 00:08:12,720 of their own pocket, save for themselves. 156 00:08:13,480 --> 00:08:16,040 Yeah, yeah. And then come check us out. 157 00:08:16,280 --> 00:08:17,440 Jenny Week, America or the other ones. 158 00:08:17,600 --> 00:08:19,000 It's kind of cool. The code works around the world 159 00:08:19,000 --> 00:08:20,840 because I know we've got folks listening all over the place. 160 00:08:20,840 --> 00:08:23,720 So, you know, there's three different conferences, 3 161 00:08:23,720 --> 00:08:27,280 different regions. I I enjoyed my time there last 162 00:08:27,280 --> 00:08:28,280 year. So I'm looking forward to 163 00:08:28,280 --> 00:08:31,000 continue to grow and expand. We'll have a little more of a 164 00:08:31,000 --> 00:08:32,760 podcast presence this year. So we're working with the 165 00:08:32,760 --> 00:08:34,640 conference organizers to help with that as well. 166 00:08:34,640 --> 00:08:39,600 But yeah, I, I, I like where that that conference is going. 167 00:08:39,760 --> 00:08:42,960 So I think there's plenty of room for learnings and to get 168 00:08:42,960 --> 00:08:46,000 together as groups and kind of you know, hear from from folks 169 00:08:46,040 --> 00:08:48,320 of how they're tackling some of these challenges that we see out 170 00:08:48,320 --> 00:08:50,560 there. Yeah, I think also just, you 171 00:08:50,560 --> 00:08:53,560 know, I've seen conferences do this a few times where they try 172 00:08:53,560 --> 00:08:55,400 and go regional. And what is great about the 173 00:08:55,400 --> 00:08:59,520 regional aspect is people who normally wouldn't get to go to a 174 00:08:59,520 --> 00:09:03,000 conference can go if it's, you know, local and they don't have 175 00:09:03,000 --> 00:09:08,440 to hop on a plane or necessarily get a hotel or they can minimize 176 00:09:08,440 --> 00:09:10,680 that. The cost of their organization, 177 00:09:10,680 --> 00:09:13,680 they can get to go. So I think that's real valuable. 178 00:09:13,680 --> 00:09:17,480 So I think with like Identity Week, America being in DC, 179 00:09:17,480 --> 00:09:21,360 there's just kind of a a increased focus on kind of the 180 00:09:21,360 --> 00:09:24,360 Beltway and everything that happens inside or near the 181 00:09:24,360 --> 00:09:27,120 Beltway. Yeah, I think historically it's 182 00:09:27,120 --> 00:09:29,880 been a government focused, kind of more government focused 183 00:09:30,440 --> 00:09:32,320 conference. But I think they're trying to 184 00:09:32,320 --> 00:09:33,720 expand, right. And the way to expand is to get 185 00:09:33,720 --> 00:09:37,240 more people involved, different viewpoints and like I said I I 186 00:09:37,600 --> 00:09:38,760 I'm encouraged by the direction of it. 187 00:09:38,760 --> 00:09:40,440 I think it's still a growing thing, which is great. 188 00:09:41,960 --> 00:09:44,080 There's there's definitely room for that and it's a good time of 189 00:09:44,080 --> 00:09:46,520 year because there's really nothing else I think from 190 00:09:46,520 --> 00:09:49,800 identity perspective taking place in the US around around 191 00:09:49,800 --> 00:09:51,680 that time. Now, before we get into those 192 00:09:51,680 --> 00:09:55,840 awesome questions, I know you had found this post on Reddit. 193 00:09:55,840 --> 00:09:58,680 You sent it to me during the week, and I was just like, oh, 194 00:09:58,680 --> 00:10:00,600 that's really cool. We need to talk about that 195 00:10:00,840 --> 00:10:03,880 during the podcast. So what do you tell everybody 196 00:10:03,880 --> 00:10:06,120 what that was? And then we'll jump into the 197 00:10:06,120 --> 00:10:08,160 questions. Yeah, I just happened to 198 00:10:08,160 --> 00:10:10,120 randomly be scrolling through Reddit as one does. 199 00:10:10,120 --> 00:10:14,800 I'm mostly a worker, and I subscribed to the identity 200 00:10:14,800 --> 00:10:17,840 Management subreddit, and there was a topic that said what are 201 00:10:17,840 --> 00:10:20,880 your top five cybersecurity podcasts and newsletters that 202 00:10:20,880 --> 00:10:23,360 especially focus on identity and access management? 203 00:10:24,120 --> 00:10:26,000 And it's like, oh, OK, that's kind of cool. 204 00:10:26,000 --> 00:10:26,880 Let me see, you know what's in there? 205 00:10:26,880 --> 00:10:29,760 What are people saying? And the first one was a comment. 206 00:10:30,520 --> 00:10:32,520 Identity at the center is the only one I'm listening to. 207 00:10:32,520 --> 00:10:35,600 And then the original poster put a comment that's top shelf. 208 00:10:35,600 --> 00:10:37,560 So yeah, I had to comment on that one. 209 00:10:37,560 --> 00:10:40,000 I normally don't really kind of get involved, that kind of 210 00:10:40,000 --> 00:10:42,280 thing, but it was very flattering to kind of see it out 211 00:10:42,280 --> 00:10:44,680 there. And I just happened to catch it. 212 00:10:44,680 --> 00:10:47,720 I think it was just, it wasn't like I was looking for anything. 213 00:10:47,720 --> 00:10:50,080 It was just, oh, OK, you know, what's up there? 214 00:10:50,560 --> 00:10:54,960 And yeah, there we are so Reddit famous, I guess, which is very 215 00:10:54,960 --> 00:10:56,440 cool. So if you're on Reddit, you're 216 00:10:56,440 --> 00:10:57,600 listening. Thank you so much. 217 00:10:57,600 --> 00:10:59,640 If you're not on Reddit and listening, thank you so much. 218 00:11:00,600 --> 00:11:03,400 Yeah, what I liked was there were six up boots and so 219 00:11:03,400 --> 00:11:08,280 subtracting the up boot that you put and that the original poster 220 00:11:08,280 --> 00:11:11,720 probably put, you know, four people loaded it up. 221 00:11:12,880 --> 00:11:15,880 Yeah, not a very heavily trafficked subreddit, but 222 00:11:15,960 --> 00:11:17,760 occasionally there's some Megan's in there and some 223 00:11:17,760 --> 00:11:19,440 interesting questions and kind of things like that. 224 00:11:19,440 --> 00:11:21,160 I think. I think it's one of those things 225 00:11:21,160 --> 00:11:24,200 where that subreddit seems to get a lot of like what I would 226 00:11:24,200 --> 00:11:29,720 call like spam advertising and sort of like sponsored branded 227 00:11:29,840 --> 00:11:31,960 posts and things like that. But every once in a while, you 228 00:11:31,960 --> 00:11:33,760 get one that seems kind of legitimate. 229 00:11:33,760 --> 00:11:35,800 That could be annoying. You know, one of the things I'll 230 00:11:35,800 --> 00:11:39,240 do a lot is, you know, type whatever I want to search and 231 00:11:39,240 --> 00:11:43,480 Google, and if I don't want to just get sponsored content, then 232 00:11:43,480 --> 00:11:48,040 I'll put the word Reddit just to see what comes back. 233 00:11:48,040 --> 00:11:52,280 And you sometimes get some real human beings, like what you used 234 00:11:52,280 --> 00:11:55,240 to get when you would search, you know, 20 years ago. 235 00:11:56,160 --> 00:11:59,200 Yeah, I mean there's there's a lot of sponsorship and 236 00:11:59,200 --> 00:12:01,160 advertisement. I've read it for sure. 237 00:12:01,760 --> 00:12:04,400 But this one I choose to believe was legitimate because I 238 00:12:04,400 --> 00:12:06,600 actually ended up having a conversation with one of the the 239 00:12:06,600 --> 00:12:09,760 posters on there, training some linked messages back and forth. 240 00:12:09,840 --> 00:12:12,360 So that was kind of cool. But yeah, very, very cool to see 241 00:12:12,360 --> 00:12:13,640 that out there. People obviously still 242 00:12:13,640 --> 00:12:16,400 discovering us and for the folks who are sharing that out there, 243 00:12:16,400 --> 00:12:18,280 definitely appreciate it. Why don't we get to some 244 00:12:18,280 --> 00:12:20,160 voicemails? Yeah, that sounds great. 245 00:12:20,160 --> 00:12:23,720 I one thing I want to say before we start the voicemails is we're 246 00:12:23,720 --> 00:12:25,840 going to go through 5 today. We had lots of them. 247 00:12:26,160 --> 00:12:30,360 The ones that we don't go through today, we're saving for 248 00:12:30,360 --> 00:12:32,320 future episodes. Like Jeff said, some of them 249 00:12:32,320 --> 00:12:36,240 were, we didn't want to like punish, but they're good enough 250 00:12:36,240 --> 00:12:39,640 questions that we can base the whole episode on the question. 251 00:12:39,640 --> 00:12:41,320 So we did save some for that reason. 252 00:12:42,600 --> 00:12:46,000 But also it's not like the voicemail lines are now closed. 253 00:12:46,240 --> 00:12:47,840 Keep putting questions out there. 254 00:12:48,000 --> 00:12:49,680 We'll use them for future episodes. 255 00:12:49,680 --> 00:12:54,400 So yeah, please keep doing that and then, you know, spread the 256 00:12:54,400 --> 00:12:57,920 word, let people know. That's how the podcast is 257 00:12:57,920 --> 00:13:00,440 growing, is, you know, a lot of times I'll talk to people who 258 00:13:00,440 --> 00:13:03,040 are practitioners in our space like, oh, you have a podcast 259 00:13:03,040 --> 00:13:05,360 identity at the center. I never heard of it before. 260 00:13:05,840 --> 00:13:08,880 Like, oh man, this is somebody who should already know about 261 00:13:08,880 --> 00:13:10,600 this. So, you know, spreading the word 262 00:13:10,600 --> 00:13:13,520 is certainly appreciated. Yeah, lots of good ones. 263 00:13:13,520 --> 00:13:18,400 I was surprised only one spam slash, not even like trolley, 264 00:13:18,400 --> 00:13:20,960 because it was funny. There was one from So whoever 265 00:13:20,960 --> 00:13:22,760 put in the Chip chipperson one, I got you. 266 00:13:22,760 --> 00:13:26,600 I know who chip chipperson is. So my thought process is like, 267 00:13:26,600 --> 00:13:29,720 either they know that, I know that, or they're just a fan of 268 00:13:29,720 --> 00:13:32,160 Jim Norton, who is a comedian and that's like his alternate 269 00:13:32,160 --> 00:13:34,520 persona. So I got a kick out of that, 270 00:13:34,520 --> 00:13:36,920 whoever set that in. But sorry, you didn't win a 271 00:13:36,920 --> 00:13:39,360 book. I did recognize it. 272 00:13:40,200 --> 00:13:43,440 Yeah, and then, well, I guess it's not validated, but I 273 00:13:43,440 --> 00:13:45,320 thought the person's e-mail address said 274 00:13:45,840 --> 00:13:49,520 likechipchipperson@aol.com. And I was like, wow, did they go 275 00:13:49,520 --> 00:13:52,200 through the effort of creating that e-mail address too? 276 00:13:52,200 --> 00:13:56,040 Or did they just put it in there and it doesn't just put it in 277 00:13:56,040 --> 00:13:57,600 there? Yeah, home run chipper. 278 00:13:57,600 --> 00:14:01,280 So good job. All right, The first one up is 279 00:14:01,440 --> 00:14:03,360 Andrew Champ, the phone. So that's a nice one. 280 00:14:03,360 --> 00:14:05,880 So let me play that clip and then and then we'll respond. 281 00:14:05,960 --> 00:14:07,720 Hey Jack and Jim, a new champ on here. 282 00:14:07,720 --> 00:14:12,160 Just friend of the show and I'm asking you guys about the 283 00:14:12,280 --> 00:14:15,000 barrier of entry and identity access management. 284 00:14:15,600 --> 00:14:18,920 There seems to be so many companies are looking for 285 00:14:18,920 --> 00:14:22,680 talent, but it's hard to come by, especially entry level roles 286 00:14:23,040 --> 00:14:26,880 and that seems to be a struggle around the industry today. 287 00:14:27,160 --> 00:14:29,920 There's not many people who can get sell point experience 288 00:14:30,480 --> 00:14:32,920 because they're not on projects that will do sell point. 289 00:14:33,320 --> 00:14:37,440 Yes, sell point did open up their identity university to 290 00:14:37,440 --> 00:14:39,200 people, but it seems to be still a gap. 291 00:14:39,320 --> 00:14:42,080 What do you think are some changes that need that need to 292 00:14:42,080 --> 00:14:46,680 happen in terms of companies giving actual level of people a 293 00:14:46,680 --> 00:14:49,560 shot into? I am because I just don't feel 294 00:14:49,560 --> 00:14:50,880 like there's an easy answer to it. 295 00:14:51,000 --> 00:14:52,720 Thanks guys. Letter of D what you guys doing 296 00:14:52,720 --> 00:14:54,080 and hope to see you guys soon on the show. 297 00:14:54,120 --> 00:14:54,720 Bye. All right. 298 00:14:54,720 --> 00:14:56,760 So, Andrew, definitely in front of the show, seeing that a 299 00:14:56,760 --> 00:14:58,640 couple actually saw my identity week in Merkel last year. 300 00:14:59,600 --> 00:15:01,680 Good question. I like this question because I 301 00:15:01,680 --> 00:15:04,400 think a lot of times we focus on people who've been in the space 302 00:15:04,400 --> 00:15:07,960 for a while. But this is an area that I think 303 00:15:07,960 --> 00:15:10,640 is interesting is how do you actually get into identity? 304 00:15:11,160 --> 00:15:15,800 I feel like hands on as the best teacher and how do you get an 305 00:15:15,800 --> 00:15:19,800 entry level you know I am position where you are hands on 306 00:15:19,800 --> 00:15:21,280 with the tech with the technology. 307 00:15:21,480 --> 00:15:24,280 What are your thoughts, Jim? Yeah, great. 