1 00:00:05,280 --> 00:00:10,440 This is identity at the center. If it has anything to do with 2 00:00:10,560 --> 00:00:17,960 IAM, this is the go to podcast now your hosts Jim McDonald and 3 00:00:17,960 --> 00:00:23,640 Jeff Stedman. Welcome to the Identity at the 4 00:00:23,640 --> 00:00:25,480 Center podcast. I'm Jeff and that's Jim. 5 00:00:25,480 --> 00:00:27,040 Hey, Jim. Hey, Jeff, How's it going? 6 00:00:27,040 --> 00:00:29,230 Not so bad yourself. It's going great. 7 00:00:29,270 --> 00:00:32,670 Did you know that I was on stage for the keynote here at 8 00:00:32,670 --> 00:00:35,270 Authenticate today? I did 'cause you were sitting 9 00:00:35,270 --> 00:00:37,750 right next to me. Pretty fantastic, huh? 10 00:00:38,270 --> 00:00:40,670 Yeah, it was cool. Yeah, good time. 11 00:00:40,670 --> 00:00:43,670 First time having done that. A little bit rushed, but I think 12 00:00:43,670 --> 00:00:45,630 that's just the nature of going last in a long sequence of 13 00:00:45,630 --> 00:00:48,590 activities. But yeah, pleased with the way 14 00:00:48,590 --> 00:00:50,750 it turned out about yourself. Yeah, it was fantastic. 15 00:00:50,750 --> 00:00:55,390 It was a lot of fun. I think that we're going to save 16 00:00:55,390 --> 00:00:56,790 that. We're going to get the recording 17 00:00:56,790 --> 00:00:59,420 of that. And then drop that as the last 18 00:00:59,420 --> 00:01:02,300 episode from Authenticate. We'll do that at the end of next 19 00:01:02,300 --> 00:01:05,060 week. So anybody who's interested in 20 00:01:05,060 --> 00:01:08,460 listening to that, we had a, you know, it's a pretty short, power 21 00:01:08,460 --> 00:01:11,460 packed episode, really focused on past key deployment. 22 00:01:11,860 --> 00:01:14,740 Yeah, it was like the Cliffs Notes version of an Identity at 23 00:01:14,740 --> 00:01:17,220 the Center podcast. Yeah, very much so. 24 00:01:17,300 --> 00:01:18,540 But it was fun. It was like. 25 00:01:19,180 --> 00:01:21,420 Big crowd. I think it was the we set the 26 00:01:21,420 --> 00:01:25,220 record for the most people listening to our podcast at one 27 00:01:25,220 --> 00:01:26,940 time. Yeah, which wasn't probably too 28 00:01:26,940 --> 00:01:28,660 hard, I don't think. But no, probably not. 29 00:01:28,660 --> 00:01:30,540 Hey, we got to start somewhere. I at least I'm, I'm happy 30 00:01:30,540 --> 00:01:33,660 because I got my shout out to Nick, the Segway camera guy who 31 00:01:33,660 --> 00:01:36,980 is, I'm sorry, Andrew and Megan and Adrian others, but he's the 32 00:01:36,980 --> 00:01:38,460 reason I really came to authenticate. 33 00:01:38,980 --> 00:01:40,660 The guy's a star. I mean, he's on a Segway. 34 00:01:40,660 --> 00:01:43,820 He's got like this gimbal with like cameras and stuff like 35 00:01:43,820 --> 00:01:45,020 that. He's zooming all around the 36 00:01:45,020 --> 00:01:47,450 room, back and forth. I mean, that's that guy's a 37 00:01:47,450 --> 00:01:49,650 superhero right there. But it's not even like it's not 38 00:01:49,650 --> 00:01:53,090 even like a Segway like you see in San Francisco with handles. 39 00:01:53,330 --> 00:01:58,010 It's more like one of those things that preteens stand on 40 00:01:58,010 --> 00:02:00,930 and zoom all over your house in. What does this ball and hit 41 00:02:00,930 --> 00:02:02,570 their face on hoverboard? I mean, I don't think they call 42 00:02:02,570 --> 00:02:04,650 them hoverboards, but it's not, it's not a hoverboard. 43 00:02:04,890 --> 00:02:06,850 I saw Back to the Future. That's not a hoverboard. 44 00:02:08,090 --> 00:02:11,730 So what are you thinking about the conference overall? 45 00:02:12,050 --> 00:02:14,900 That's good. I'm glad to have gotten through 46 00:02:14,900 --> 00:02:18,460 our thing, and now I can feel like I can enjoy the conference. 47 00:02:18,580 --> 00:02:23,420 Yeah, it feels like I, I say probably true for anybody. 48 00:02:23,420 --> 00:02:25,980 When you're getting on the keynote stage is a little nerve 49 00:02:25,980 --> 00:02:29,300 wracking, so. Yes. 50 00:02:29,820 --> 00:02:32,940 So we've got also a guest here sitting with us in this room, 51 00:02:33,140 --> 00:02:35,500 couple of fine folks also watching us, staring in 52 00:02:35,500 --> 00:02:37,620 intently. We got David Mottie, He's the 53 00:02:37,620 --> 00:02:39,540 CIO for Transmit Security. He's been on a show with us 54 00:02:39,540 --> 00:02:40,340 before. Hey, David. 55 00:02:40,540 --> 00:02:42,450 Hello. How's it going? 56 00:02:42,810 --> 00:02:46,330 It's going and and I just wanted to make a comment about the 57 00:02:46,330 --> 00:02:49,690 gentleman that's on the the Segway, Nick. 58 00:02:49,730 --> 00:02:52,690 Yeah, respect his name. Nick, I'm going to go well, I 59 00:02:52,690 --> 00:02:55,530 haven't met him personally, so so I so I appreciate that. 60 00:02:55,530 --> 00:02:58,770 But I'd say maybe it was almost like the thing in Aliens, but 61 00:02:58,770 --> 00:03:01,770 not. Yeah, like the exoskeleton it 62 00:03:01,930 --> 00:03:04,290 seems. Like an exoskeleton to me, and 63 00:03:04,290 --> 00:03:06,490 I'm just waiting for him to press the button and to turn 64 00:03:06,490 --> 00:03:08,310 into something. Much more. 65 00:03:08,310 --> 00:03:11,630 You guys are so sci-fi I. Don't know what you're talking 66 00:03:12,990 --> 00:03:13,710 about. Yeah, that's. 67 00:03:14,550 --> 00:03:16,310 What they meant. Well, maybe that's why I got in 68 00:03:16,310 --> 00:03:18,670 the identity space because I thought, you know all the 69 00:03:18,670 --> 00:03:21,190 biometric scanners and everything they had in in all 70 00:03:21,190 --> 00:03:24,590 the sci-fi movies in the 60s and the 70s, you know, we would get 71 00:03:24,590 --> 00:03:26,470 that eventually. Yeah, you can make it real. 72 00:03:26,870 --> 00:03:29,710 We're actually here now, we're actually here with biometric 73 00:03:29,710 --> 00:03:32,470 scanners and passkeys and all these types of things, so. 74 00:03:32,910 --> 00:03:35,110 Yeah. I spent an awful lot of time at 75 00:03:35,110 --> 00:03:36,990 a conference last week. At any week that was. 76 00:03:37,610 --> 00:03:40,250 Almost 100% like retina scan. Oh, really? 77 00:03:40,250 --> 00:03:41,890 That was like that. I mean, it's a big kind of used 78 00:03:41,890 --> 00:03:43,650 to be government conference. I think they're trying to branch 79 00:03:43,650 --> 00:03:46,490 out more. But yeah, lots of retina scan 80 00:03:46,610 --> 00:03:52,570 products on offer for whatever authentication needs you need. 81 00:03:52,770 --> 00:03:56,890 I mean that's we've come a long way in a short period of time 82 00:03:57,010 --> 00:04:00,610 and just how all the stuff is in like these consumer devices when 83 00:04:00,690 --> 00:04:03,490 not long ago you'd see them in movies and go, Oh my gosh, 84 00:04:03,490 --> 00:04:05,610 there's Tom Cruise and Mission Impossible One. 85 00:04:06,240 --> 00:04:08,200 And he can't set off the biometric scanner or else the 86 00:04:08,200 --> 00:04:11,600 room is going to explode, right? And now you can just go and buy 87 00:04:11,600 --> 00:04:13,360 a phone that has that in there, so. 88 00:04:13,600 --> 00:04:15,880 Yeah, Can you imagine how ridiculous of a hack that would 89 00:04:15,880 --> 00:04:18,240 be? And, like in the real world, Tom 90 00:04:18,240 --> 00:04:20,279 Cruise coming down through a vent, right? 91 00:04:20,279 --> 00:04:23,160 Dodging the fans and then can't hit the laser floor? 92 00:04:23,160 --> 00:04:25,160 Like, no, today it's just someone stole your password 93 00:04:25,160 --> 00:04:26,840 because you used it at Instacart. 94 00:04:26,840 --> 00:04:30,160 Yeah, exactly, exactly, exactly. It doesn't need to be that 95 00:04:30,160 --> 00:04:31,040 elegant. It never is. 96 00:04:31,040 --> 00:04:33,920 The movies always do that and someone calls the help desk. 97 00:04:34,360 --> 00:04:37,880 Initiates a reset and bang, you're done so. 98 00:04:38,040 --> 00:04:40,240 Or your slot machine's not working anyway. 99 00:04:41,520 --> 00:04:43,400 So tell us about your role as a CIO. 100 00:04:43,400 --> 00:04:44,920 You've been on the show before. It's not going to have you 101 00:04:44,920 --> 00:04:48,000 rehash sort of like your entire identity origin story. 102 00:04:48,000 --> 00:04:51,000 But one of things that we have started getting to more is about 103 00:04:51,000 --> 00:04:54,560 roles within identity organizations, York or transmit 104 00:04:54,560 --> 00:04:58,040 security and you're the CIO. We also were kind of jokingly 105 00:04:58,240 --> 00:05:00,040 talking about the Chief Identity Officer. 106 00:05:00,200 --> 00:05:03,040 Cheeto is, we're starting to call it, at least I am anyway. 107 00:05:03,040 --> 00:05:05,220 And so is Jim. Tell us a bit about your 108 00:05:05,220 --> 00:05:08,780 day-to-day as a CIO of a security company like Transmit. 109 00:05:09,300 --> 00:05:13,740 Yeah, so. So the CIO of security company, 110 00:05:13,740 --> 00:05:16,700 I mean obviously the dynamics are a little bit different. 111 00:05:17,220 --> 00:05:20,860 I know things like machine identity are really important to 112 00:05:20,860 --> 00:05:23,460 us because we see that as protecting the identity 113 00:05:23,460 --> 00:05:27,380 infrastructure. That we host for clients and 114 00:05:27,380 --> 00:05:30,500 especially building identity security solutions. 115 00:05:30,500 --> 00:05:33,460 Attackers are looking at all this stuff more and more and 116 00:05:33,460 --> 00:05:34,860 more. We see that with Okta, 117 00:05:34,860 --> 00:05:37,980 unfortunately and others and Pam Dingell from Microsoft. 118 00:05:37,980 --> 00:05:40,140 Today at Authenticate, she talked about that. 119 00:05:40,140 --> 00:05:44,100 She talked about how identity infrastructure itself is being 120 00:05:44,100 --> 00:05:47,020 weaponized against us. So as the CIO of a security 121 00:05:47,020 --> 00:05:51,020 company, you know myself and the team, we take it seriously, 122 00:05:51,020 --> 00:05:53,300 right? So just practicing everything 123 00:05:53,300 --> 00:05:54,900 that we're preaching with customers. 124 00:05:55,420 --> 00:05:59,620 But it goes beyond you know technology it it goes along with 125 00:05:59,620 --> 00:06:02,340 your people and your process and and how you drive all those. 126 00:06:02,340 --> 00:06:05,380 So, so kind of being in that type of role, I look at kind of 127 00:06:05,380 --> 00:06:08,820 all three of those areas and you know, I don't always look for a 128 00:06:09,460 --> 00:06:11,660 technology to solve the problem, right? 129 00:06:12,250 --> 00:06:16,450 Sometimes it's just changing a process or improving a process 130 00:06:16,450 --> 00:06:19,730 or having someone do another review making sure it goes 131 00:06:19,730 --> 00:06:23,250 through certain gates right and there's a consistent workflow 132 00:06:23,530 --> 00:06:25,490 all the way through. Again, almost like the Tom 133 00:06:25,490 --> 00:06:28,410 Cruise thing, it's not always the elegant things that you 134 00:06:28,410 --> 00:06:31,130 think are going to save the day. It's sometimes just actually 135 00:06:31,370 --> 00:06:34,450 taking a look at a a workflow and improving it and kind of 136 00:06:34,450 --> 00:06:36,770 going from there. So, so in in this kind of role 137 00:06:36,770 --> 00:06:39,450 it's it's kind of neat because I get to have this internal focus, 138 00:06:39,490 --> 00:06:41,730 but I think where I have a lot of fun also is. 139 00:06:42,100 --> 00:06:45,020 The external part of my role kind of doing activities like 140 00:06:45,020 --> 00:06:48,900 this with with you guys and and evangelizing all of these things 141 00:06:48,900 --> 00:06:51,580 as well, 'cause I don't think Transmit would be able to keep 142 00:06:51,580 --> 00:06:54,300 my mouth shut, 'cause I'm the kind of person that I'm like, 143 00:06:54,300 --> 00:06:58,740 hey, I discovered these really cool ways of of of dealing with 144 00:06:58,740 --> 00:07:02,900 problems or you know, our threat research lab is seeing evidence 145 00:07:02,900 --> 00:07:07,260 of some more AI fuelled fraud. I feel like I I should go and 146 00:07:07,260 --> 00:07:10,500 talk to the market about that, especially when. 147 00:07:11,190 --> 00:07:13,390 You know, I talk about things like authorized push payment 148 00:07:13,390 --> 00:07:16,390 fraud, which, you know, I talked to someone about that. 149 00:07:16,390 --> 00:07:17,750 I don't know if you know anything about it, but it's 150 00:07:17,750 --> 00:07:21,830 interesting it's being able to attack you without doing an 151 00:07:21,950 --> 00:07:24,790 account takeover. So anyway. 152 00:07:26,790 --> 00:07:29,750 I thought about Pam's presentation today was she was 153 00:07:29,750 --> 00:07:34,070 talking about the evolution of the Microsoft Authenticator and 154 00:07:34,430 --> 00:07:37,380 I thought. That's exactly what technology 155 00:07:37,540 --> 00:07:38,980 companies need to be doing, right? 156 00:07:38,980 --> 00:07:42,460 They need to see put something out there and see what the 157 00:07:42,460 --> 00:07:45,660 challenges are and they need to just keep improving, keep 158 00:07:45,660 --> 00:07:47,900 improving. Is that something you're finding 159 00:07:47,900 --> 00:07:51,460 as well? Yeah, so, so I, I also take it 160 00:07:51,460 --> 00:07:53,820 upon myself and my role as well to see that. 161 00:07:53,820 --> 00:07:56,300 So it's not just, you know, going out and evangelizing and 162 00:07:56,300 --> 00:07:58,060 pushing. It's also pulling and. 163 00:07:58,460 --> 00:08:00,980 And working with a lot of identity practitioners, 164 00:08:00,980 --> 00:08:04,140 cybersecurity leaders as well, because cybersecurity pros and 165 00:08:04,140 --> 00:08:07,340 identity pros, we need to come together because attackers 166 00:08:07,340 --> 00:08:08,940 don't. They don't care if you're an 167 00:08:08,940 --> 00:08:11,020 identity person or a cybersecurity person or a 168 00:08:11,020 --> 00:08:13,540 network infrastructure person. They'll get it in however way 169 00:08:13,540 --> 00:08:17,740 they they can. So I think as as in terms of, 170 00:08:18,900 --> 00:08:22,180 you know, thinking about what the problems and the outcomes 171 00:08:22,260 --> 00:08:25,540 that customers need, right, don't just go and say here's an 172 00:08:25,540 --> 00:08:28,510 identity verification solution. It's like, well, why does the 173 00:08:28,510 --> 00:08:31,070 customer need that? Oh, because they're trying to 174 00:08:31,070 --> 00:08:34,950 securely on board their, their clients and they want to reduce 175 00:08:34,950 --> 00:08:37,909 fraud and they want to also make it easy for their clients to 176 00:08:37,909 --> 00:08:41,270 securely create accounts, right. So, OK, well, maybe we come up 177 00:08:41,270 --> 00:08:44,430 with a product to solve part of that because that's all we can 178 00:08:44,430 --> 00:08:47,230 do today and maybe that's all the market will bear. 179 00:08:47,510 --> 00:08:50,790 But over time, talk to these customers, see what the market's 180 00:08:50,790 --> 00:08:53,950 doing, but then also going back to like APP fraud and all this 181 00:08:53,950 --> 00:08:56,110 looking at what the fraudsters are doing. 