308 00:15:24,360 --> 00:15:28,120 Great question from Andrew and I also really appreciate what he's 309 00:15:28,120 --> 00:15:32,040 out there doing to try to help people get these entry level 310 00:15:32,040 --> 00:15:34,520 rolls. And so this is right in his his 311 00:15:34,520 --> 00:15:36,880 lane. I think one of the questions is 312 00:15:36,880 --> 00:15:40,280 like if you're starting off what what do you can define as entry 313 00:15:40,280 --> 00:15:41,560 level? In other words, you're already 314 00:15:41,560 --> 00:15:44,200 in the company, you're already working in some kind of 315 00:15:44,200 --> 00:15:48,880 technology or customer support or is this somebody who is just 316 00:15:48,880 --> 00:15:52,560 out of whatever training they're doing and decided like IMS for 317 00:15:52,560 --> 00:15:55,440 me. And I think First off, First 318 00:15:55,440 --> 00:15:59,320 things first, like you need to know what you want to do, like 319 00:15:59,320 --> 00:16:01,920 where you want to go or have at least some idea, right. 320 00:16:01,960 --> 00:16:05,640 That be open to the idea that it's going to change if you're 321 00:16:05,640 --> 00:16:09,520 in that role, where are you in that space where you don't have 322 00:16:09,520 --> 00:16:11,480 a role yet? I think you just need to get 323 00:16:11,480 --> 00:16:13,440 that first role and you have to be open minded. 324 00:16:13,440 --> 00:16:16,440 Like yeah, I'd like to learn Cell point might be your entry 325 00:16:16,440 --> 00:16:18,960 point, but you might get in a company that doesn't have Cell 326 00:16:18,960 --> 00:16:20,680 Point, it might have something else. 327 00:16:20,680 --> 00:16:25,400 And it's like then be open to learning a different area of IAM 328 00:16:25,600 --> 00:16:29,040 because you can learn it all if you give it time and you get the 329 00:16:29,040 --> 00:16:31,400 experience. If you're already in a role and 330 00:16:31,400 --> 00:16:36,760 you want to move up within, you know, to be willing to take on 331 00:16:36,760 --> 00:16:39,840 new opportunities and learn outside of work. 332 00:16:40,480 --> 00:16:42,480 I know everybody's life situation is a little bit 333 00:16:42,480 --> 00:16:44,200 different. But most companies don't want to 334 00:16:44,600 --> 00:16:46,760 pay people to just sit there and learn, right. 335 00:16:46,760 --> 00:16:48,760 They want to pay people to do a job. 336 00:16:48,760 --> 00:16:52,520 So you're going to have to spend some of your own free time kind 337 00:16:52,520 --> 00:16:56,720 of improving your skills. I think getting those years of 338 00:16:56,720 --> 00:16:59,200 experience under your belt, that's key. 339 00:17:00,000 --> 00:17:04,359 I think going and doing a good job, that's key and keeping your 340 00:17:04,359 --> 00:17:08,920 eyes open and being somebody who is a sponge and is learning. 341 00:17:09,920 --> 00:17:13,240 Those are all the the keys to kind of building yourself up. 342 00:17:13,760 --> 00:17:16,920 You know, I think everybody kind of looks at us like, oh a cell 343 00:17:16,920 --> 00:17:19,800 point engineer. They can make 6 figures. 344 00:17:20,160 --> 00:17:23,560 I want to become a cell point engineer, but it's not really 345 00:17:23,720 --> 00:17:25,599 that easy, right? You have to kind of pay your 346 00:17:25,599 --> 00:17:29,320 dues So you know those entry level positions, you know they 347 00:17:29,320 --> 00:17:32,840 might not look like cell point engineer that they may get your 348 00:17:32,840 --> 00:17:34,960 foot in the door, give you the opportunity that where you're 349 00:17:34,960 --> 00:17:37,520 getting a paycheck doing something close and you're 350 00:17:37,520 --> 00:17:40,680 building the skills and then when they need somebody to step 351 00:17:40,680 --> 00:17:44,760 up and do some more things, put yourself in that position. 352 00:17:44,760 --> 00:17:47,400 What do you think, Jeff? Yeah, I think you've got to be 353 00:17:47,400 --> 00:17:50,400 able to, you have to really invest your own time to this. 354 00:17:50,400 --> 00:17:51,600 No one's going to hand this to you. 355 00:17:51,600 --> 00:17:54,640 So I think you're going through training, you got to work your 356 00:17:54,640 --> 00:17:57,720 network, try to find those, those entry level positions. 357 00:17:57,720 --> 00:18:00,640 I think sometimes if you're doing like a career change or 358 00:18:00,640 --> 00:18:02,800 career pivot, you got to be willing to take a step 359 00:18:02,800 --> 00:18:04,960 backwards. If you don't know anything, no 360 00:18:04,960 --> 00:18:07,680 one is going to pay you 6 figures to do that work. 361 00:18:08,000 --> 00:18:11,160 This doesn't happen, right. So you have to be able to take a 362 00:18:11,160 --> 00:18:12,280 step back and say OK why don't anything. 363 00:18:12,280 --> 00:18:14,200 But I'm willing to invest the next couple years getting that 364 00:18:14,200 --> 00:18:17,240 experience to that eventually get to you know, the higher 365 00:18:17,240 --> 00:18:18,760 paying role or whatever it may be. 366 00:18:19,120 --> 00:18:21,240 But I think you hit something very early on that I think is 367 00:18:21,240 --> 00:18:24,040 important and that is the what do you want to be when you grow 368 00:18:24,040 --> 00:18:26,560 up? Question because there's a lot 369 00:18:26,560 --> 00:18:28,400 of different ways to get into the IM space. 370 00:18:28,400 --> 00:18:30,560 There's technical and there's non-technical roles. 371 00:18:31,040 --> 00:18:34,320 What do you want to do if it's a technical role? 372 00:18:34,320 --> 00:18:37,480 Well what does that even mean? Is it IGA? 373 00:18:37,480 --> 00:18:38,960 Is it privilege access management? 374 00:18:38,960 --> 00:18:42,400 Is it authentication, authorization, password lists, 375 00:18:42,400 --> 00:18:44,920 verify credentials, decentralized right. 376 00:18:45,200 --> 00:18:47,480 There's a lot of stuff to kind of know and kind of figure out 377 00:18:47,480 --> 00:18:50,640 but I think you really have to kind of figure out where what do 378 00:18:50,640 --> 00:18:53,400 you think you want your role to be in the IM space? 379 00:18:53,440 --> 00:18:56,400 If it's time to go, great, go out and do whatever self 380 00:18:56,400 --> 00:18:58,760 learning you can, collect whatever certifications you can, 381 00:18:59,200 --> 00:19:01,320 you know try to find the entry level engineer role. 382 00:19:01,440 --> 00:19:04,280 I think the ones that immediately come to mind if 383 00:19:04,280 --> 00:19:07,320 you're looking for that kind of role is 2 consult is 2 areas. 384 00:19:07,600 --> 00:19:10,800 The 1st is consulting. A lot of consulting shops are 385 00:19:10,800 --> 00:19:15,600 looking for kind of entry level people to train up and develop 386 00:19:15,960 --> 00:19:18,000 and sort of augment their more senior staff and that's 387 00:19:18,000 --> 00:19:21,360 primarily around a cost basis. You can't have you know senior 388 00:19:21,360 --> 00:19:23,880 level people doing all the work. That's just it's very expensive 389 00:19:23,880 --> 00:19:27,280 to do it that way. So you're always looking for you 390 00:19:27,280 --> 00:19:30,240 know, fresh talent to kind of come in and start to learn the 391 00:19:30,240 --> 00:19:34,600 ropes and kind of offload some of the administrative things or 392 00:19:34,600 --> 00:19:37,720 you know, basic configuration items that go on with any kind 393 00:19:37,720 --> 00:19:40,200 of technologies. The other is actually going to 394 00:19:40,200 --> 00:19:41,560 the technology companies themselves. 395 00:19:42,560 --> 00:19:45,680 If you've, you know a lot of these folks are looking for 396 00:19:46,080 --> 00:19:50,680 sales engineers and for Level 1 supports and people they can 397 00:19:50,680 --> 00:19:52,600 transfer themselves. So there's a a specific 398 00:19:52,600 --> 00:19:53,800 technology that you're looking at. 399 00:19:54,360 --> 00:19:56,080 Check out their website and see if they're hiring for those 400 00:19:56,080 --> 00:19:58,400 types of roles. You know that's another option 401 00:19:58,400 --> 00:19:59,520 that that you can take a look at. 402 00:19:59,520 --> 00:20:02,800 But I really do think you kind of start with what are, what do 403 00:20:02,800 --> 00:20:07,400 you want to be when you grow up in the IM space and then figure 404 00:20:07,400 --> 00:20:10,880 out what you need to get there. The role that you start with may 405 00:20:10,880 --> 00:20:15,720 not be a 100% match, but if it puts you in position to either 406 00:20:15,720 --> 00:20:18,720 get to that, you know whether it's with that company or in 407 00:20:18,720 --> 00:20:20,960 others. I think you've got to figure 408 00:20:20,960 --> 00:20:22,040 that out. And that's different for 409 00:20:22,040 --> 00:20:23,480 everybody. Everyone's got a different. 410 00:20:23,480 --> 00:20:25,160 Situation. I think there are also some 411 00:20:25,160 --> 00:20:30,000 certain intangibles that if you have these things, you're more 412 00:20:30,000 --> 00:20:33,560 likely to get a position. I really want to be a part of a 413 00:20:33,560 --> 00:20:36,280 team. I really like to encourage 414 00:20:36,360 --> 00:20:39,160 others and, you know, provide leadership. 415 00:20:39,160 --> 00:20:42,760 Wherever I have the ability to lead. 416 00:20:43,600 --> 00:20:47,640 I don't feel like I need a title to lead some of those, to tell 417 00:20:47,640 --> 00:20:51,080 me those things. I'm like, this person's got the 418 00:20:51,080 --> 00:20:54,760 right stuff now, Do they have enough technical skills to do 419 00:20:54,760 --> 00:20:57,360 the job that I'm looking for? I don't know. 420 00:20:57,360 --> 00:20:58,960 That might be a separate decision. 421 00:20:58,960 --> 00:21:04,000 But if you can make the person know that, like you've got the 422 00:21:04,000 --> 00:21:10,160 right intangibles, you know, being a good team member, 423 00:21:10,600 --> 00:21:15,120 looking for opportunities to lead, you know, I think those 424 00:21:15,120 --> 00:21:17,480 are those are great things. Those are coming to me that 425 00:21:17,480 --> 00:21:20,840 people don't hate you. All right, yeah, We just be a 426 00:21:20,840 --> 00:21:24,320 decent human being. All right. 427 00:21:24,320 --> 00:21:25,280 Should we move on to the next one? 428 00:21:26,200 --> 00:21:28,840 Let's do it. All right, so this one comes 429 00:21:28,840 --> 00:21:31,920 from Alex Suarez. Hey Jim and Jeff, My name is 430 00:21:31,920 --> 00:21:34,400 Alex Suarez and I am an I am domain Architect. 431 00:21:34,840 --> 00:21:37,120 The question that I have is, given the increasing 432 00:21:37,120 --> 00:21:39,840 complexities of each slice of Identity and Access Management, 433 00:21:40,080 --> 00:21:43,160 should a single I AM Architect encompass the entire domain? 434 00:21:43,640 --> 00:21:46,800 Meaning should an I am Domain Architect focus in all aspects 435 00:21:46,800 --> 00:21:50,680 of Access Management, Pam, IGAMFA, etcetera? 436 00:21:51,280 --> 00:21:53,400 And therefore could there be an opportunity to have an 437 00:21:53,400 --> 00:21:56,280 equivalent of an Enterprise Chief Architect role but solely 438 00:21:56,280 --> 00:21:58,280 focus on the I am Domain as a whole? 439 00:21:58,400 --> 00:21:59,760 What are your thoughts? Thank you. 440 00:21:59,880 --> 00:22:01,760 Interesting question. What do you think, Jim? 441 00:22:02,800 --> 00:22:06,320 Yeah, my initial reaction is different. 442 00:22:07,600 --> 00:22:11,200 Part of it's going to depend on what the organization needs, how 443 00:22:11,200 --> 00:22:13,840 big their architecture group is, things like that. 444 00:22:14,800 --> 00:22:18,520 I mean, Alex points out something that it's become very 445 00:22:18,520 --> 00:22:21,120 obvious to me that the IM space is growing. 446 00:22:21,360 --> 00:22:23,760 There's all these different domains, there's so much to 447 00:22:23,760 --> 00:22:26,160 know. I usually don't think that 448 00:22:26,320 --> 00:22:30,920 architects need to know the intricacies of every technology 449 00:22:30,920 --> 00:22:34,560 that they're involved with. But I guess that would also 450 00:22:34,560 --> 00:22:36,400 depend on the organization, right? 451 00:22:36,400 --> 00:22:41,920 So if you are like a consulting organization, you really need to 452 00:22:41,920 --> 00:22:45,840 provide expertise at the architect level for your 453 00:22:45,840 --> 00:22:48,440 clients. You do need to have a certain 454 00:22:48,440 --> 00:22:52,040 level of expertise. If you're the architect at a 455 00:22:52,040 --> 00:22:58,200 company, you probably have to be more a Jack of all trades and 456 00:22:58,400 --> 00:23:00,960 and have a good understanding of how these things work. 457 00:23:00,960 --> 00:23:05,240 So I think it kind of depends which is the consulting answer. 458 00:23:05,600 --> 00:23:09,200 You know if you're roll up your sleeves do I am every day you're 459 00:23:09,200 --> 00:23:14,040 probably you might just focus on access management or something 460 00:23:14,040 --> 00:23:18,360 like that or identity governance for sure ITDR. 461 00:23:18,760 --> 00:23:22,320 But I think if you're working for a firm that you know it's 462 00:23:22,320 --> 00:23:26,520 like a say GE or a bank or something like that, you're 463 00:23:26,520 --> 00:23:28,280 probably going to have to have a broader scope. 