182 00:08:56,750 --> 00:08:59,630 And also trying to incorporate that stuff in your product as 183 00:08:59,630 --> 00:09:01,110 well. So it's not just the customer 184 00:09:01,110 --> 00:09:04,110 saying, oh, we see this. We also have to take it upon 185 00:09:04,110 --> 00:09:08,150 ourselves to say what types of threats are out there and how 186 00:09:08,150 --> 00:09:12,070 can we, how can we mitigate and and productize that to help 187 00:09:12,070 --> 00:09:16,390 protect the market. So you do a podcast also, right? 188 00:09:16,430 --> 00:09:17,470 Yes. Yes. 189 00:09:17,510 --> 00:09:21,110 This Week in Identity, Yes, with Simon Moffett from Cyber Hut. 190 00:09:21,110 --> 00:09:22,830 Tell us a little bit about that podcast. 191 00:09:22,990 --> 00:09:26,110 Yeah, that's awesome. So Simon, we, you know we're, 192 00:09:26,110 --> 00:09:27,670 we're, we're fans of you guys too. 193 00:09:27,790 --> 00:09:32,390 And you know for us, I think Simon is an analyst, I'm a 194 00:09:32,390 --> 00:09:35,230 former analyst. So I think when I left Gartner 195 00:09:35,230 --> 00:09:39,670 and and Simon kind of left the vendor space and he got into the 196 00:09:39,670 --> 00:09:41,990 analyst space, you know, we kind of got together. 197 00:09:43,710 --> 00:09:45,470 He was at Ford Rock. Yeah, yeah. 198 00:09:45,590 --> 00:09:49,910 And so it's kind of interesting because as I was leaving the 199 00:09:49,910 --> 00:09:53,170 analyst life behind me. And he was picking that up. 200 00:09:53,210 --> 00:09:56,410 We had a, we had a a talk. I gave him some pointers on, you 201 00:09:56,450 --> 00:10:00,770 know, good things and bad things about being an analyst, just 202 00:10:00,770 --> 00:10:03,930 pointers, things I've learned over the years as in terms of 203 00:10:03,930 --> 00:10:06,410 what what works. And and we just said, hey, you 204 00:10:06,410 --> 00:10:08,810 know what, Let's just. Why don't we just record this 205 00:10:09,330 --> 00:10:11,290 right? I I think it's not on like both 206 00:10:11,290 --> 00:10:12,290 of you. Right. 207 00:10:13,010 --> 00:10:18,090 And then we just decided to record it and I I honestly just 208 00:10:18,090 --> 00:10:21,330 see it as a way of us just catching up every, every week 209 00:10:21,330 --> 00:10:24,850 and hey what happened in, in the industry you know typically 210 00:10:24,850 --> 00:10:30,570 focused on news, you know acquisitions or you know new 211 00:10:30,570 --> 00:10:34,240 protocols or specs or? Last week, we talked about NSA 212 00:10:34,240 --> 00:10:37,920 and Cisa's top 10 misconfigurations. 213 00:10:38,240 --> 00:10:40,720 I listened to part of that and then I was listening in my 214 00:10:40,760 --> 00:10:42,600 browser and somehow lost the page. 215 00:10:43,000 --> 00:10:44,960 But I'll get back to it. Don't worry, it was a good one. 216 00:10:45,200 --> 00:10:47,720 Yeah, right. So it's just stuff like that and 217 00:10:47,720 --> 00:10:49,640 and I think it's we try to keep them short. 218 00:10:50,080 --> 00:10:53,760 So you could just, yeah, listen, listen on a quick walk or or 219 00:10:53,760 --> 00:10:55,440 something like that. So yeah. 220 00:10:55,560 --> 00:10:57,880 Yeah, I have a question for you. So we've been podcasting. 221 00:10:57,880 --> 00:11:01,970 We're up to. Episode 230 XI Think it's. 238 222 00:11:01,970 --> 00:11:03,210 went out this morning. OK. 223 00:11:03,210 --> 00:11:07,610 So this will be 239. It's a lot harder than you 224 00:11:07,610 --> 00:11:11,840 thought it was going to be. That's a good question. 225 00:11:12,440 --> 00:11:16,800 Now I should say Simon, Simon does some of the heavy lifting 226 00:11:16,800 --> 00:11:18,560 as in terms of recording and everything else. 227 00:11:18,560 --> 00:11:20,960 So I'm just a pretty voice that shows up so. 228 00:11:22,240 --> 00:11:23,520 You're the easy. Part Why? 229 00:11:24,800 --> 00:11:26,240 Yeah, that should be a question I'm asking. 230 00:11:26,800 --> 00:11:29,440 Simon actually had this. I do all the scheduling. 231 00:11:29,840 --> 00:11:31,040 Scheduling is a lot of work, that is. 232 00:11:31,280 --> 00:11:34,080 A lot of work, especially when your Co host travels all the 233 00:11:34,080 --> 00:11:36,960 time. Yes, he does dirty laundry. 234 00:11:37,080 --> 00:11:39,320 Coming out, but let me just say for the audience, because we're 235 00:11:39,320 --> 00:11:42,560 not on video. Jeff Jeff is surrounded by all 236 00:11:42,560 --> 00:11:46,160 kinds of devices, not unlike Nick who is on a Segway with all 237 00:11:46,160 --> 00:11:47,560 sorts of contraptions around him. 238 00:11:47,800 --> 00:11:49,320 No, but. But I I appreciate. 239 00:11:49,320 --> 00:11:54,320 I appreciate it for sure. So your topic this week here at 240 00:11:54,320 --> 00:11:57,040 Authenticate. Why don't you tell us what it is 241 00:11:57,040 --> 00:11:59,120 and why you chose it, why you're talking about it? 242 00:11:59,480 --> 00:12:03,800 Yeah. So the topic is an area that I'm 243 00:12:03,800 --> 00:12:07,520 super passionate about. It was an area that myself and 244 00:12:07,520 --> 00:12:09,600 Eric Wahlstrom, who's a Gardner analyst, we. 245 00:12:10,250 --> 00:12:13,490 Kind of help define this space and it's machine identity 246 00:12:13,490 --> 00:12:17,050 management. Specifically the presentation 247 00:12:17,050 --> 00:12:20,050 I'll be doing on Wednesday at Authenticate is Rise of the 248 00:12:20,050 --> 00:12:22,290 Machines. Why Authentication is needed for 249 00:12:22,290 --> 00:12:27,130 both humans and machines. And really the the thought there 250 00:12:27,130 --> 00:12:33,970 is that we've spent a lot of time with identity as and as we 251 00:12:33,970 --> 00:12:37,450 should focus on humans. And totally makes sense, right. 252 00:12:37,690 --> 00:12:40,450 All all this, all these types of authentication factors, how we 253 00:12:40,450 --> 00:12:44,930 use them when we talk about UX, user experience, but the users 254 00:12:44,930 --> 00:12:49,570 have been human, right. And so when we, when we think 255 00:12:49,570 --> 00:12:54,410 about machines really what what those are, it's it's there's 256 00:12:54,410 --> 00:12:56,250 kind of software and hardware, right. 257 00:12:56,250 --> 00:12:58,650 There's kind of two flavors. So if we say hardware, you're 258 00:12:58,650 --> 00:13:04,090 talking I0T, 0T0 T would be operational technology, so MRI 259 00:13:04,090 --> 00:13:06,880 machines or? Other types of manufacturing 260 00:13:06,880 --> 00:13:12,080 equipment, ultrasound machines, you name it, that's OTIOT. 261 00:13:12,080 --> 00:13:13,960 You know, different types of sensors, all all sorts of 262 00:13:13,960 --> 00:13:15,440 things. That's on the hardware side. 263 00:13:15,440 --> 00:13:18,640 Oh, I should also say laptops, desktops, mobile devices. 264 00:13:18,760 --> 00:13:21,720 Devices. Devices on the software side 265 00:13:21,720 --> 00:13:23,920 though, that's where things get really interesting. 266 00:13:23,920 --> 00:13:26,600 And not to say that the hardware side isn't interesting, but 267 00:13:26,600 --> 00:13:29,680 software side, you've got virtual machines. 268 00:13:30,010 --> 00:13:32,770 You've got containers, you've got workloads, you have 269 00:13:32,770 --> 00:13:34,650 software, you've got, you know all. 270 00:13:34,650 --> 00:13:38,210 Kinds of structure and software. Exactly right. 271 00:13:38,210 --> 00:13:41,850 So if you just think about the. Good old fashioned service 272 00:13:41,890 --> 00:13:43,890 accounts. Service accounts. 273 00:13:43,930 --> 00:13:47,930 All kinds of things that aren't, quote UN quote, human right Now 274 00:13:47,930 --> 00:13:49,770 there's a couple flavours of that too, I should say. 275 00:13:49,770 --> 00:13:53,490 There's supervised and unsupervised. 276 00:13:53,810 --> 00:13:58,290 So what do I mean by that? So a supervised machine. 277 00:13:58,830 --> 00:14:04,430 You could think of it this way. So if Jeff creates a script to 278 00:14:04,430 --> 00:14:07,870 run on your machine that's that's or on your say your 279 00:14:07,870 --> 00:14:11,470 laptop, that's a machine. But that machine effectively is 280 00:14:11,470 --> 00:14:14,030 borrowing Jeff's rights and entitlements, right? 281 00:14:14,030 --> 00:14:16,910 It's it's ceiling would be whatever access you have. 282 00:14:17,110 --> 00:14:20,390 And I have to initiate it at some level to start the work, 283 00:14:20,390 --> 00:14:23,390 correct? Or you could create a bot. 284 00:14:23,990 --> 00:14:26,430 Yeah, right. Like where I could learn, but 285 00:14:26,430 --> 00:14:28,910 it's it's it's going to be like a derivative of your identity. 286 00:14:28,910 --> 00:14:32,390 So it's kind of like it's, it's it's Jeff, but just a robot 287 00:14:32,390 --> 00:14:34,350 version of you. And so we say it's kind of 288 00:14:34,350 --> 00:14:36,190 supervised. You're not going to really let 289 00:14:36,190 --> 00:14:38,070 it do anything crazy. Hopefully not. 290 00:14:38,990 --> 00:14:42,390 Hopefully not that's supervised, unsupervised could be like a 291 00:14:42,390 --> 00:14:45,310 chat bot on a website, say you go to like, I don't know, 292 00:14:45,310 --> 00:14:48,430 T-Mobile or Verizon's website. And just by virtue of you going 293 00:14:48,430 --> 00:14:49,670 there, it's typically event driven. 294 00:14:50,290 --> 00:14:53,690 The event is a new user goes to website and boom, a chat bot 295 00:14:53,690 --> 00:14:55,610 pops up. Hey Jeff, last time you were 296 00:14:55,610 --> 00:14:59,250 here, maybe use a cookie. You had a problem with your 297 00:14:59,250 --> 00:15:02,890 bill, right? So that machine didn't exist 298 00:15:03,730 --> 00:15:05,810 before you went to the website, and now it exists. 299 00:15:05,810 --> 00:15:10,330 It's taking signals from whatever trans whatever transmit 300 00:15:10,330 --> 00:15:12,410 of data is coming from your browser or whatever signals 301 00:15:12,410 --> 00:15:14,410 right to drive that. For the record, I hate those 302 00:15:14,410 --> 00:15:15,810 chat bots that pop up automatically. 303 00:15:15,810 --> 00:15:17,330 They are the most annoying thing in the world. 304 00:15:18,250 --> 00:15:21,010 They, you know, they some of them, I won't name the 305 00:15:21,010 --> 00:15:23,530 providers, but some of them at some providers have actually 306 00:15:23,530 --> 00:15:27,850 gotten much, much better and I would say they've definitely cut 307 00:15:27,850 --> 00:15:30,450 down on my stress having to call into call centers. 308 00:15:30,610 --> 00:15:33,370 If they're helpful, yes. I run into so many of that. 309 00:15:33,770 --> 00:15:35,610 It just sends you a loop and loop and loop. 310 00:15:35,610 --> 00:15:37,370 It's like, OK, well, I could have just, I could have just 311 00:15:37,370 --> 00:15:40,130 made a phone call. Yeah, and you know the How many 312 00:15:40,130 --> 00:15:41,970 questions do they actually solve? 313 00:15:43,450 --> 00:15:45,930 I mean, they're basic, right? I think if you're thinking about 314 00:15:45,930 --> 00:15:49,300 a chat bot. As it stands today, they are 315 00:15:49,380 --> 00:15:53,980 event driven to you're saying and they are basing off of a 316 00:15:53,980 --> 00:15:57,340 specific challenge response. Essentially that's coming from 317 00:15:57,340 --> 00:15:58,740 the user. They're looking for keywords. 318 00:15:58,740 --> 00:16:03,260 They're saying oh you typed in bill and problem. 319 00:16:03,540 --> 00:16:07,060 So therefore you must mean this help desk article that is you 320 00:16:07,060 --> 00:16:10,180 know Dash 4657, whatever maybe And then it starts going through 321 00:16:10,180 --> 00:16:14,220 that script right of things. The challenge becomes, well, I 322 00:16:14,220 --> 00:16:16,910 think it's the challenge is. You're trying to deal with a 323 00:16:16,910 --> 00:16:18,830 whole bunch of humans and a bunch of different ways of 324 00:16:18,830 --> 00:16:20,870 saying I need help with my account. 325 00:16:21,790 --> 00:16:24,230 Yes, yeah. But I mean, I won't get too far 326 00:16:24,230 --> 00:16:28,150 ahead, but if you take that notion, Jeff, and you connect it 327 00:16:28,190 --> 00:16:30,310 to a large language model. Baby, that's what I'm talking 328 00:16:30,310 --> 00:16:32,350 about. So before they didn't really 329 00:16:32,350 --> 00:16:35,790 have much to reference when that bot was right. 330 00:16:35,790 --> 00:16:37,270 So. So I think, I think, Jim, a 331 00:16:37,270 --> 00:16:39,750 basic script and whatever. And if it goes off that script, 332 00:16:39,750 --> 00:16:41,510 the thing just doesn't know what to do. 333 00:16:42,190 --> 00:16:44,870 And so you get frustration on the consumer side. 334 00:16:44,870 --> 00:16:46,930 Plus, you know. Who knows what goes on the other 335 00:16:46,930 --> 00:16:49,410 side, but if you couple that with an LLM, now you get 336 00:16:49,410 --> 00:16:52,370 something interesting. So that being said, going back 337 00:16:52,370 --> 00:16:58,330 to machines, this is also, you know, this is also why I think 338 00:16:58,330 --> 00:17:00,450 just before the session, by the way, for our audience, Simon 339 00:17:00,450 --> 00:17:04,609 Moffett went over some data. Survey data and machine 340 00:17:04,609 --> 00:17:06,410 identities is one of the thing he talked about. 