464 00:23:28,600 --> 00:23:32,720 It's just they just don't have enough architects to, you know, 465 00:23:32,720 --> 00:23:35,680 specialize too much. Yeah, I like the I hate to say 466 00:23:35,680 --> 00:23:36,840 it, but I like the depends asset. 467 00:23:36,840 --> 00:23:38,960 It depends answer and that's what kind of mind is. 468 00:23:39,320 --> 00:23:43,720 Is there enough of work to support someone working only as 469 00:23:43,720 --> 00:23:46,760 an identity architect? And that's got to be a massive 470 00:23:46,760 --> 00:23:48,080 organization. It's got. 471 00:23:48,080 --> 00:23:51,760 Or maybe it's a massive identity footprint that you're trying to 472 00:23:52,040 --> 00:23:54,600 pull together. I like the idea of it, but I 473 00:23:54,600 --> 00:23:56,960 don't know if I necessarily see it in the real world yet. 474 00:23:56,960 --> 00:24:00,800 Maybe as we move things along and identity becomes more. 475 00:24:01,840 --> 00:24:05,040 Larger. You know, more spread out across 476 00:24:05,040 --> 00:24:06,560 the organization, maybe some things like that. 477 00:24:06,560 --> 00:24:11,080 But I find it difficult right now to say, OK, I only focus on 478 00:24:11,160 --> 00:24:14,800 identity architecture. That might be a focus for a 479 00:24:14,800 --> 00:24:17,160 couple weeks, a couple months, maybe a year as you're kind of 480 00:24:17,160 --> 00:24:19,400 standing something up. But once you've got the 481 00:24:19,400 --> 00:24:23,120 architecture in place, then what, like what do you do? 482 00:24:23,920 --> 00:24:25,880 As I say, it goes back to the question of like is there enough 483 00:24:25,880 --> 00:24:30,240 work to support someone working only on identity architecture 484 00:24:30,240 --> 00:24:33,840 for five years, 10 years? I don't know. 485 00:24:33,840 --> 00:24:36,920 I think you'd have to be a really massive identity product. 486 00:24:36,920 --> 00:24:40,120 I could see maybe something like that at like you know a meta, a 487 00:24:40,120 --> 00:24:44,160 Google, large ID, PS Microsoft, right? 488 00:24:44,160 --> 00:24:47,360 Things like that. A normal organization, probably 489 00:24:47,360 --> 00:24:48,560 not. And I say normal. 490 00:24:48,560 --> 00:24:52,600 Just meaning identity is not their secret sauce. 491 00:24:52,600 --> 00:24:54,800 It's not their products, right? To deliver to others. 492 00:24:55,520 --> 00:24:58,560 Maybe a massive e-commerce type thing maybe something like 493 00:24:59,040 --> 00:25:03,640 Amazon you know might have something like that but I think 494 00:25:03,640 --> 00:25:06,640 it's an interesting conversation and and then should a chief IM 495 00:25:06,640 --> 00:25:08,400 architect exist. I think the second part of the 496 00:25:08,400 --> 00:25:12,000 question again kind of goes back to is there enough work to 497 00:25:12,000 --> 00:25:14,680 support that? What does a chief identity 498 00:25:14,680 --> 00:25:18,240 architect do? That means are there sub chiefs 499 00:25:18,600 --> 00:25:21,560 right, Are there other identity identity architects and there's 500 00:25:21,560 --> 00:25:23,400 one person who's kind of like in charge of all those. 501 00:25:23,520 --> 00:25:26,320 I mean that to my my mind is like how much how big is your 502 00:25:26,320 --> 00:25:30,080 identity architecture to multiple people in a long term 503 00:25:30,080 --> 00:25:32,160 role to keep that up and running? 504 00:25:32,960 --> 00:25:36,280 I think if you have an identity consulting firm, you definitely 505 00:25:36,280 --> 00:25:37,920 could have that kind of structure, right? 506 00:25:38,200 --> 00:25:41,360 I mean, we worked at a company where there were several cell 507 00:25:41,360 --> 00:25:44,520 point architects, so you could see something, but they were. 508 00:25:44,520 --> 00:25:48,560 Focused on cell point, right. Yeah, that's all they did. 509 00:25:49,400 --> 00:25:51,240 Yeah, Yep. But we also had people who were 510 00:25:51,240 --> 00:25:57,600 architects in access management. So I yeah this is one of those 511 00:25:57,600 --> 00:26:01,520 depends on, So sorry Alex. Yeah, I hate to say it depends. 512 00:26:01,520 --> 00:26:04,960 I think if you understand the identity space and you're able 513 00:26:04,960 --> 00:26:10,400 to combine architectures and understand how authorization, 514 00:26:10,400 --> 00:26:12,680 authentication, privilege, access, identity, governance, 515 00:26:12,680 --> 00:26:15,880 ITDR, you know all that stuff kind of comes together. 516 00:26:15,880 --> 00:26:18,760 I think that's great that obviously, you know, makes I 517 00:26:18,760 --> 00:26:20,400 think it's very valuable to have that skill. 518 00:26:20,400 --> 00:26:21,560 I just don't know if there's enough. 519 00:26:22,120 --> 00:26:24,760 That's a question only your your organization can answer, right? 520 00:26:24,760 --> 00:26:28,320 Is there enough work where you only focus on identity 521 00:26:28,320 --> 00:26:30,960 architecture? Maybe there is and I'm happy to 522 00:26:30,960 --> 00:26:32,760 be wrong because I would definitely want to promote the 523 00:26:32,760 --> 00:26:36,080 identity space, but I I just haven't seen it yet where 524 00:26:36,080 --> 00:26:38,680 there's been one dedicated identity architect. 525 00:26:38,680 --> 00:26:43,560 Usually it's a shared architect type role where they they know 526 00:26:43,560 --> 00:26:45,760 the identity side but they also know some the other things going 527 00:26:45,760 --> 00:26:49,000 within the organization. Yeah, like an infosec architect 528 00:26:49,000 --> 00:26:52,760 who also understands like the logging architecture, because 529 00:26:53,040 --> 00:26:58,040 look at itdr, it's it straddles that line between identity and 530 00:26:58,480 --> 00:27:00,280 threat detection. All right. 531 00:27:00,280 --> 00:27:04,120 Next up we've got Tim Ritter, so here he goes. 532 00:27:04,920 --> 00:27:08,400 Jim and Jeff, Tim Ritter from Cloud Identity wishing you guys 533 00:27:08,520 --> 00:27:11,640 a great 2024. I'm sure you guys have great 534 00:27:11,640 --> 00:27:14,360 plans both personally, professionally and with the 535 00:27:14,840 --> 00:27:18,640 podcast here, but wanted to touch on the hiring front. 536 00:27:18,640 --> 00:27:21,800 Cloud Identity, obviously a global leader in IAM and Pam 537 00:27:21,800 --> 00:27:26,280 staffing and some advice for people looking out there. 538 00:27:26,280 --> 00:27:29,080 If you do have your current role, be grateful. 539 00:27:29,120 --> 00:27:32,560 Layoffs have created fierce competition for roles for 540 00:27:32,560 --> 00:27:36,040 numbers as everyone is seen on LinkedIn, and now is definitely 541 00:27:36,040 --> 00:27:38,600 not the time to be looking for that dream job. 542 00:27:39,520 --> 00:27:42,840 If you need income right now, utilize your skill sets and look 543 00:27:42,840 --> 00:27:45,360 at rules. That may not be exactly what 544 00:27:45,360 --> 00:27:49,240 you're looking for if you do need income, but the good news 545 00:27:49,240 --> 00:27:53,040 is, is our clients have projects starting and we're seeing 546 00:27:53,040 --> 00:27:56,200 identity projects throughout the landscape that are getting under 547 00:27:56,200 --> 00:27:58,600 way. So we're anticipating around 548 00:27:58,640 --> 00:28:01,560 Q3Q4. You know, there'll be a good 549 00:28:01,560 --> 00:28:04,520 flow again on the hiring front within the sector. 550 00:28:04,960 --> 00:28:08,160 But my question for you guys is with all these breaches 551 00:28:08,160 --> 00:28:11,560 happening in the introduction of AI, what do you think the most 552 00:28:11,560 --> 00:28:15,080 influential roles will be inside for 2024? 553 00:28:15,440 --> 00:28:18,000 Is it the SISO? Is it our technical talent, 554 00:28:18,000 --> 00:28:20,320 functional leadership? I'd like to hear your guys 555 00:28:20,320 --> 00:28:24,800 opinion, but again wishing you guys all the best for 2024 and 556 00:28:24,880 --> 00:28:27,880 hopefully she you either at Gertner, IAM or Identiverse. 557 00:28:28,040 --> 00:28:29,160 Take care guys. All right. 558 00:28:29,160 --> 00:28:31,280 So Tim's a friend of the show, definitely stuck a commercial in 559 00:28:31,280 --> 00:28:34,840 there, but we'll allow it. Anything that gets Identity 560 00:28:34,840 --> 00:28:37,360 people up and working and employed, I'm in favor of. 561 00:28:38,760 --> 00:28:41,280 I think the first part of his statement really is kind of like 562 00:28:41,280 --> 00:28:43,920 the job market and competition and things like out there. 563 00:28:43,920 --> 00:28:46,880 I mean, I think that's it's a very competitive market that 564 00:28:46,880 --> 00:28:48,120 we're in. Identity, I think there's always 565 00:28:48,120 --> 00:28:51,440 people looking for folks, but I definitely agree that it we've 566 00:28:51,440 --> 00:28:54,200 seen a little bit of a slowdown with organizations taking a step 567 00:28:54,200 --> 00:28:56,280 back. You know there's been layoffs 568 00:28:56,280 --> 00:28:58,600 have taken place you know within the identity space as well. 569 00:28:59,360 --> 00:29:02,440 So I think I'm encouraged by it. I think the last year a lot of 570 00:29:02,440 --> 00:29:04,600 this was driven by the economy, especially the first half of the 571 00:29:04,600 --> 00:29:07,560 year in the US and starting to see that pick up. 572 00:29:07,560 --> 00:29:11,080 So a lot of things that people really want to get started maybe 573 00:29:11,080 --> 00:29:14,440 in first, second quarter of 2023, they kind of had to punt 574 00:29:14,520 --> 00:29:17,200 for a little bit, figure out what the US economy is going to 575 00:29:17,200 --> 00:29:21,600 do and it seems like Q4 and then now we're into Q1 of 2024, I'm 576 00:29:21,680 --> 00:29:23,280 definitely starting to see that pick up as well. 577 00:29:23,280 --> 00:29:26,920 So totally get that. As far as the influential roles 578 00:29:26,920 --> 00:29:31,000 when it comes to AI, and I am, what do you think, Jim? 579 00:29:32,160 --> 00:29:34,880 Well, yeah. First I did want to say like I 580 00:29:34,880 --> 00:29:37,920 thought that was a good input from Tim. 581 00:29:39,880 --> 00:29:42,240 You know, as far as like here's the state of the current job 582 00:29:42,240 --> 00:29:44,080 market, but he sees a pick up coming. 583 00:29:44,560 --> 00:29:47,880 That would be great news. You're still seeing layoffs, but 584 00:29:47,960 --> 00:29:51,200 that was big reason why we wanted to play this question was 585 00:29:51,200 --> 00:29:54,600 like there's a tidbit of information from somebody who's 586 00:29:54,600 --> 00:29:59,600 actively, you know, looking to place people all the time as far 587 00:29:59,600 --> 00:30:01,600 as kind of those influential roles. 588 00:30:01,880 --> 00:30:05,400 I I still think, you know, as far as AI, let me put that off 589 00:30:05,400 --> 00:30:08,840 to the side for a second. I still think that it's the CISO 590 00:30:08,840 --> 00:30:13,320 who has access to the board and has to keep educating them on 591 00:30:13,840 --> 00:30:17,760 this evolving threat landscape. Organizations cannot just take a 592 00:30:17,760 --> 00:30:21,600 hiatus from investing in informational security. 593 00:30:21,840 --> 00:30:25,280 And what at least what I'm seeing is that I we've been 594 00:30:25,280 --> 00:30:27,960 calling Identity at the center of this podcast has been going 595 00:30:27,960 --> 00:30:31,480 for nearly five years, but it just becomes more true every 596 00:30:31,480 --> 00:30:34,680 year. The investments in the identity 597 00:30:35,120 --> 00:30:41,760 landscape need to continue. In fact they need to increase. 598 00:30:41,920 --> 00:30:48,000 So it's those Csos and them being able to influence and help 599 00:30:48,000 --> 00:30:50,360 the board understand that this is a real threat to the 600 00:30:50,360 --> 00:30:53,040 business. I mean being shut down for a 601 00:30:53,040 --> 00:30:58,040 couple of days or a week, it's kind of like a, a death knell 602 00:30:58,040 --> 00:31:02,760 for a lot of organizations. So putting money into that is, 603 00:31:03,120 --> 00:31:05,800 it really is an investment. It's not FUD factor either. 604 00:31:06,040 --> 00:31:10,120 I mean, we've seen organizations that, you know, go offline for 605 00:31:10,120 --> 00:31:13,640 several days when they they suffer a massive breach. 606 00:31:13,680 --> 00:31:18,080 So I think they're influential, but everybody's influential. 607 00:31:18,280 --> 00:31:21,240 You know, the, the engineers, the architects, they have a 608 00:31:21,240 --> 00:31:25,560 voice within the organization. They need to be letting the see 609 00:31:25,560 --> 00:31:27,160 so know, here's what we're seeing. 