341 00:17:06,890 --> 00:17:10,369 And and I know we can get to that, but I'll I'll just say 342 00:17:10,369 --> 00:17:13,770 this is also I believe at least what Simon's thinking is in 343 00:17:13,770 --> 00:17:15,890 terms of this is. Machine identities are just 344 00:17:15,890 --> 00:17:18,210 going to explode when you think about containers and all that 345 00:17:18,210 --> 00:17:20,329 stuff. But not only that, I also think 346 00:17:20,329 --> 00:17:23,690 about that that robotic process automation use case, the chatbot 347 00:17:23,690 --> 00:17:27,130 use case, and how many agents, you know, autonomous agents 348 00:17:27,130 --> 00:17:31,890 we're going to see deployed in those scenarios tied with LLMS. 349 00:17:32,050 --> 00:17:34,370 That's only going to fuel more machine identities. 350 00:17:34,370 --> 00:17:37,770 So I'll cover this in my presentation, but you're looking 351 00:17:37,770 --> 00:17:43,640 at, you know, at least 50 X. The number of machines you have 352 00:17:43,640 --> 00:17:45,760 running in your environment over humans today. 353 00:17:46,680 --> 00:17:49,960 I do worry about the large language model with the chat bot 354 00:17:50,320 --> 00:17:53,880 if you need to have good security about around it, right? 355 00:17:53,880 --> 00:17:55,800 Or others. Otherwise, someone may just 356 00:17:55,800 --> 00:18:01,400 start attacking that thing with an AI bot, trying to see what 357 00:18:01,400 --> 00:18:05,920 kind of data could farm from that chat bot. 100%, right. 358 00:18:05,920 --> 00:18:09,440 So it's not unlike when you think about the early days of. 359 00:18:10,010 --> 00:18:13,850 Web applications being put up and then people just putting in 360 00:18:14,570 --> 00:18:16,850 you know. Yeah strings of text. 361 00:18:16,850 --> 00:18:20,130 Sequel injections commands. And then if they didn't filter 362 00:18:20,130 --> 00:18:21,890 those, it would just run those commands. 363 00:18:21,890 --> 00:18:24,650 I mean a machine is a machine. A machine's not smart on its 364 00:18:24,650 --> 00:18:26,170 own. It's just going to you give it 365 00:18:26,170 --> 00:18:29,210 something to to execute and if it's in the confines, that's 366 00:18:29,570 --> 00:18:32,330 fine, it'll do it. So that that led to the birth of 367 00:18:32,330 --> 00:18:34,570 the web application firewall filtering all those out. 368 00:18:34,930 --> 00:18:37,850 I think we're, you know we're we're we're at the place where. 369 00:18:38,300 --> 00:18:41,740 There are some interesting companies that are looking at 370 00:18:41,740 --> 00:18:45,940 that type of concept, you know to to front load and filter 371 00:18:45,940 --> 00:18:48,500 those LLMS, the inputs and even the outputs. 372 00:18:49,700 --> 00:18:52,380 But I think I think Jim we're still very early on in those 373 00:18:52,380 --> 00:18:55,420 days. But it it does if I just tie it 374 00:18:55,420 --> 00:18:58,820 back to machine identities, you know it it does come with if 375 00:18:58,820 --> 00:19:01,780 you, you know, if you think about the notion of having good 376 00:19:01,780 --> 00:19:05,620 IAM with your humans, if you've if you went to bat for that at 377 00:19:05,620 --> 00:19:08,860 your company. You should be going to bat for 378 00:19:08,860 --> 00:19:12,620 that for your machines. You know, I feel like at least 379 00:19:12,620 --> 00:19:17,460 10 years ago we were defining I am as ensuring that the right 380 00:19:17,460 --> 00:19:21,260 people have the right access to dot, dot, dot and it's like that 381 00:19:21,260 --> 00:19:24,620 was the huge miss, right. It wasn't just people, it was 382 00:19:24,620 --> 00:19:27,540 people and things. We kind of eventually got to 383 00:19:27,540 --> 00:19:29,620 that. But you know, one of the things 384 00:19:29,620 --> 00:19:33,820 that I find is like the the things that you almost forgot 385 00:19:33,820 --> 00:19:36,380 are the machine accounts. You almost forgot to get to 386 00:19:36,380 --> 00:19:38,490 where. The service accounts, right, 387 00:19:38,490 --> 00:19:41,090 Because they've been around for so long, it's like that's not 388 00:19:41,090 --> 00:19:44,890 the exciting thing anymore. The organizations have 20 years 389 00:19:45,290 --> 00:19:47,690 of machine accounts that they've been carrying through their 390 00:19:47,690 --> 00:19:50,730 Active Directory, and they don't even know which ones they can 391 00:19:50,730 --> 00:19:53,330 turn off. It's kind of scary. 392 00:19:53,330 --> 00:19:54,810 They've got the whole clean up of that. 393 00:19:55,050 --> 00:19:57,890 And if they don't get their arms around the accounts for 394 00:19:57,890 --> 00:20:01,730 Terraform, the accounts for Docker, the accounts for GitHub. 395 00:20:03,280 --> 00:20:05,720 It's going to be, they're going to have clean up for all that 396 00:20:05,720 --> 00:20:07,640 too. And they're just like you said, 397 00:20:07,840 --> 00:20:10,360 the attack service is going to grow exponentially. 398 00:20:10,480 --> 00:20:12,840 Exactly. And and yeah, so that's that's 399 00:20:13,200 --> 00:20:15,880 part part of some of the recommendations I get into in my 400 00:20:15,880 --> 00:20:20,680 presentation there this week. That's actually step one is 401 00:20:20,680 --> 00:20:23,320 discovery. So you can't manage what you're 402 00:20:23,320 --> 00:20:25,760 not measuring. And a lot of people have 403 00:20:25,760 --> 00:20:28,080 machines all over the place, right? 404 00:20:28,480 --> 00:20:30,120 You know, So there's there's service accounts. 405 00:20:30,440 --> 00:20:35,000 If they're using AWS and GCP and Azure, right? 406 00:20:35,000 --> 00:20:38,240 And some other cloud service providers and maybe fragmented 407 00:20:38,240 --> 00:20:39,960 across different regions. If they're a global 408 00:20:39,960 --> 00:20:42,680 organization, they're going to have all kinds of machines 409 00:20:42,680 --> 00:20:45,040 everywhere. So you have to run some kind of 410 00:20:45,040 --> 00:20:48,600 discovery process in order to say, OK, what machines do we 411 00:20:48,600 --> 00:20:51,560 have out there. So we can at least size the 412 00:20:51,560 --> 00:20:54,880 problem and then you can determine how can we monitor 413 00:20:54,880 --> 00:20:57,320 these things and then manage and so on and so forth. 414 00:20:57,640 --> 00:21:02,390 I think also there's the difference between identities 415 00:21:02,390 --> 00:21:04,710 and accounts, right? There's certainly that when you 416 00:21:04,710 --> 00:21:06,670 think about people. I'm Jim. 417 00:21:07,190 --> 00:21:10,150 I have an AD account. Maybe I'll have multiple AD 418 00:21:10,150 --> 00:21:12,270 accounts. Maybe there are multiple a DS. 419 00:21:12,630 --> 00:21:16,030 Maybe there are applications that fit outside of my IDP 420 00:21:16,030 --> 00:21:19,150 landscape. Machines are even more complex 421 00:21:19,430 --> 00:21:23,190 because you have a machine that could have multiple accounts. 422 00:21:23,830 --> 00:21:27,150 There's a machine, the identity or is it the human who runs the 423 00:21:27,150 --> 00:21:31,680 machine, and if you make it, the human who runs the machine when 424 00:21:31,680 --> 00:21:34,360 they leave the organization? From a governance perspective, 425 00:21:34,560 --> 00:21:37,120 how do I handle that? I don't think those rules of 426 00:21:37,120 --> 00:21:39,320 engagement are are cleared today. 427 00:21:39,320 --> 00:21:43,120 I think it's just you. You kind of come up with it. 428 00:21:43,280 --> 00:21:45,240 It's almost like you need a creative solution. 429 00:21:45,360 --> 00:21:49,560 Yeah, yeah I I you there's a lot on pack Jim what you just said. 430 00:21:49,960 --> 00:21:53,720 So first I'll just, I'll all these tackle you know the 431 00:21:53,720 --> 00:21:57,980 maturity side of it. We are very early on with 432 00:21:57,980 --> 00:22:00,780 machine identity management. There's a lot of different kinds 433 00:22:00,780 --> 00:22:03,180 of solution. Let me just say this, almost 434 00:22:03,180 --> 00:22:06,740 every client that I know, both of you work with and probably a 435 00:22:06,740 --> 00:22:09,700 lot of our listeners as well. Everybody has some kind of 436 00:22:09,700 --> 00:22:11,100 machine. First of all, everyone has 437 00:22:11,100 --> 00:22:14,140 machine identities accounts all over the place. 438 00:22:14,140 --> 00:22:15,940 That's anyone who says they don't. 439 00:22:15,940 --> 00:22:18,180 They're lying or they don't understand or they don't 440 00:22:18,180 --> 00:22:22,100 understand. They also, surprisingly, do have 441 00:22:22,100 --> 00:22:24,220 some machine identity management tools. 442 00:22:24,940 --> 00:22:27,660 If you've got a certificate authority and some certificate 443 00:22:27,660 --> 00:22:29,820 management, you're managing some kind of machines there you have 444 00:22:29,820 --> 00:22:33,460 code signing products that that's also machine stuff. 445 00:22:33,740 --> 00:22:37,380 You've got some cloud, cloud, security, posture management, 446 00:22:37,420 --> 00:22:41,340 you might have some there, right, Pam solutions, Cyber Ark, 447 00:22:41,340 --> 00:22:45,420 Delineia, right. They all have some kind of 448 00:22:45,420 --> 00:22:50,700 layers to this, but right now it's a mess from a functional 449 00:22:50,700 --> 00:22:52,300 perspective. And then going back to what you 450 00:22:52,300 --> 00:22:54,620 said from a again, remember I always think of the world as. 451 00:22:54,870 --> 00:22:57,510 People process and technology. So we have a lot of the 452 00:22:57,510 --> 00:22:58,990 technologies, but they're fragmented. 453 00:22:58,990 --> 00:23:02,510 So that's 1-2. We don't have people that are 454 00:23:02,510 --> 00:23:06,310 explicitly like, oh, I'm an an identity architect, but I 455 00:23:06,310 --> 00:23:09,350 guarantee you the majority of identity architects you talk to 456 00:23:09,430 --> 00:23:12,950 are on human identity. They focus on human identity. 457 00:23:13,550 --> 00:23:16,030 We need to get them focused more on a machine identity, but you 458 00:23:16,030 --> 00:23:19,030 might argue that could be some developers but but then the 459 00:23:19,030 --> 00:23:21,950 process, I think that's also where we're we're immature to. 460 00:23:21,950 --> 00:23:24,350 So we're very early in that maturity curve. 461 00:23:25,490 --> 00:23:28,490 And I've worked with thousands of companies around the world, 462 00:23:28,970 --> 00:23:30,490 you know, in this topic over the years. 463 00:23:30,490 --> 00:23:33,810 And I would say, you know, I don't think, you know, I don't, 464 00:23:33,810 --> 00:23:36,850 I don't. I don't say, hey, you are all 465 00:23:36,850 --> 00:23:38,490 behind. No, no, no, absolutely not. 466 00:23:38,490 --> 00:23:40,250 This is just the evolution of the space. 467 00:23:40,250 --> 00:23:42,890 So don't, I wouldn't beat yourself up if you're too, too 468 00:23:42,890 --> 00:23:46,370 early. But going back to the, the other 469 00:23:46,370 --> 00:23:50,650 point you made accounts versus identities themselves. 470 00:23:50,650 --> 00:23:53,090 Yeah, absolutely. It depends again on the use 471 00:23:53,090 --> 00:23:56,000 case. If there's a human involved, it 472 00:23:56,000 --> 00:23:59,080 could be Jim's account. But you're managing potentially 473 00:23:59,400 --> 00:24:01,640 thousands, maybe even millions of machines. 474 00:24:02,000 --> 00:24:04,960 If you're the the, say, a website operator or you're a big 475 00:24:04,960 --> 00:24:07,600 part of running a digital business and you're creating 476 00:24:07,600 --> 00:24:09,640 those chat bots or you're creating all those, those could 477 00:24:09,640 --> 00:24:12,880 be tied to accounts that you manage or monitor because maybe 478 00:24:12,880 --> 00:24:14,280 you're the privileged user behind them. 479 00:24:14,560 --> 00:24:19,480 And that's also why we see some, like vendors like Cyber Ark and 480 00:24:19,480 --> 00:24:21,440 others talking about machine identities. 481 00:24:21,880 --> 00:24:25,000 Because they see that as well. I think coming into the market 482 00:24:25,800 --> 00:24:28,160 anyway I'll, I'll stop there. That was a lot, that's a lot. 483 00:24:28,160 --> 00:24:35,360 But the other observation that I have and I see this say 90% of 484 00:24:35,360 --> 00:24:38,720 the clients who have are moving into the cloud. 485 00:24:38,720 --> 00:24:43,800 Is that developers? Or maybe a non strategic 486 00:24:44,000 --> 00:24:49,270 approach to moving out to the cloud, starting up applications, 487 00:24:49,270 --> 00:24:54,030 maybe doing DevOps, being done by teams who have to deploy some 488 00:24:54,030 --> 00:24:58,870 functionality not by, you know the CISO. 489 00:24:59,070 --> 00:25:02,990 So then by the time the CISO says hey I've got something I 490 00:25:02,990 --> 00:25:06,310 need to get my arms around, it's already built, it's already 491 00:25:06,310 --> 00:25:08,910 doing things. So you know you don't want to be 492 00:25:08,910 --> 00:25:12,030 the progress prevention department, but at the same time 493 00:25:12,310 --> 00:25:17,230 your your cloud infrastructure has to all of the same controls 494 00:25:17,230 --> 00:25:18,950 the rest of your enterprise does. 495 00:25:19,190 --> 00:25:23,310 So I think that's one of the big challenges is that a lot of this 496 00:25:23,310 --> 00:25:26,310 is springing up for organizations and maybe it's 497 00:25:26,470 --> 00:25:28,950 it's happened in the past. It really depends on where the 498 00:25:28,950 --> 00:25:31,310 organization is in their cloud life cycle. 499 00:25:32,630 --> 00:25:37,040 But they've got this situation that's been created for them. 500 00:25:37,200 --> 00:25:39,840 So they're they're stepping into it and like now having to get 501 00:25:39,840 --> 00:25:43,240 control over the environment. So take Terraform for example, 502 00:25:43,680 --> 00:25:45,920 you know it goes out and creates accounts. 