610 00:31:27,160 --> 00:31:30,280 This is what's happening. This is, you know, the state of 611 00:31:30,280 --> 00:31:35,720 affairs that we're in. You know, as far as like AI, the 612 00:31:35,800 --> 00:31:42,080 the impact of AII think is going to probably impact engineering, 613 00:31:42,800 --> 00:31:45,120 the engineering and operations the most. 614 00:31:45,120 --> 00:31:49,920 Because the role I see AI playing in identity is that we 615 00:31:49,920 --> 00:31:54,080 can do more with fewer people. So we can, you know, manage 616 00:31:54,080 --> 00:31:58,080 bigger landscapes, you know, or say, with the same number of 617 00:31:58,080 --> 00:32:01,760 people, keep the same number of people, but basically have the 618 00:32:01,760 --> 00:32:05,040 software be able to do more and accomplish more. 619 00:32:05,040 --> 00:32:08,960 And rather than taking a year to roll out a software platform, 620 00:32:09,240 --> 00:32:11,680 maybe it only takes a couple of months, right? 621 00:32:11,680 --> 00:32:15,520 There's still more to technology rollouts than just technology. 622 00:32:15,520 --> 00:32:18,440 There's communication, there's user training, things like that. 623 00:32:18,760 --> 00:32:24,360 But I see AI impacting all those areas and making it easier to 624 00:32:24,360 --> 00:32:28,040 communicate effectively, to train people as well as to 625 00:32:28,040 --> 00:32:31,160 manage complex systems at a larger scale. 626 00:32:32,120 --> 00:32:35,240 Yeah, you hit everything that I was going to say he wants to add 627 00:32:35,240 --> 00:32:37,000 other than. I slow your Thunder. 628 00:32:37,360 --> 00:32:39,600 Yeah, you totally did. And I I think you were thinking 629 00:32:39,600 --> 00:32:42,880 alike on this one. You know, influence in an 630 00:32:42,880 --> 00:32:45,280 organization takes many shapes and forms. 631 00:32:45,480 --> 00:32:49,560 So whether you are the CSO or you are an engineer, an 632 00:32:49,560 --> 00:32:53,440 individual contributor or part of the board, I think being 633 00:32:53,440 --> 00:32:59,920 aware of how it's impacting not only you know life at large, but 634 00:32:59,920 --> 00:33:02,640 specifically for your organization, How are you going 635 00:33:02,640 --> 00:33:06,000 to be able to leverage the capabilities that it has? 636 00:33:06,640 --> 00:33:09,240 What are the threats that you see that you need to defend 637 00:33:09,240 --> 00:33:13,120 against? I think it's, I think it's an 638 00:33:13,120 --> 00:33:16,120 important area. It's definitely going to change 639 00:33:16,120 --> 00:33:19,880 the way that Identity works for on a number of fronts. 640 00:33:20,360 --> 00:33:22,920 You know, my we've talked about this before is how am I going to 641 00:33:22,920 --> 00:33:27,400 use AI to configure or set up connections between maybe you 642 00:33:27,400 --> 00:33:32,000 know different applications. Hey, I use a, you know, natural 643 00:33:32,000 --> 00:33:34,920 language interface and it's using large language models to 644 00:33:34,920 --> 00:33:39,480 convert my basic statement of I want to connect this to that, do 645 00:33:39,480 --> 00:33:43,160 it right and it it it's able to kind of infer that. 646 00:33:43,760 --> 00:33:46,120 How do you know that it's doing it correctly? 647 00:33:46,120 --> 00:33:48,920 Is it configured? Is it set up and secured 648 00:33:48,920 --> 00:33:49,640 correctly? Right. 649 00:33:49,640 --> 00:33:51,360 Things like that. I think that's still the area 650 00:33:51,360 --> 00:33:54,920 where I I would imagine, especially engineers in this 651 00:33:54,920 --> 00:33:56,480 area are really going to take a look at. 652 00:33:56,480 --> 00:34:01,720 Can you trust the model or the AI or whatever it is to do it 653 00:34:01,720 --> 00:34:04,320 correctly and to keep doing it correctly? 654 00:34:04,320 --> 00:34:07,000 And when it doesn't do it correctly, why did it do it 655 00:34:07,000 --> 00:34:09,000 wrong? What did it do wrong, and how do 656 00:34:09,000 --> 00:34:10,560 you correct that behavior going forward? 657 00:34:11,440 --> 00:34:13,560 And then, you know, I think that trickles up. 658 00:34:13,560 --> 00:34:16,639 But obviously you know as you as engineers are talking amongst 659 00:34:16,639 --> 00:34:18,840 themselves and they're working maybe with the CSO or maybe 660 00:34:18,840 --> 00:34:21,239 they're working with the board, right, whatever it is, I think 661 00:34:21,239 --> 00:34:23,360 that influence goes up front. But I think we've got to make 662 00:34:23,360 --> 00:34:26,159 sure that we don't get stuck in the fun factor, you know fear, 663 00:34:26,159 --> 00:34:30,719 uncertainty and doubt is let's be honest and open about the 664 00:34:30,719 --> 00:34:34,120 benefits and the negatives, you know, that will come come with 665 00:34:34,120 --> 00:34:37,679 us and be prepared for it. So I think that's, I think 666 00:34:37,679 --> 00:34:39,719 that's the only thing that I'll kind of add to what you just 667 00:34:39,719 --> 00:34:42,679 said. All right, let's get to Pedro's 668 00:34:42,679 --> 00:34:43,880 next. I like his question. 669 00:34:43,880 --> 00:34:47,239 So let's Harriet. Hi I'm Pedro, I'm a Service 670 00:34:47,239 --> 00:34:50,920 security architect based in Brazil and specialized in IAM 671 00:34:51,199 --> 00:34:56,080 and my question is regarding regarding ITDRI would like to 672 00:34:56,080 --> 00:34:58,800 know if there's a better solution to my ITDR 673 00:34:58,800 --> 00:35:04,240 implementation in ways like is it it would be more recommended 674 00:35:04,240 --> 00:35:09,600 for me to use my ITDR capabilities of my IEM solution 675 00:35:09,720 --> 00:35:14,720 for example using Microsoft Intra Identity Protection as as 676 00:35:14,720 --> 00:35:18,680 part of the Microsoft Intra Solution suite. 677 00:35:19,400 --> 00:35:25,000 Or would be better if I have a dedicated ITDR solution to to 678 00:35:25,000 --> 00:35:31,760 monitor all my all my my IEM in in spam solutions? 679 00:35:31,960 --> 00:35:37,480 Or even or even if it would be a good approach to have both 680 00:35:37,480 --> 00:35:41,800 solutions working together using my native capabilities of my IEM 681 00:35:41,800 --> 00:35:47,200 solution and my my dedicated solution of ITDR? 682 00:35:47,760 --> 00:35:49,880 Thanks. I think this is a question that 683 00:35:49,880 --> 00:35:52,960 everyone struggles with is do you use what you've already got 684 00:35:53,440 --> 00:35:55,960 and do, or do you need to get something else? 685 00:35:56,960 --> 00:36:00,320 Or maybe some combination go you go first Jim. 686 00:36:01,360 --> 00:36:03,760 OK. Well, we weren't talking about 687 00:36:03,800 --> 00:36:08,040 ITDR 2 years ago. Now it's like all we can talk 688 00:36:08,040 --> 00:36:10,560 about. And I'm really bullish on my 689 00:36:10,560 --> 00:36:14,080 TDR. But how many ITDR solutions 690 00:36:14,080 --> 00:36:17,520 exist today? There are a lot of them. 691 00:36:17,520 --> 00:36:19,400 I'll just say there's more than a dozen. 692 00:36:19,760 --> 00:36:23,840 And so you you think you're so OK, Well two years from now, how 693 00:36:23,840 --> 00:36:28,440 many were the will there be? I think part of it is Pedro hit 694 00:36:28,440 --> 00:36:32,440 on a great point is that a lot of products are now being built 695 00:36:32,720 --> 00:36:36,560 with ITDR features. And when I think about TDR 696 00:36:36,560 --> 00:36:40,960 features, I think of two things. One is looking at your identity 697 00:36:40,960 --> 00:36:44,360 system and when we talk about built in, I'm just going to say 698 00:36:44,360 --> 00:36:48,360 system, I'm not going to say systems because if you're say 699 00:36:48,360 --> 00:36:52,200 running Octa and you're leveraging what they're 700 00:36:52,320 --> 00:36:55,720 developing from an ITVR perspective, it's not going to 701 00:36:55,720 --> 00:37:01,880 also work against your like your cell point system or your cyber 702 00:37:01,880 --> 00:37:04,160 arc system, right. It's just going to work for just 703 00:37:04,160 --> 00:37:07,400 Okta. It's going to look at like how 704 00:37:07,560 --> 00:37:10,000 vulnerable is your system configured? 705 00:37:11,040 --> 00:37:15,680 Do you have certain patterns that are well known that could 706 00:37:15,680 --> 00:37:19,520 be attacked, but it's also looking at, from a life 707 00:37:19,520 --> 00:37:23,880 perspective, what's happening in the environment, how the 708 00:37:24,840 --> 00:37:30,160 identity system being used And are you potentially hitting on 709 00:37:30,520 --> 00:37:36,200 suspicious behaviors. That action needs to be taken 710 00:37:36,280 --> 00:37:39,240 like the response. In other words, we detect that 711 00:37:39,440 --> 00:37:41,720 it looks like some hackers trying to use one of the 712 00:37:41,720 --> 00:37:46,200 accounts and we're going to respond by you know disabling 713 00:37:46,200 --> 00:37:51,560 that account etcetera. So again like specific solution 714 00:37:51,560 --> 00:37:55,240 built just for that identity system is going to be just for 715 00:37:55,240 --> 00:37:57,720 that identity system. And if you're looking at the 716 00:37:57,720 --> 00:38:02,240 true ITDR that are I should say a standalone ITDR that's 717 00:38:02,240 --> 00:38:06,520 independent of an underlying product, then it should cover 718 00:38:06,560 --> 00:38:08,640 essentially all of your identity system. 719 00:38:08,640 --> 00:38:11,320 So it really depends on the position that you're in. 720 00:38:11,800 --> 00:38:16,320 I I suppose I haven't gotten far enough down that path to say 721 00:38:16,320 --> 00:38:19,680 whether or not and I think a lot of the ones that are being built 722 00:38:19,680 --> 00:38:23,760 into products are not at the maturity level that a dedicated 723 00:38:23,760 --> 00:38:27,520 product would be. So I kind of think you're going 724 00:38:27,520 --> 00:38:29,600 to do both, right. You're not going to ignore the 725 00:38:29,600 --> 00:38:33,800 features that your system has, but they're probably not going 726 00:38:33,800 --> 00:38:38,680 to be enough for just their own product but also for you know 727 00:38:38,960 --> 00:38:40,560 products outside of that product. 728 00:38:41,360 --> 00:38:43,280 So that's what my answer would be. 729 00:38:43,640 --> 00:38:47,160 Both. Your answer is both, so having 730 00:38:47,160 --> 00:38:51,920 both technologies in place to cover everything essentially. 731 00:38:52,880 --> 00:38:55,880 Yeah, I think you need an ITDR to do ITDR things. 732 00:38:55,880 --> 00:39:00,480 But if your system has ITDR capabilities, like if you have 733 00:39:00,480 --> 00:39:03,240 Octa and it has ITDR capabilities, you should not 734 00:39:03,240 --> 00:39:06,520 ignore those. It's kind of like Microsoft has 735 00:39:06,520 --> 00:39:11,040 privilege identity management. OK, so should you get a 736 00:39:11,040 --> 00:39:13,880 privilege identity or privilege access management system? 737 00:39:14,520 --> 00:39:16,880 Well, you need it for everything else other than the Microsoft 738 00:39:16,880 --> 00:39:19,240 stuff, right? But if you do have one of those, 739 00:39:19,240 --> 00:39:21,760 does that mean you don't use the Microsoft privilege identity 740 00:39:21,760 --> 00:39:22,920 management? No. 741 00:39:23,040 --> 00:39:26,000 You can use both, right? They can all fit into one 742 00:39:26,000 --> 00:39:28,720 program. So I kind of see it in a similar 743 00:39:28,720 --> 00:39:30,440 fashion. This stuff costs money. 744 00:39:31,280 --> 00:39:35,360 So before you add a new tool and see if I read, how do you 745 00:39:35,360 --> 00:39:37,560 justify that sort of thing? Because this stuff isn't isn't 746 00:39:37,560 --> 00:39:39,280 cheap. You know, if you're, we're 747 00:39:39,280 --> 00:39:42,000 talking specifically about Entra, if you're a 100% 748 00:39:42,000 --> 00:39:45,520 Microsoft shop and you can live in that world, yeah, go for it. 749 00:39:46,120 --> 00:39:48,920 I'm, you know, everything's taking place from a Microsoft 750 00:39:48,920 --> 00:39:50,600 perspective. It's probably a good fit. 751 00:39:50,640 --> 00:39:53,280 If you've got stuff that bleeds out of that, I think you got to 752 00:39:53,280 --> 00:39:58,840 decide, is it worth the cost to add another technology into your 753 00:39:58,840 --> 00:40:00,600 environment. You're going to have to pay 754 00:40:00,600 --> 00:40:03,520 licensing fees, You're going to spend money to get it up and 755 00:40:03,520 --> 00:40:06,200 running, and then you're going to spend time and resources 756 00:40:06,640 --> 00:40:08,480 monitoring. Yet another thing. 757 00:40:08,520 --> 00:40:10,840 Does Entra feed into that tool? Maybe. 758 00:40:10,840 --> 00:40:13,560 Maybe it doesn't. I think there are. 759 00:40:14,080 --> 00:40:17,840 Opportunities here for, you know, thinking about it from a 760 00:40:17,840 --> 00:40:21,920 smart spend perspective, yeah, if you have 80% coverage through 761 00:40:21,920 --> 00:40:25,320 Entra, great, Is it worth it to go that extra 20%? 