503 00:25:46,320 --> 00:25:49,240 So as it destroy the accounts that provide it provisions the 504 00:25:49,240 --> 00:25:55,240 self rolls, OK, you know do you go in there and say stop using 505 00:25:55,240 --> 00:25:58,680 Terraform? No, you say, OK, well how do we 506 00:25:58,680 --> 00:26:02,360 do this in a way that's controlled and that so then I 507 00:26:02,360 --> 00:26:06,900 think the Infosec group becomes like oversight kind of making 508 00:26:06,900 --> 00:26:11,820 sure that it's not breaking rules or that at least can be 509 00:26:12,060 --> 00:26:14,580 monitored and managed. What do you think? 510 00:26:15,100 --> 00:26:17,940 Let me add one more wrinkle to that too, because I think 511 00:26:18,060 --> 00:26:20,900 there's two things. There's one is the creation of 512 00:26:20,900 --> 00:26:22,500 those accounts. Definitely an issue. 513 00:26:23,020 --> 00:26:25,700 The destruction of those accounts, I think are just as 514 00:26:25,700 --> 00:26:28,480 important because. In the automated world, these 515 00:26:28,480 --> 00:26:30,760 things might only live for fractions of a second or a 516 00:26:30,760 --> 00:26:32,840 millisecond. They conduct a very specific 517 00:26:32,840 --> 00:26:34,440 transaction and then poof, they're gone. 518 00:26:35,040 --> 00:26:39,920 And I think if if you try to draw a line to this, it might 519 00:26:39,920 --> 00:26:42,920 simple brain. All I think about is, yeah, it's 520 00:26:42,920 --> 00:26:44,920 just like on boarding and off boarding for a human person, 521 00:26:44,920 --> 00:26:50,880 it's just a whole lot faster. And we, we were not built yet to 522 00:26:50,880 --> 00:26:54,720 manage that volume and that time. 523 00:26:55,410 --> 00:26:58,210 And I think those are the, I think that's I try to make it as 524 00:26:58,210 --> 00:27:00,770 simple as I can and that's I keep going back to that idea. 525 00:27:01,570 --> 00:27:06,450 OK, I just need to say to our audience, I swear that Jim and 526 00:27:06,450 --> 00:27:10,610 Jeff have not seen my slides. One of my slides is I have a 527 00:27:10,970 --> 00:27:15,370 graphic of a human identity life cycle and then the slide right 528 00:27:15,370 --> 00:27:20,330 after is a similar graphic where I contrast it with the machine 529 00:27:20,330 --> 00:27:23,010 identity life cycle. Actually looks the same. 530 00:27:23,960 --> 00:27:27,880 But you're absolutely right. The volume, velocity and the 531 00:27:27,880 --> 00:27:30,680 variety of these machines, it depends on their use case. 532 00:27:30,680 --> 00:27:33,280 If it's one of those chat bots and you get a million people 533 00:27:33,280 --> 00:27:36,160 coming to your website and it's all and a chat bot's triggered, 534 00:27:36,160 --> 00:27:39,080 let's just say every time a new visitor comes, you might get a 535 00:27:39,080 --> 00:27:42,440 million bots right now at time one. 536 00:27:43,000 --> 00:27:47,800 And then at time three, you know, maybe 750,000 of them are 537 00:27:48,000 --> 00:27:50,680 dead because people close the browser and walk away and 538 00:27:50,680 --> 00:27:52,200 they're not going to let that process run. 539 00:27:52,200 --> 00:27:54,230 They're going to. Hopefully they would it would be 540 00:27:54,350 --> 00:27:55,630 killed off. You would hope. 541 00:27:55,870 --> 00:27:58,110 Right. So absolutely there, there has 542 00:27:58,110 --> 00:28:00,230 to be, first of all, you know you, you have to think through 543 00:28:00,230 --> 00:28:01,470 all those different types of machines. 544 00:28:01,470 --> 00:28:03,910 Is it hardware, is it software? Then what type is it? 545 00:28:04,590 --> 00:28:10,750 And based on that you know your risk profile, what are the risks 546 00:28:10,750 --> 00:28:12,990 of these machines, right? Are they dealing with sensitive 547 00:28:12,990 --> 00:28:15,030 information or are they not? Right. 548 00:28:15,110 --> 00:28:19,270 And then that should lead you to them say, OK, what is that 549 00:28:19,830 --> 00:28:24,330 creation process? Do I have to tie back to you 550 00:28:24,330 --> 00:28:28,530 know, one client I talked to they wanted to mirror PIV, you 551 00:28:28,530 --> 00:28:32,370 know, personal identif identical verification, right. 552 00:28:32,930 --> 00:28:35,850 They wanted to mirror that and use digital certificates for 553 00:28:35,850 --> 00:28:37,370 each and every machine they create. 554 00:28:37,650 --> 00:28:39,930 But then they also said you know, but we if we have these 555 00:28:39,930 --> 00:28:45,330 like you know, public, non classified, you know, bots that 556 00:28:45,330 --> 00:28:47,810 are accessing, you know, public information. 557 00:28:48,400 --> 00:28:50,240 We don't care. We we're not even going to give 558 00:28:50,240 --> 00:28:53,200 it a strong identity. We'll we'll just manage how many 559 00:28:53,200 --> 00:28:56,520 there are just for costs, you know consumption for our cloud 560 00:28:56,520 --> 00:28:58,880 usage. But other than that we don't 561 00:28:58,880 --> 00:29:00,720 really care. So I thought that was really 562 00:29:00,720 --> 00:29:02,240 interesting. It's going to always come back 563 00:29:02,240 --> 00:29:04,240 to that you know your risk tolerance. 564 00:29:04,520 --> 00:29:07,560 Do they have to adhere to any compliance standards? 565 00:29:07,840 --> 00:29:10,840 And then you need to determine like, yeah, we need to either go 566 00:29:10,840 --> 00:29:14,560 hardcore and and and issue certificates for each and every 567 00:29:14,560 --> 00:29:17,440 identity. And that might have an impact on 568 00:29:17,440 --> 00:29:20,760 what that creation process looks like, the authorization process 569 00:29:21,760 --> 00:29:23,880 and and and so on. But it really goes into all 570 00:29:23,880 --> 00:29:25,160 that. But there are a couple other 571 00:29:25,160 --> 00:29:28,320 things that that that you mentioned it's it's it's not 572 00:29:28,320 --> 00:29:32,600 just security as well. Security is a big, a big part of 573 00:29:32,600 --> 00:29:35,080 identity of course, right. Knowing who and what you're 574 00:29:35,080 --> 00:29:38,200 dealing with and then you can determine OK, these are the 575 00:29:38,200 --> 00:29:41,160 areas you can play and you can access and these are the areas 576 00:29:41,160 --> 00:29:42,760 that you can't. OK. 577 00:29:42,760 --> 00:29:46,310 That's a big part of security. But we also have to think about 578 00:29:47,510 --> 00:29:52,870 even just identifying these these things for also cost 579 00:29:52,870 --> 00:29:55,110 optimization and just overall operations. 580 00:29:55,470 --> 00:29:58,950 So if, if, if so, you can not only think of it as a security, 581 00:30:00,470 --> 00:30:03,430 you know, mitigating security, doing your compliance, all that 582 00:30:03,430 --> 00:30:06,790 kind of stuff, but also if you've got a good machine 583 00:30:06,790 --> 00:30:09,430 identity practice. I guess what I'm asserting is 584 00:30:09,430 --> 00:30:12,590 that it can also benefit you from an operations perspective 585 00:30:12,590 --> 00:30:15,480 because now. Let's just say it is the golden 586 00:30:15,480 --> 00:30:18,320 standard, it's hybrid, it's multi cloud. 