762 00:40:25,400 --> 00:40:28,760 I think all you can decide, I think you need to figure out is 763 00:40:28,760 --> 00:40:32,600 the business going to justify the spend to cover that 764 00:40:32,600 --> 00:40:34,560 additional 20%. And those are just arbitrary 765 00:40:34,560 --> 00:40:36,720 numbers, right? Maybe Entra is only 25% of your 766 00:40:36,720 --> 00:40:38,160 environment. And yeah, you definitely do need 767 00:40:38,160 --> 00:40:41,320 something else, you know, to collect things without really 768 00:40:41,320 --> 00:40:43,400 knowing the details on the architecture side of things and 769 00:40:43,400 --> 00:40:47,000 kind of what use cases you're looking to address or are at 770 00:40:47,000 --> 00:40:49,360 least covered through the Microsoft stack, what are the 771 00:40:49,360 --> 00:40:51,480 gaps that come out of it? It's just been my experience 772 00:40:51,480 --> 00:40:54,160 that if you are, if you're all in a Microsoft, that's really 773 00:40:54,160 --> 00:40:56,240 the only thing you're using. Yeah, they've got great tools 774 00:40:56,240 --> 00:40:57,760 and you should absolutely be leveraging it. 775 00:40:58,480 --> 00:41:01,160 Don't go and spend money just because it's, you know, the hot 776 00:41:01,320 --> 00:41:05,880 kind of thing right now. Save that, you know save that 777 00:41:05,880 --> 00:41:09,400 conversation and over that that budget for other things in a 778 00:41:09,400 --> 00:41:11,360 space. Have have you gone password list 779 00:41:11,360 --> 00:41:13,240 yet? Have you implemented session 780 00:41:13,240 --> 00:41:15,400 monitoring, recording in the privilege access management 781 00:41:15,400 --> 00:41:17,360 space? You know have you automated 782 00:41:17,360 --> 00:41:19,280 onboarding, offboarding like all this other stuff. 783 00:41:19,320 --> 00:41:22,280 So I think there's other things to think about as well. 784 00:41:22,880 --> 00:41:24,680 I don't like spending money just to spend money. 785 00:41:24,680 --> 00:41:26,480 You know, this is, you know, a conversation we have all the 786 00:41:26,480 --> 00:41:30,160 time. But if there truly is a gap, is 787 00:41:30,160 --> 00:41:32,360 it justified or not? I don't know. 788 00:41:32,840 --> 00:41:34,600 I think that's. I think that's my answer is I 789 00:41:34,600 --> 00:41:36,880 don't know. Only you can really decide that 790 00:41:36,880 --> 00:41:39,760 because it's if it's a small gap, you might be OK with 791 00:41:39,760 --> 00:41:41,840 accepting that risk. That might be OK, right. 792 00:41:41,840 --> 00:41:43,960 Maybe there's a manual way to kind of close the loop. 793 00:41:43,960 --> 00:41:48,000 But if it's critical to your business, if it's maybe you got 794 00:41:48,000 --> 00:41:50,080 a history of security issues, right, things like that. 795 00:41:50,080 --> 00:41:52,520 You just have the visibility. Yeah, maybe it's worth it. 796 00:41:52,680 --> 00:41:56,800 I can see certain industries, you know, are are more prone to 797 00:41:57,280 --> 00:41:59,480 attacks and therefore need to be more secure. 798 00:41:59,760 --> 00:42:02,080 They are the place as well, especially, you know, finance 799 00:42:02,120 --> 00:42:06,440 for example, regulations, you know that they have to, yeah, 800 00:42:06,440 --> 00:42:09,080 adhere to and stuff like that. Yeah, we don't disagree much. 801 00:42:09,080 --> 00:42:12,360 I think we do disagree on this, but I think it's because we're 802 00:42:12,360 --> 00:42:14,520 looking at it from different contexts. 803 00:42:14,760 --> 00:42:19,000 I think we you're right for a small organization that's all in 804 00:42:19,400 --> 00:42:26,680 on Entra and it's covering 8580% plus of all authentication, you 805 00:42:26,680 --> 00:42:27,760 might be able to get by with that. 806 00:42:27,760 --> 00:42:31,320 I'd say first, well you know, is this just checkbox compliance 807 00:42:31,400 --> 00:42:37,680 ITDR or is it like a true, you know, full-featured ITDR for 808 00:42:37,680 --> 00:42:40,600 intra. The second thing I would look at 809 00:42:40,600 --> 00:42:44,240 is like I've worked with a lot of organizations where their 810 00:42:44,240 --> 00:42:46,760 management of privilege access management is very 811 00:42:46,760 --> 00:42:49,160 decentralized. In other words, things that are 812 00:42:49,160 --> 00:42:53,280 integrated with the Windows environment are very much like, 813 00:42:53,280 --> 00:42:56,360 yeah, you've got to use your Windows environment to get 814 00:42:56,840 --> 00:43:00,880 privilege access. They're still sending standing 815 00:43:00,880 --> 00:43:03,920 privileges, but you know, put that off to the side for now. 816 00:43:04,200 --> 00:43:06,680 But then there's other pockets that are very important where 817 00:43:06,680 --> 00:43:09,880 you have like standalone accounts and databases are in 818 00:43:09,880 --> 00:43:14,080 the cloud. And you know, maybe you have 15 819 00:43:14,080 --> 00:43:16,480 different pockets where privilege exists. 820 00:43:16,720 --> 00:43:21,440 And I think potentially that's where ITTR could give you a way 821 00:43:21,440 --> 00:43:27,880 to have some central program of privilege management without 822 00:43:27,880 --> 00:43:31,680 having centralized command and control. 823 00:43:32,000 --> 00:43:34,680 You know when when you're in one of those environments and like 824 00:43:35,000 --> 00:43:39,080 your mandate isn't centralized command and control, but at the 825 00:43:39,080 --> 00:43:41,200 same time you have responsibility to keep the 826 00:43:41,200 --> 00:43:44,640 environment secure. Monitoring is a fantastic way to 827 00:43:44,640 --> 00:43:46,880 do that. And I think standard monitoring 828 00:43:46,880 --> 00:43:52,720 of like monitoring you know security logs and IP based 829 00:43:52,720 --> 00:43:57,320 events, it's just far short of the modern threat landscape 830 00:43:57,320 --> 00:44:00,600 which is much more focused on identity based threats. 831 00:44:00,600 --> 00:44:04,120 Where in other words I saw a statistic the other day was like 832 00:44:04,520 --> 00:44:08,200 42,000,000 credentials for sale on the dark web. 833 00:44:08,200 --> 00:44:10,960 It's like what and? They're probably like $6. 834 00:44:11,960 --> 00:44:14,040 Yeah, and they're cheap. They're cheap, right? 835 00:44:14,040 --> 00:44:16,280 And if they don't work, then you get your money back. 836 00:44:17,800 --> 00:44:19,720 I doubt Bitcoin. Yeah, I don't. 837 00:44:19,720 --> 00:44:21,800 I don't know if there's a there's a money back guarantee 838 00:44:21,800 --> 00:44:24,800 on stolen credentials. I look at it from a business 839 00:44:24,800 --> 00:44:26,760 perspective. You want to spend money? 840 00:44:27,400 --> 00:44:28,880 Tell me what I'm going to get for that money. 841 00:44:29,600 --> 00:44:31,400 Is it reduction of risk? How are you going to use the 842 00:44:31,400 --> 00:44:32,680 tools? They. 843 00:44:32,680 --> 00:44:35,440 A lot of organizations buy tools just because and then they send 844 00:44:35,440 --> 00:44:37,600 on a shelf or they don't get full value out of it. 845 00:44:38,400 --> 00:44:39,960 I'm in. Look, if you've got the budget, 846 00:44:39,960 --> 00:44:42,880 go for it, right. I'll never say no to adding more 847 00:44:42,880 --> 00:44:45,800 capabilities, but just be careful about adding 848 00:44:45,800 --> 00:44:49,280 capabilities that don't get ever get used and unwise spend. 849 00:44:49,440 --> 00:44:52,000 Just make sure you've got a good story and a good understanding 850 00:44:52,000 --> 00:44:54,040 of what you're getting into and how are you going to give those, 851 00:44:54,080 --> 00:44:56,920 how are you going to use those tools in your environment, you 852 00:44:56,920 --> 00:44:58,400 know, demonstrate the value. All right. 853 00:44:58,560 --> 00:45:01,840 Next up we've got Chris Power, another friend of the show. 854 00:45:02,000 --> 00:45:05,080 He actually sent in a couple. So this is kind of a a good way 855 00:45:05,080 --> 00:45:09,600 to get like you know, 3 for one. The first one was wrong goals. 856 00:45:09,640 --> 00:45:10,880 So I'll play that here. Hi. 857 00:45:10,880 --> 00:45:13,040 Jeff and Jim. I love your podcast. 858 00:45:13,120 --> 00:45:16,480 This is Chris Power. We've talked many times at a 859 00:45:16,480 --> 00:45:20,280 couple conferences and really appreciate the insights that you 860 00:45:20,280 --> 00:45:23,960 give us. My question for the day is it is 861 00:45:23,960 --> 00:45:29,120 goal setting season for most of us in January, both on a 862 00:45:29,120 --> 00:45:33,160 personal level as well as on a department level. 863 00:45:33,520 --> 00:45:37,600 I would love to see what you think is the most impactful 864 00:45:37,600 --> 00:45:43,680 goals in the identity space for both people as a individual as 865 00:45:43,680 --> 00:45:46,680 well as teams as a whole. I hope this comes in as a good 866 00:45:46,680 --> 00:45:48,320 question. And. 867 00:45:48,560 --> 00:45:49,960 Look forward to hearing your answers. 868 00:45:50,120 --> 00:45:52,040 Well, it definitely comes in as a good question. 869 00:45:52,040 --> 00:45:53,360 I think this is you're totally right. 870 00:45:53,360 --> 00:45:56,040 I think a lot of organizations operate on like a calendar year 871 00:45:56,040 --> 00:45:58,600 and say all right, you know, go into whatever your system is and 872 00:45:58,600 --> 00:46:03,440 start setting up your goals. Jim, what are your personal and 873 00:46:03,440 --> 00:46:06,720 professional goals for this? Like what do you for the 874 00:46:06,720 --> 00:46:08,560 identity space? Like what have you thought about 875 00:46:08,560 --> 00:46:10,640 you know, what is your next year look like yet? 876 00:46:10,960 --> 00:46:15,240 Yeah. So I think going into, you know, 877 00:46:15,240 --> 00:46:22,000 when I set my my work goals, I tried to set goals that I feel 878 00:46:22,000 --> 00:46:26,480 like are, you know, high likelihood that I will achieve 879 00:46:26,480 --> 00:46:29,000 them. Because, I mean, who wants to 880 00:46:29,000 --> 00:46:32,400 have that conversation with your career advisor at the end of the 881 00:46:32,400 --> 00:46:33,600 year? And you haven't achieved your 882 00:46:33,600 --> 00:46:36,240 goals, so that would so try to set. 883 00:46:36,240 --> 00:46:39,360 This is the art of low bar goal HR. 884 00:46:39,480 --> 00:46:42,080 You know HR goal setting, right? You got to pick something that's 885 00:46:42,080 --> 00:46:45,520 like good but attainable, right? Because you don't want to miss 886 00:46:45,520 --> 00:46:46,800 those, not. Sandbagging. 887 00:46:46,800 --> 00:46:50,800 But you know what I mean. For personal goals though, I 888 00:46:50,800 --> 00:46:54,680 think it's good to make them, you know, aggressive. 889 00:46:55,000 --> 00:46:58,080 I think that you should be thinking about big things and 890 00:46:58,320 --> 00:47:03,400 you know, I've got a, you know, a lot of goals for the podcast 891 00:47:03,400 --> 00:47:06,000 and getting out there and building my network. 892 00:47:06,320 --> 00:47:08,880 I think building your network is probably one of the biggest 893 00:47:08,880 --> 00:47:12,720 investments you can make in yourself, going out, meeting 894 00:47:12,720 --> 00:47:15,120 people and and doing it in a genuine way. 895 00:47:15,120 --> 00:47:17,720 If you're, if you're not comfortable just, you know, 896 00:47:17,720 --> 00:47:22,400 going and introducing yourself and I mean look you you're going 897 00:47:22,400 --> 00:47:25,640 to face some rejection, right? And that's unfortunate, but 898 00:47:25,640 --> 00:47:28,120 that's part of, you know, going out there. 899 00:47:28,120 --> 00:47:32,000 But I think you'll face a lot less rejection then you think 900 00:47:32,000 --> 00:47:35,720 you're going to. You just go up and like you 901 00:47:35,720 --> 00:47:38,440 know, insert yourself in a conversation or just stand it. 902 00:47:38,440 --> 00:47:40,920 You know, there's Circle people there seeing Glazer and some 903 00:47:40,920 --> 00:47:45,400 other Identity folks that I follow on LinkedIn. 904 00:47:45,400 --> 00:47:47,920 And you know, I'm, I'm not at their level. 905 00:47:48,440 --> 00:47:52,600 I mean, I kind of had some of those thoughts early on, right? 906 00:47:52,600 --> 00:47:55,480 Like, but then when you go and you stand there and you meet the 907 00:47:55,480 --> 00:47:59,240 people who are, they're totally normal people and very 908 00:47:59,240 --> 00:48:01,160 welcoming. So to me. 909 00:48:01,160 --> 00:48:03,760 And quotation marks. Let's put that we got some real 910 00:48:03,760 --> 00:48:06,480 weirdos in the space. There there's sure. 911 00:48:06,480 --> 00:48:09,240 There's, and I, and I mean that in a fun, jest, jesting way. 912 00:48:09,920 --> 00:48:12,360 Absolutely, But you might consider yourself a weirdo. 913 00:48:12,360 --> 00:48:14,200 So. I'm definitely weirdo for sure. 914 00:48:14,280 --> 00:48:18,000 Yeah, but welcoming is is definitely true. 915 00:48:18,000 --> 00:48:21,480 And the more I reach out for guests for this podcast, I mean, 916 00:48:21,480 --> 00:48:25,520 I I can't, I can probably count on one hand the number of times 917 00:48:25,560 --> 00:48:29,240 I've been rejected by people to be a guest on the podcast. 918 00:48:29,240 --> 00:48:33,080 And you got to remember at one point we probably had like 50 919 00:48:33,080 --> 00:48:36,160 subscribers, you know, I mean, so it was zero. 920 00:48:37,080 --> 00:48:38,760 Yeah, we started with 0. Sure. 921 00:48:38,920 --> 00:48:42,800 So anyway, that's my goal is to, you know, build my network is 922 00:48:42,800 --> 00:48:43,920 probably one of the biggest ones. 923 00:48:43,920 --> 00:48:46,120 And I really want to see the podcast. 924 00:48:46,360 --> 00:48:50,160 You know, we we doubled our listenership every year since 925 00:48:50,160 --> 00:48:53,280 we've been around. Jeff, I want to do that again 926 00:48:53,280 --> 00:48:55,240 this year. It gets harder every year, 927 00:48:55,240 --> 00:48:56,400 right? Because the number gets bigger 928 00:48:56,400 --> 00:48:58,600 doubling it. At some point we'll have 929 00:48:58,600 --> 00:49:00,600 critical mass too. It's like there's only there's 930 00:49:00,600 --> 00:49:02,240 only so many people who are interested in identity. 931 00:49:02,240 --> 00:49:05,840 Eventually get to 8 billion and you're like, wait, everybody on 932 00:49:05,840 --> 00:49:07,680 Earth listens to identity at the center. 933 00:49:08,160 --> 00:49:11,120 Yeah, my goal is to show up in Google News as having signed an 934 00:49:11,120 --> 00:49:16,720 exclusive $250 million contract with, you know, some audio firm 935 00:49:16,720 --> 00:49:21,280 right to do the podcast. What's a good goal for the Yeah, 936 00:49:21,440 --> 00:49:23,080 that's that's a good goal for a team. 937 00:49:23,480 --> 00:49:27,000 So if I'm an IAM team, what's a goal that I would be setting? 938 00:49:27,000 --> 00:49:31,040 Like what's impactful to improving IAM in an 939 00:49:31,040 --> 00:49:33,080 organization? Well, it's got to be about the 940 00:49:33,080 --> 00:49:35,320 business, right. You got to achieve things for 941 00:49:35,320 --> 00:49:38,560 the business. I think you can have like I mean 942 00:49:38,560 --> 00:49:41,440 look we all want to have team building exercise and everything 943 00:49:41,440 --> 00:49:44,560 and those are important. But I don't really think those 944 00:49:44,560 --> 00:49:47,840 would be goals that you would set that that Chris was talking 945 00:49:47,840 --> 00:49:49,800 about. But I think like achieving 946 00:49:49,800 --> 00:49:53,720 things that are actually impactful for the business would 947 00:49:53,720 --> 00:49:56,360 be right. And I think you know trying to 948 00:49:56,880 --> 00:50:01,640 focus it on like improvements and metrics that are actually 949 00:50:01,720 --> 00:50:04,560 you can measure against, I think that's important. 950 00:50:04,840 --> 00:50:07,240 What were you thinking about? I guess I was thinking about it 951 00:50:07,240 --> 00:50:09,440 for like a maybe a capability standpoint. 952 00:50:09,520 --> 00:50:12,120 We keep hearing about everybody hates the password. 953 00:50:12,240 --> 00:50:16,120 Set a goal, go password less, enable it for some population. 954 00:50:16,120 --> 00:50:18,800 I feel like that's low hanging fruit at this point. 955 00:50:18,920 --> 00:50:21,960 It's built into a lot of the ID PS that a lot of us are using 956 00:50:21,960 --> 00:50:24,600 already. There are specific tools and 957 00:50:24,600 --> 00:50:27,200 vendors out there that offer, you know, maybe enhanced 958 00:50:27,200 --> 00:50:30,600 versions of that. But let's stop talking about how 959 00:50:30,600 --> 00:50:32,600 much we hate it and actually like, start fixing it. 960 00:50:32,600 --> 00:50:35,320 I don't know anybody who's like, Oh yeah, you want to take my 961 00:50:35,320 --> 00:50:36,760 password away and make it easy for me to log in. 962 00:50:36,760 --> 00:50:39,160 Please don't do that. And if you've got the funding 963 00:50:39,160 --> 00:50:41,600 and you've got you know, the right, you know, team in place, 964 00:50:41,600 --> 00:50:43,640 go for it. Even if it's just for like a 965 00:50:43,640 --> 00:50:45,760 small group, prove it out, Show that it works. 966 00:50:45,760 --> 00:50:48,920 You know, work work the, you know the issues out of the 967 00:50:48,920 --> 00:50:52,200 process so that you're ready to go live with more people. 968 00:50:52,200 --> 00:50:54,240 I think that's a that's a team goal. 969 00:50:54,240 --> 00:50:56,400 I think I'd like to see more people is take advantage of it 970 00:50:56,400 --> 00:51:00,000 is take advantage of things like passkeys and Fido and you know 971 00:51:00,000 --> 00:51:01,320 the work that's been done in that area. 972 00:51:01,600 --> 00:51:04,120 Look at how you're going to help the business. 973 00:51:04,920 --> 00:51:06,520 Go password list. Nobody likes it. 974 00:51:06,840 --> 00:51:11,240 So stop talking and do something individually. 975 00:51:11,440 --> 00:51:14,240 You know, I think this is kind of a tough question. 976 00:51:14,240 --> 00:51:18,720 Does everyone has whatever they want to, you know, work on and 977 00:51:19,840 --> 00:51:23,680 the I think you have to decide what is going to help you 978 00:51:23,840 --> 00:51:25,800 individually from a professional standpoint. 979 00:51:25,800 --> 00:51:31,040 It might be technical training. It might be, you know, speaking. 980 00:51:31,080 --> 00:51:33,840 It might be communications. It might be writing. 981 00:51:34,560 --> 00:51:36,360 I think if you're going to be well-rounded and really move 982 00:51:36,360 --> 00:51:39,720 forward in your career, you do need to be able to communicate. 983 00:51:39,720 --> 00:51:42,760 You do need to be able to come and comfortable to talk in front 984 00:51:42,760 --> 00:51:44,760 of people. You need to have domain 985 00:51:44,760 --> 00:51:47,920 expertise. You know, which of those things 986 00:51:47,920 --> 00:51:49,880 do you need to work on? Again, you've got to kind of 987 00:51:49,880 --> 00:51:53,160 pick with this, but I think, you know, be your own worst critic 988 00:51:53,160 --> 00:51:54,680 and say, OK, well, how can I get better at that? 989 00:51:54,680 --> 00:51:58,160 What are things that I need to be doing to improve this aspect 990 00:51:58,160 --> 00:52:01,040 of it? I never wanted to talk in front 991 00:52:01,040 --> 00:52:03,840 of people, whatever. And, you know, here we are, 992 00:52:03,840 --> 00:52:06,400 we're doing a podcast for, you know, billions of people around 993 00:52:06,400 --> 00:52:09,760 the around the Galaxy. And, you know, that's not 994 00:52:09,760 --> 00:52:11,400 something that I ever thought that I would be doing. 995 00:52:11,400 --> 00:52:12,560 Am I great at it? I don't. 996 00:52:12,760 --> 00:52:15,080 I I think I'm OK. But you don't get better. 997 00:52:15,240 --> 00:52:16,200 Yeah. Thank you very much. 998 00:52:16,200 --> 00:52:18,960 I appreciate your natural check's in the mail, but I think 999 00:52:18,960 --> 00:52:21,240 this is an area where you get better the more you do it, get 1000 00:52:21,240 --> 00:52:23,480 reps doing it right. The people that we see on stage 1001 00:52:23,480 --> 00:52:27,320 is at Identiverse at Gartner. They started in the same boat. 1002 00:52:27,320 --> 00:52:30,560 It was, you know, there are certain people who are naturally 1003 00:52:30,560 --> 00:52:32,440 gifted and others that have to work at it. 1004 00:52:32,440 --> 00:52:35,960 I'm in the latter category and that's just one example. 1005 00:52:36,160 --> 00:52:37,960 You know, if it's technology based, you'll get a 1006 00:52:37,960 --> 00:52:40,480 certification. If you are looking to get more 1007 00:52:40,480 --> 00:52:43,880 advanced and identity, is there a specific tool or technology 1008 00:52:43,880 --> 00:52:47,080 you want to go for or is there, you know, a broader identity 1009 00:52:47,120 --> 00:52:50,600 certification like CID Pro from idpro.org, right. 1010 00:52:50,600 --> 00:52:52,760 Things like that. Or is it a soft skill? 1011 00:52:53,120 --> 00:52:55,680 You know, can you articulate, you know, can you build a 1012 00:52:55,680 --> 00:52:57,440 PowerPoint slide that doesn't look like crap? 1013 00:52:58,400 --> 00:53:00,720 Because that's the method that your organization uses to 1014 00:53:00,720 --> 00:53:03,240 communicate, you know, amongst each other, You know, stuff like 1015 00:53:03,240 --> 00:53:07,000 that I think is important. And I think people need to be 1016 00:53:07,000 --> 00:53:11,480 willing to spend time on YouTube, self study and learning 1017 00:53:11,480 --> 00:53:14,080 and trying to figure out how things work. 1018 00:53:14,640 --> 00:53:16,560 And whatever that thing is doesn't necessarily have to be a 1019 00:53:16,560 --> 00:53:18,480 technical thing. It can be a process. 1020 00:53:18,480 --> 00:53:21,040 It can be, you know, a mindset, whatever that is. 1021 00:53:21,840 --> 00:53:24,160 Yeah, look at us. Like the other thing is put 1022 00:53:24,160 --> 00:53:26,800 yourself out there. Yeah, you know, let's look at 1023 00:53:26,800 --> 00:53:28,960 us. We, it's not like we're experts 1024 00:53:28,960 --> 00:53:31,720 on every subject and that's why we have guests or anything or 1025 00:53:31,720 --> 00:53:33,880 anything, right. That's why we have guests come 1026 00:53:33,880 --> 00:53:38,040 in who are experts. But we put ourselves out there 1027 00:53:38,400 --> 00:53:41,920 and take a chance that we're not going to, we're not going to 1028 00:53:41,920 --> 00:53:45,960 know what we're talking. About I think it's I think it's 1029 00:53:45,960 --> 00:53:49,480 that is easier said than done. I certainly recognize not 1030 00:53:49,480 --> 00:53:51,520 everyone is comfortable doing that and that's fine. 1031 00:53:52,160 --> 00:53:55,600 Like, I don't think everybody has to be out there all the 1032 00:53:55,600 --> 00:53:58,200 time, but I think if you find your your tribe right and you 1033 00:53:58,200 --> 00:54:01,400 start to communicate with those folks and if you're a solo 1034 00:54:01,920 --> 00:54:04,440 person, that's great too, right? Think about what's going to help 1035 00:54:04,440 --> 00:54:08,120 you as well. But you know Jim, you said it 1036 00:54:08,120 --> 00:54:10,680 kind of up front. The industry is very welcoming. 1037 00:54:11,000 --> 00:54:13,240 Walk up to people, hey, I just want to walk over introduce 1038 00:54:13,240 --> 00:54:15,040 myself. I'm Jeff, you know, I follow you 1039 00:54:15,040 --> 00:54:17,120 here or hey, I really liked what you wrote about that thing. 1040 00:54:17,120 --> 00:54:19,320 Just want to let you know that's it doesn't have to be anything 1041 00:54:19,320 --> 00:54:21,200 fancy. You don't have to like, you 1042 00:54:21,200 --> 00:54:25,000 know, have some sort of secret handshake or curtsy or bow or 1043 00:54:25,280 --> 00:54:28,680 whatever it is, You know, most of the people that I've talked 1044 00:54:28,680 --> 00:54:30,000 to have been very welcoming around that. 1045 00:54:30,240 --> 00:54:33,360 All right. So Next up, Chris, again, 1046 00:54:33,360 --> 00:54:34,920 another good question. So we're going to keep it 1047 00:54:35,000 --> 00:54:36,920 rolling with him. Good morning, Jeff and Jim. 1048 00:54:37,200 --> 00:54:39,200 Chris Power from Indianapolis IN. 1049 00:54:39,400 --> 00:54:45,360 My question of the day is as more products become web-based, 1050 00:54:45,560 --> 00:54:49,960 more both identity and security related issues and then bundled 1051 00:54:50,360 --> 00:54:53,760 as a service from those particular vendors or partners, 1052 00:54:54,080 --> 00:54:58,680 how do we avoid issues where where it becomes a situation 1053 00:54:58,680 --> 00:55:02,320 where one problem that happens in one place happens to all of 1054 00:55:02,320 --> 00:55:05,960 us now because we all have, we're all running the same 1055 00:55:06,160 --> 00:55:08,520 policies and procedures and processes. 1056 00:55:08,840 --> 00:55:12,880 I see this as a situation where, from a security point of view, 1057 00:55:13,120 --> 00:55:17,680 we're now becoming more regimented but also more 1058 00:55:17,680 --> 00:55:22,880 predictable in the minds and the eyes of attackers and others 1059 00:55:22,880 --> 00:55:25,920 that are meant to do us harm. What questions or concerns could 1060 00:55:25,920 --> 00:55:30,760 you get out of that, as well as what answers do you have to make 1061 00:55:30,760 --> 00:55:32,960 myself feel better about this going forward? 1062 00:55:32,960 --> 00:55:35,480 So I kind of see this as a question of, hey, an attack 1063 00:55:35,480 --> 00:55:38,760 against a large service provider that a lot of people are using. 1064 00:55:38,800 --> 00:55:40,080 What the heck do you do about that? 1065 00:55:41,120 --> 00:55:44,800 Hopefully I kind of distilled it down, but what happens when 1066 00:55:44,800 --> 00:55:50,400 Microsoft or Okta or Google or Apple, you know, have some sort 1067 00:55:50,400 --> 00:55:52,840 of issue that affects the number of people? 1068 00:55:52,840 --> 00:55:56,440 What do you do about that, Jim? I think a lot of those services 1069 00:55:56,440 --> 00:55:58,920 are quote UN quote too big to fail. 1070 00:55:59,760 --> 00:56:07,360 I mean the the amount of impact is so broad reaching that it's 1071 00:56:07,600 --> 00:56:14,960 really hard to imagine Microsoft Azure going down for a week or 1072 00:56:15,320 --> 00:56:17,760 Amazon Web. Now the fortunate part is these 1073 00:56:17,760 --> 00:56:24,440 bigger services are spread out over a geographic landscape and 1074 00:56:24,600 --> 00:56:28,400 even smaller services generally leverages infrastructures and 1075 00:56:28,680 --> 00:56:31,560 managed in a globally load balanced kind of way. 1076 00:56:31,560 --> 00:56:35,920 So the likelihood of something like that happening from, you 1077 00:56:35,920 --> 00:56:39,120 know, a pure disaster perspective like an earthquake 1078 00:56:39,120 --> 00:56:43,600 or something like that, taking down the grid is is less likely. 1079 00:56:44,080 --> 00:56:47,280 But from a security attack perspective, I mean like we 1080 00:56:47,280 --> 00:56:50,840 don't know. I think the only thing we can do 1081 00:56:50,840 --> 00:56:54,760 is like plan for these things. Like what would happen, your 1082 00:56:54,760 --> 00:56:59,160 tabletop exercise planning what would happen if these things 1083 00:56:59,160 --> 00:57:03,280 were to take place, if our Okta system went down, if our 1084 00:57:03,520 --> 00:57:07,120 Microsoft system went down, what will we do and what if it came 1085 00:57:07,120 --> 00:57:10,160 back up in various states. And then I think the other thing 1086 00:57:10,160 --> 00:57:18,120 to think about and plan for is the the shared security model 1087 00:57:18,280 --> 00:57:22,520 because I've talked with clients in the past where it's like, oh, 1088 00:57:22,520 --> 00:57:25,160 that's outsourced, we don't have to worry about that, our vendors 1089 00:57:25,160 --> 00:57:28,720 responsible for it. Well, do you, Are you sure, Are 1090 00:57:28,720 --> 00:57:31,600 you sure you understand what your responsibility would be in 1091 00:57:31,600 --> 00:57:34,320 that scenario? Would you be expected to? 1092 00:57:35,000 --> 00:57:37,520 You know, what if? What if the problem was because 1093 00:57:37,520 --> 00:57:40,600 of something that you did? In other words, you had the 1094 00:57:40,600 --> 00:57:43,880 administrator account. Somehow the administrator 1095 00:57:43,880 --> 00:57:45,680 account ended up on the dark web. 1096 00:57:46,120 --> 00:57:48,360 They got in with the administrator account, wiped out 1097 00:57:48,360 --> 00:57:54,080 all the data or change the data in such a way that locked you 1098 00:57:54,080 --> 00:57:55,840 out. What's your recourse? 1099 00:57:55,840 --> 00:57:58,400 Well, maybe it is that they would restore and you'd be back 1100 00:57:58,720 --> 00:58:01,560 up and running. But again, planning around that 1101 00:58:01,560 --> 00:58:05,960 and understanding exactly how it would work and not just, you 1102 00:58:05,960 --> 00:58:07,800 know, saying we don't have to worry about that. 1103 00:58:07,880 --> 00:58:09,760 Yeah, I like the idea of tabletop exercises. 1104 00:58:09,800 --> 00:58:12,480 I think a lot of times people think about tabletop exercises 1105 00:58:12,480 --> 00:58:14,920 like a breach, right? Or something like that. 1106 00:58:15,560 --> 00:58:17,240 It can be anything you want. I mean, it can be done as a 1107 00:58:17,240 --> 00:58:21,760 dragon as far as I'm concerned. But walk through the process, 1108 00:58:21,760 --> 00:58:23,280 yeah. What happens if our IDP goes 1109 00:58:23,280 --> 00:58:24,520 down? What do we do? 1110 00:58:24,520 --> 00:58:26,720 How do we get people in? How are administrators going to 1111 00:58:26,720 --> 00:58:31,040 get in to assess and diagnose? How are those things you know 1112 00:58:31,040 --> 00:58:35,040 secured in case somebody does get access to I think having 1113 00:58:35,040 --> 00:58:39,560 layers and different you know parts of the the onion right as 1114 00:58:39,560 --> 00:58:41,720 we look at it from a security perspective is dispense in 1115 00:58:41,720 --> 00:58:44,160 depth. It shouldn't be down to just one 1116 00:58:44,160 --> 00:58:47,280 control one password and you know you're you're you're 1117 00:58:47,280 --> 00:58:50,000 breached or you're popped. What are your different 1118 00:58:50,000 --> 00:58:54,160 compensating or layered controls to make sure that if there is a 1119 00:58:54,160 --> 00:58:59,080 breakdown somewhere, you know the the the blast radius is is 1120 00:58:59,080 --> 00:59:02,320 limited or the impact of the breach or whatever it be. 1121 00:59:02,360 --> 00:59:05,640 If it's something where you know you're talking about internal 1122 00:59:05,640 --> 00:59:09,320 infrastructure or your Active Directory goes down, OK, great. 1123 00:59:09,320 --> 00:59:11,400 You know what is the plan? Do you have ADR plan? 1124 00:59:11,400 --> 00:59:14,400 Do you have a, you know business continuity approach to it? 1125 00:59:14,680 --> 00:59:16,640 Have you done tabletop things like that. 1126 00:59:17,160 --> 00:59:19,440 I think you have to kind of go into it with the mindset of what 1127 00:59:19,440 --> 00:59:24,720 if, what if this happened and sometimes there's an answer, 1128 00:59:24,840 --> 00:59:26,800 sometimes there's not. And I think you have to be kind 1129 00:59:26,800 --> 00:59:30,240 of OK with that and it's OK to go through the process and say 1130 00:59:30,360 --> 00:59:32,480 that you know This is why we're doing this exercises. 1131 00:59:32,720 --> 00:59:36,920 We don't know what we would do if there was a issue with X. 1132 00:59:37,440 --> 00:59:39,880 Let's talk about it. What can we do, you know get 1133 00:59:39,880 --> 00:59:41,440 people in the room and start talking about it. 1134 00:59:41,840 --> 00:59:43,680 And we had the architect question earlier, maybe that's a 1135 00:59:43,680 --> 00:59:46,040 great time to pull up. You know you're if you've got 1A 1136 00:59:46,040 --> 00:59:48,320 Chief Identity Architect to kind of come back and say hey you 1137 00:59:48,320 --> 00:59:51,560 know what are the dependencies that we need to consider here, 1138 00:59:51,560 --> 00:59:53,480 What needs to be up and running for identity work. 1139 00:59:54,120 --> 00:59:57,640 I think just being open to having the conversation and just 1140 00:59:57,640 --> 01:00:00,480 talking about it is probably the biggest thing that I would I 1141 01:00:00,480 --> 01:00:02,200 would recommend here is talk about it. 1142 01:00:02,920 --> 01:00:04,640 Work as a group and try to figure it out. 1143 01:00:05,120 --> 01:00:08,400 There are, there may be levels of survival that you're willing 1144 01:00:08,400 --> 01:00:11,440 to accept for a certain amount of time and that might be OK, 1145 01:00:11,520 --> 01:00:12,680 right. We have limited processing 1146 01:00:12,680 --> 01:00:16,120 capability or limited functionality, you know, things 1147 01:00:16,120 --> 01:00:17,760 like that. And that might be OK. 1148 01:00:17,840 --> 01:00:19,880 If it's a mass out, you know, outage. 1149 01:00:20,320 --> 01:00:21,960 You know Microsoft gets picked on a lot. 1150 01:00:21,960 --> 01:00:24,400 You know, teams goes down. You know half half the 1151 01:00:24,400 --> 01:00:26,880 organizations can't do anything, you know, from a meeting 1152 01:00:26,880 --> 01:00:28,880 standpoint. OK, well what do you do? 1153 01:00:28,880 --> 01:00:30,000 Do you just? All right. 1154 01:00:30,000 --> 01:00:31,800 Well, we'll just meet later. Yeah, maybe It's not business, 1155 01:00:31,800 --> 01:00:34,600 you know, mission critical. If it is mission critical, 1156 01:00:34,600 --> 01:00:36,760 what's your what's your plan to get up and running quicker? 1157 01:00:37,040 --> 01:00:38,720 Yeah. I think the other thing is like 1158 01:00:38,720 --> 01:00:43,240 sometimes the business goes out and procure services without 1159 01:00:43,240 --> 01:00:46,920 checking with identity or informational security first. 1160 01:00:46,920 --> 01:00:51,120 They just go out and get it and now you've got some, you know, 1161 01:00:51,120 --> 01:00:54,400 software as a service that you've never heard of and they 1162 01:00:54,400 --> 01:01:01,000 don't have like a complex disaster recovery strategy in 1163 01:01:01,000 --> 01:01:04,720 place, like a say a sales force or an Octa or something like 1164 01:01:04,720 --> 01:01:07,960 that. Dig in anyway, especially if 1165 01:01:07,960 --> 01:01:12,520 that is a mission critical, a mission critical system. 1166 01:01:12,640 --> 01:01:15,680 Yeah. So we're already up over an hour 1167 01:01:16,160 --> 01:01:18,680 and we probably want to get start to wrap things up. 1168 01:01:18,680 --> 01:01:22,240 But Jim, I know you reached out to Phil, we had sort of like 1169 01:01:22,240 --> 01:01:25,480 this famous question this has become of, you know, what's the 1170 01:01:25,480 --> 01:01:28,360 difference between digital identity and identity and access 1171 01:01:28,360 --> 01:01:30,120 management. So I'm going to play that here 1172 01:01:30,120 --> 01:01:31,600 and then we'll start to wrap things up. 1173 01:01:31,720 --> 01:01:36,720 Hey, Jim, Jeff, on the question of what's the difference between 1174 01:01:36,720 --> 01:01:41,320 Digital identity and identity and access Management or IAM, 1175 01:01:42,040 --> 01:01:46,440 I've usually thought of Digital identity as a broad overarching 1176 01:01:46,960 --> 01:01:50,920 topic, whereas Identity and Access Management is more 1177 01:01:50,920 --> 01:01:53,880 applied. You know, actually solving the 1178 01:01:53,880 --> 01:01:58,880 problems of a specific company's identity needs would be identity 1179 01:01:58,880 --> 01:02:02,080 and access management. Whereas you know conferences 1180 01:02:02,080 --> 01:02:04,080 tend to talk about lots of different things. 1181 01:02:04,080 --> 01:02:05,920 So maybe they're about digital identity. 1182 01:02:05,920 --> 01:02:10,800 An analogy might be the difference between biology and 1183 01:02:10,800 --> 01:02:13,920 gene splicing. Although that might be two, 1184 01:02:14,760 --> 01:02:19,840 those might be two different in terms of broad field versus a 1185 01:02:19,840 --> 01:02:25,360 specific application. Anyway, I I think of I am I if I 1186 01:02:25,360 --> 01:02:29,440 pick up a book on IAM, I'm expecting to see chapters that 1187 01:02:29,440 --> 01:02:33,240 are like how to, you know, solve your authentication problem for 1188 01:02:33,240 --> 01:02:37,120 your users or, you know, how does authorization help you with 1189 01:02:37,120 --> 01:02:38,760 your application, that kind of thing. 1190 01:02:39,160 --> 01:02:43,640 Whereas in a digital identity book, I'd expect to see, you 1191 01:02:43,640 --> 01:02:46,560 know, maybe a broader coverage of what are the problems of 1192 01:02:46,560 --> 01:02:49,440 digital identity, how do we solve them, you know, what are 1193 01:02:49,440 --> 01:02:53,240 the basic technologies that we have in our hand in order to do 1194 01:02:53,240 --> 01:02:55,040 this. So that's how I think about it. 1195 01:02:55,080 --> 01:02:57,960 So I think still kind of aligns with kind of what I've been 1196 01:02:57,960 --> 01:03:01,880 thinking is I see kind of like digital identity as the top as 1197 01:03:01,880 --> 01:03:05,720 sort of like the macro concept or discussion. 1198 01:03:06,120 --> 01:03:09,640 And then down from there are the different parts of that I AM, 1199 01:03:10,040 --> 01:03:12,440 CI, AM, yeah, etcetera, etcetera. 1200 01:03:13,000 --> 01:03:18,480 So I think again another slightly different answer. 1201 01:03:18,480 --> 01:03:20,400 I don't know if everybody's answered it quite the same way, 1202 01:03:20,400 --> 01:03:23,320 but still it's kind of like where I'm thinking is generally 1203 01:03:23,320 --> 01:03:27,400 speaking, what do you think? Yeah, no, I I this is the way I 1204 01:03:27,800 --> 01:03:32,920 organize digital identity and I am is like I am being a set of 1205 01:03:32,920 --> 01:03:35,440 functions within digital identity. 1206 01:03:36,640 --> 01:03:40,520 I but I still go back to that original episode that we did 1207 01:03:40,840 --> 01:03:44,600 where we had like 5 practitioners kind of come on 1208 01:03:44,600 --> 01:03:48,080 and answer this question. And one was Adam Michael from 1209 01:03:48,680 --> 01:03:53,000 Texas A&M University and he took the opposite approach, which was 1210 01:03:53,320 --> 01:03:57,160 IMS at the top. And your record, Jeff Stedman, 1211 01:03:57,480 --> 01:04:00,840 is your digital identity within my Identity and Access 1212 01:04:00,840 --> 01:04:04,120 Management ecosystem. And I thought that was really 1213 01:04:04,120 --> 01:04:05,240 interesting. And I'm not. 1214 01:04:05,280 --> 01:04:08,160 I'm not putting myself in a position to say that either one 1215 01:04:08,160 --> 01:04:12,120 is right or wrong, because I don't think that there's the set 1216 01:04:12,560 --> 01:04:14,200 answer that everybody agrees with you. 1217 01:04:14,400 --> 01:04:17,480 Yeah, context matters. I I absolutely get where he's 1218 01:04:17,480 --> 01:04:20,800 coming from and totally legit, totally valid. 1219 01:04:22,000 --> 01:04:23,840 I'm not going to, I'm not going to go either way with it. 1220 01:04:23,840 --> 01:04:28,040 I think context matters and I think based on your use cases, 1221 01:04:28,040 --> 01:04:30,160 you might have a different, you know, viewpoint of it and that's 1222 01:04:30,160 --> 01:04:31,200 great. I think that's a great part of 1223 01:04:31,680 --> 01:04:33,760 of the idea of spaces. And probably maybe a little bit 1224 01:04:33,760 --> 01:04:36,400 of the frustrating part is like we just, we're really good at, 1225 01:04:36,400 --> 01:04:40,160 like disagreeing and not coming together with like, yes, this is 1226 01:04:40,160 --> 01:04:42,160 what this means and we've settled on it. 1227 01:04:42,200 --> 01:04:44,400 And then that doesn't happen and it changes. 1228 01:04:45,320 --> 01:04:47,320 And then I'm like, OK, well, what do you mean by identity? 1229 01:04:47,320 --> 01:04:49,560 Are you talking about physical identity, digital identity, 1230 01:04:49,920 --> 01:04:54,000 your, you know, your persona online or in your wallet or 1231 01:04:54,000 --> 01:04:58,480 whatever that look like so makes it for an interesting industry 1232 01:04:58,480 --> 01:05:00,520 to be in. All right, let's go ahead and 1233 01:05:00,520 --> 01:05:03,600 wrap up on a lighter note and in keeping with the trend since 1234 01:05:03,880 --> 01:05:08,600 Chris sent so many, we're going to play his lighter note and he 1235 01:05:08,600 --> 01:05:09,480 actually called her a lighter note. 1236 01:05:09,480 --> 01:05:10,920 So I feel like we're OK with that. 1237 01:05:12,000 --> 01:05:13,800 Let him ask the question and then it'll answer. 1238 01:05:13,880 --> 01:05:15,760 Hi, Jeff and Jim. This is Chris Power from 1239 01:05:15,760 --> 01:05:18,800 Indianapolis, IN. Really enjoy the podcast. 1240 01:05:19,080 --> 01:05:23,880 For a lighter question, I'm going to ask what is your 1241 01:05:23,880 --> 01:05:28,480 favorite IAM analogy? Recently I heard Identity is 1242 01:05:28,480 --> 01:05:32,680 like gravity, which is really resonated with me as well as 1243 01:05:32,720 --> 01:05:35,600 Identity is the Nexus between security and IT. 1244 01:05:36,040 --> 01:05:40,560 What other ones have you heard that really seem to sink in? 1245 01:05:41,000 --> 01:05:42,320 Look forward to hearing the. Discussion. 1246 01:05:42,440 --> 01:05:43,680 All right. So Jim, you said you had 1247 01:05:43,680 --> 01:05:46,000 something for this one, so. I have something for this one, 1248 01:05:46,000 --> 01:05:51,080 so it's you're only one I am misconfiguration away from a 1249 01:05:51,080 --> 01:05:53,920 breach. That sounds like a maxim, like 1250 01:05:54,560 --> 01:05:56,360 this is like a truth. It's like in a book. 1251 01:05:57,000 --> 01:05:59,320 I think you can probably convert that into like a haiku or 1252 01:05:59,320 --> 01:06:02,400 something like that. Oh yeah, that's a great idea. 1253 01:06:02,640 --> 01:06:05,360 But I yeah, I know it's not really, it's not really an 1254 01:06:05,360 --> 01:06:08,360 analogy. But I heard it on another 1255 01:06:08,360 --> 01:06:13,400 podcast and I was like, I've been saving it up to use it on 1256 01:06:13,400 --> 01:06:18,480 our podcast and you may hear me say it again puts a lot of 1257 01:06:18,480 --> 01:06:22,520 weight on the I am practitioner like, oh man, 1 1258 01:06:22,520 --> 01:06:25,240 Misconfiguration. How many configurations do I 1259 01:06:25,240 --> 01:06:27,160 have in my environment? Millions. 1260 01:06:28,840 --> 01:06:31,920 So I don't know that it's a truth. 1261 01:06:32,160 --> 01:06:36,840 It's kind of a truth, but it also puts a lot of pressure if 1262 01:06:36,840 --> 01:06:40,000 it is the truth, and it puts a lot of pressure on the I am 1263 01:06:40,000 --> 01:06:41,960 practitioner. What was that other podcast? 1264 01:06:41,960 --> 01:06:45,360 Let's give him some. Credit that was the Google 1265 01:06:45,360 --> 01:06:49,840 Security podcast with Anton and I can't remember his last name, 1266 01:06:49,840 --> 01:06:54,080 but really good podcast, especially if you're in the if 1267 01:06:54,080 --> 01:06:56,400 you're doing things in Google right? 1268 01:06:56,440 --> 01:07:01,440 I mean because they do talk about Google Cloud and Google 1269 01:07:01,440 --> 01:07:06,480 out Google Suite, G Suite. Yeah, G Suite or Workspace, I 1270 01:07:06,480 --> 01:07:10,080 think had a few different names, but I get where you're going 1271 01:07:10,080 --> 01:07:11,280 with it. Yeah. 1272 01:07:12,400 --> 01:07:14,760 Yeah, I I I like to tell stories. 1273 01:07:14,760 --> 01:07:17,480 I like to try to distill things that'll help people understand 1274 01:07:17,480 --> 01:07:19,560 it. And I think the analogy or the 1275 01:07:19,560 --> 01:07:22,080 example that I'll tend to use is there's a couple. 1276 01:07:22,200 --> 01:07:26,240 There is the story of how we get into an airport. 1277 01:07:26,600 --> 01:07:29,560 So if I'm trying to say look at Denny's like this, right, you're 1278 01:07:29,560 --> 01:07:32,200 trying to do this thing, it's look, if you're you're going to 1279 01:07:32,200 --> 01:07:35,160 go on a flight, you have to show ID. 1280 01:07:35,760 --> 01:07:38,760 You have a credential, you have a boarding pass that gives you 1281 01:07:38,760 --> 01:07:42,600 authorization to go to get on to a certain plane, a certain gate, 1282 01:07:42,600 --> 01:07:43,600 right. And there's a bunch of different 1283 01:07:43,600 --> 01:07:45,680 steps to go through there. And I think, you know, the 1284 01:07:45,680 --> 01:07:47,960 analogy for me is like this is this is what identity is. 1285 01:07:47,960 --> 01:07:51,000 It's a set of, you know, rules and structure that get you to 1286 01:07:51,000 --> 01:07:53,080 where you need to go in a safe and secure manner. 1287 01:07:54,400 --> 01:07:57,040 Another one that I'll use is sort of a story of around like 1288 01:07:57,680 --> 01:07:59,760 a, a sports arena. Same idea, right? 1289 01:07:59,760 --> 01:08:03,280 You've got tickets to get in. You've got seat numbers with 1290 01:08:03,760 --> 01:08:06,680 where you're authorized to sit, certain areas that you really 1291 01:08:06,680 --> 01:08:08,320 can't go. You shouldn't be on the field, 1292 01:08:08,400 --> 01:08:09,440 right? That's privilege access. 1293 01:08:09,440 --> 01:08:13,040 That's only for for the players or coaches or you know, other 1294 01:08:13,040 --> 01:08:15,280 designated admins, right, so to speak. 1295 01:08:16,040 --> 01:08:19,399 You've got cameras maybe in a corner that are counting where 1296 01:08:19,399 --> 01:08:21,640 people are going or tracking things, right? 1297 01:08:21,640 --> 01:08:24,760 Maybe that's behavior analyst, maybe it's ITDR, right? 1298 01:08:24,760 --> 01:08:29,479 Maybe it's flow that you're saying hey what's a lot of 1299 01:08:29,479 --> 01:08:31,560 people are going to the hot dog stands and not as many people 1300 01:08:31,560 --> 01:08:34,279 are going to the sushi stand. Let's try to shift balance right 1301 01:08:34,279 --> 01:08:35,640 things around that and using kind of metrics. 1302 01:08:35,640 --> 01:08:38,120 So I think there's there's a few different analogies, but I like 1303 01:08:38,120 --> 01:08:42,520 to base it on real life things that I think people easily 1304 01:08:42,520 --> 01:08:44,760 understand. I think probably the most common 1305 01:08:44,760 --> 01:08:46,640 one is like the house, right. You've got a key to get on the 1306 01:08:46,640 --> 01:08:48,399 front door and then which rooms can you go into? 1307 01:08:49,080 --> 01:08:51,800 I think you whatever it is I think you've got to be able to 1308 01:08:52,279 --> 01:08:54,600 make it something that's relatable to your audience. 1309 01:08:55,000 --> 01:08:56,960 So I like to use a few different examples like that. 1310 01:08:56,960 --> 01:09:00,680 I I like I I'm trying to figure out the identity is like gravity 1311 01:09:00,680 --> 01:09:02,600 one. I'm not sure what that means. 1312 01:09:03,120 --> 01:09:04,600 I'll have to look at that Chris, next time. 1313 01:09:04,600 --> 01:09:07,040 Next time we chat, maybe an Identiverse. 1314 01:09:07,040 --> 01:09:08,800 You can walk me through that one. 1315 01:09:09,200 --> 01:09:12,200 I like I I it sounds cool. I want to understand it before I 1316 01:09:12,200 --> 01:09:15,720 start using it. So I just thought of an analogy. 1317 01:09:15,720 --> 01:09:18,760 I'm going to throw it out there. So the Winchester Mystery House 1318 01:09:18,760 --> 01:09:24,720 in San Jose, CA. And if you ever go to it, all 1319 01:09:24,720 --> 01:09:27,840 the rooms are decorated in a different style, painted 1320 01:09:27,840 --> 01:09:32,160 different colors and a lot of like trapdoors and things like 1321 01:09:32,160 --> 01:09:35,520 that. And so I think the so I think 1322 01:09:35,520 --> 01:09:41,160 the back story is Winchester like the gun brand, the the 1323 01:09:41,160 --> 01:09:46,439 person who began that his widow became paranoid that people were 1324 01:09:46,439 --> 01:09:50,359 going to kill her because her family was responsible for 1325 01:09:50,359 --> 01:09:52,880 creating these guns that kill all these people and that 1326 01:09:53,080 --> 01:09:54,840 somebody would be mad and want to kill her. 1327 01:09:55,000 --> 01:09:58,360 So she designed the house so that if they came into the house 1328 01:09:58,360 --> 01:09:59,960 they would never be able to find her. 1329 01:10:00,400 --> 01:10:03,880 And so where I've used that analogy from an IM perspective 1330 01:10:03,880 --> 01:10:07,280 is when you kind of come in and come, he's got all these 1331 01:10:07,280 --> 01:10:10,600 different portals like think from a customer perspective, all 1332 01:10:10,600 --> 01:10:13,280 these different portals and you never know if you're in the 1333 01:10:13,280 --> 01:10:15,280 right one. And they all look a little bit 1334 01:10:15,280 --> 01:10:21,920 different and trying to get down to a more common layout, you 1335 01:10:21,920 --> 01:10:25,520 know the rooms feel the same, you have one key to the front 1336 01:10:25,520 --> 01:10:30,960 door etcetera etcetera so. I like that one because it it's 1337 01:10:31,080 --> 01:10:33,600 it's an interesting story. I can kind of start with that 1338 01:10:33,720 --> 01:10:36,440 and it's entertaining, right? You're not going to lose. 1339 01:10:36,440 --> 01:10:37,640 Hopefully you don't lose people right away. 1340 01:10:37,640 --> 01:10:39,520 I think that's the the one thing is you want to keep people's 1341 01:10:39,520 --> 01:10:40,520 attention. So I like that one. 1342 01:10:40,520 --> 01:10:42,320 That's a good one. Yeah, you have to make it 1343 01:10:42,320 --> 01:10:44,920 relatable, especially when you're presenting about I am to 1344 01:10:44,920 --> 01:10:47,600 people who don't know I am at all. 1345 01:10:48,360 --> 01:10:53,080 Yeah, like us, we're dummies. Let's wrap it up. 1346 01:10:55,720 --> 01:10:57,640 I, I really appreciate everyone who sent stuff in. 1347 01:10:57,640 --> 01:11:00,480 Again, it was there was lots that came in and you know Jim 1348 01:11:00,480 --> 01:11:02,080 and I had some difficult decisions to make. 1349 01:11:02,840 --> 01:11:05,520 Jim, you're in charge of reaching out to you know our 1350 01:11:05,520 --> 01:11:08,640 winners. So Andrew, Alex, Tim, Pedro and 1351 01:11:08,640 --> 01:11:12,080 Chris be on the lookout for messaging from Jim. 1352 01:11:12,080 --> 01:11:16,800 Zio How you can get a copy of the of the book from Phil and 1353 01:11:17,280 --> 01:11:20,600 let's see we're on the web idacpodcast.com we're on 1354 01:11:20,600 --> 01:11:22,280 Twitter. X, whatever it's called. 1355 01:11:22,280 --> 01:11:28,440 IDAC Podcast Mastodon at IDAC podcast at infosec dot exchange. 1356 01:11:28,440 --> 01:11:30,840 We're on LinkedIn. Keep sending those messages in. 1357 01:11:31,240 --> 01:11:35,520 Hit that like and subscribe button and follow us on YouTube. 1358 01:11:35,680 --> 01:11:38,360 What other YouTube or whatever self promotion can we do. 1359 01:11:38,360 --> 01:11:40,400 Oh, don't forget about Identity Week America. 1360 01:11:40,440 --> 01:11:45,360 Our discount code IDAC 30. So if you're going to any of the 1361 01:11:45,360 --> 01:11:48,200 conferences, Europe, America or Asia, Friday, any week, you can 1362 01:11:48,200 --> 01:11:50,920 use that code and get 30% off. So we'll have link in our show 1363 01:11:50,920 --> 01:11:53,320 notes as well for to make it easy for people to find. 1364 01:11:53,960 --> 01:11:56,200 So with that, we'll go ahead and leave it for this week. 1365 01:11:56,840 --> 01:11:58,880 Thanks everyone for listening and we'll talk with you all in 1366 01:11:58,880 --> 01:12:01,400 the next one. You've been listening to 1367 01:12:01,400 --> 01:12:05,320 Identity at the Center. We hope you've enjoyed the show. 1368 01:12:05,480 --> 01:12:09,680 Make sure to like, rate and review and we'll be back soon. 1369 01:12:09,840 --> 01:12:12,160 But in the meantime, hit the website at 1370 01:12:12,160 --> 01:12:19,240 identity@thecenter.com and find us on Twitter at IDAC Podcast. 1371 01:12:19,680 --> 01:12:23,800 See you next time on Identity at the Center.