587 00:30:18,640 --> 00:30:22,800 Now you can actually take a look and say you know what Jim, this 588 00:30:22,800 --> 00:30:26,080 month we had a lot more machines that we generated in Google 589 00:30:26,080 --> 00:30:29,320 Cloud than we did in AWS. Does that mean we need to adjust 590 00:30:29,320 --> 00:30:31,240 our contracts in one or the other? 591 00:30:31,560 --> 00:30:34,800 It could very well be. So now if you actually have and 592 00:30:34,800 --> 00:30:38,720 it's not, again it's not unlike good human IAM, it can actually 593 00:30:38,720 --> 00:30:41,720 give you some really good data that can help you make. 594 00:30:42,130 --> 00:30:45,730 Infrastructure decisions, cloud investment decisions and even 595 00:30:45,730 --> 00:30:49,130 just good business decisions because you now have data. 596 00:30:49,130 --> 00:30:52,890 So I would even argue if your company values data and 597 00:30:52,890 --> 00:30:56,730 analytics and you've justified for Chief Data officer, Chief 598 00:30:56,730 --> 00:30:59,730 Data Officer can work really well with this data because it 599 00:30:59,730 --> 00:31:00,810 could be really good consumption. 600 00:31:00,810 --> 00:31:03,850 And then I'll just say one last other use case, how many chat 601 00:31:03,850 --> 00:31:05,690 bots are you generating? How many people are coming to 602 00:31:05,690 --> 00:31:07,220 your website? Right. 603 00:31:07,220 --> 00:31:09,380 If marketing's generating all these campaigns and now 604 00:31:09,380 --> 00:31:12,380 everyone's like, hey, I'm going to go to this mobile operator's 605 00:31:12,380 --> 00:31:15,740 website because let's say it's Mint mobile and Ryan Reynolds is 606 00:31:15,820 --> 00:31:19,100 doing a big push on Mint Mobile and all of a sudden they're 607 00:31:19,100 --> 00:31:21,380 getting a lot. They could track that and they 608 00:31:21,380 --> 00:31:25,060 can track it with really strong confidence because they actually 609 00:31:25,060 --> 00:31:27,460 are identifying the machines properly. 610 00:31:27,660 --> 00:31:29,140 And it's not just text based stuff. 611 00:31:30,020 --> 00:31:32,380 Yeah. One more follow up and it's like 612 00:31:33,300 --> 00:31:36,880 the human identity management flows now. 613 00:31:36,880 --> 00:31:40,120 Seems so easy, right? I mean, there was a time where I 614 00:31:40,120 --> 00:31:42,480 was like, oh really? I have to wrap my brain around 615 00:31:42,480 --> 00:31:44,640 this. But now it just seems like it's 616 00:31:44,640 --> 00:31:48,000 black and white. There's an authority to source 617 00:31:48,000 --> 00:31:51,480 for employees. That's the human resource system 618 00:31:51,840 --> 00:31:55,200 and then it flows through your governance process. 619 00:31:55,600 --> 00:31:59,800 Contractors are a little more difficult, but if they're in the 620 00:32:00,000 --> 00:32:04,360 HR system it's still better or if it's in some kind of third 621 00:32:04,360 --> 00:32:08,040 party system. I know I'm not trying to step in 622 00:32:08,040 --> 00:32:12,680 on a landmine here, but authoritative source and the 623 00:32:12,680 --> 00:32:16,480 control around employees is like people make sure they get 624 00:32:16,480 --> 00:32:19,560 disabled when they leave the organization because we don't 625 00:32:19,560 --> 00:32:22,760 want to pay them. We may have strong policies 626 00:32:22,760 --> 00:32:26,660 around contractors, but it's like, you know, this person's 627 00:32:26,660 --> 00:32:28,660 the manager. They know when that person's no 628 00:32:28,660 --> 00:32:31,940 longer here, so ultimately they're accountable to get that 629 00:32:31,940 --> 00:32:35,060 person shut off. Now, when it comes to machines 630 00:32:35,340 --> 00:32:37,620 like, there's no authoritative sources there. 631 00:32:38,100 --> 00:32:43,300 Should there be? So one should there be 100%, 632 00:32:43,780 --> 00:32:46,820 because look, the world already runs on machines anyways, and 633 00:32:46,820 --> 00:32:50,860 it's only going to continue to run, you know, furthermore on 634 00:32:50,860 --> 00:32:53,060 machines. I mean, I know both of you flew 635 00:32:53,060 --> 00:32:54,300 here. We're in Carlsbad. 636 00:32:54,750 --> 00:32:59,030 California, The San Diego area. And they're bragging now because 637 00:32:59,070 --> 00:33:00,070 you didn't fly. Here. 638 00:33:00,110 --> 00:33:02,710 No, I did not fly here. I drove here, but I won't say 639 00:33:02,710 --> 00:33:06,870 anything else. The but there was all software 640 00:33:06,870 --> 00:33:10,590 on those planes. The military is using drones and 641 00:33:10,590 --> 00:33:12,590 all kinds of things that get updates every day. 642 00:33:12,590 --> 00:33:14,950 And software your cars are. You know what? 643 00:33:15,310 --> 00:33:18,790 The average car has 250 plus computers on it. 644 00:33:19,260 --> 00:33:23,140 So the world is run by software and that is only going to 645 00:33:23,140 --> 00:33:25,580 increase. And all of this is just machines 646 00:33:25,580 --> 00:33:26,980 and these machines need identity. 647 00:33:26,980 --> 00:33:30,460 So you know, I I think, Jim, you bring up a good point. 648 00:33:32,300 --> 00:33:36,620 When we see something in front of us, like a human being, you 649 00:33:36,620 --> 00:33:40,740 know, it's much easier to say, OK, you're an employee, you're a 650 00:33:40,740 --> 00:33:44,580 contractor, you're a business partner or you're a consumer. 651 00:33:45,020 --> 00:33:46,780 Identity, identity, identity, identity. 652 00:33:46,780 --> 00:33:51,100 Maybe I use this system or that system or whatever, but machines 653 00:33:51,100 --> 00:33:54,140 are a little bit more tricky because OK, maybe the physical 654 00:33:54,140 --> 00:33:56,500 ones. We could say, hey, I've got 655 00:33:56,740 --> 00:33:59,420 these MRI machines and I need to put them on the network and 656 00:33:59,420 --> 00:34:02,780 Cisco's telling me I need to put a certificate on it so I can do 657 00:34:02,780 --> 00:34:06,420 cert based offs. OK, what about all this funky 658 00:34:06,420 --> 00:34:09,060 stuff in the cloud? What about all these bots that 659 00:34:09,060 --> 00:34:12,020 are running? No one's really there right now 660 00:34:12,020 --> 00:34:16,060 as like, a regulatory force. Forcing organizations to do 661 00:34:16,060 --> 00:34:17,860 this? Am I advocating for that? 662 00:34:18,420 --> 00:34:22,460 I don't want to make life harder for our community, but at the 663 00:34:22,460 --> 00:34:23,820 same time, I think it might need that. 664 00:34:23,820 --> 00:34:27,340 I think we might need, you know, folks to do this because I'll 665 00:34:27,340 --> 00:34:29,860 give you another example of a a machine identity risk. 666 00:34:30,820 --> 00:34:34,780 Code signing, right? Applications need identities 667 00:34:34,780 --> 00:34:37,659 too. And So what if I'm able to 668 00:34:37,659 --> 00:34:41,900 actually hack into a software developer like, oh, this 669 00:34:41,900 --> 00:34:46,530 happened to Asus? And get into their environment 670 00:34:47,010 --> 00:34:50,330 and I could get access to their code signing cert. 671 00:34:50,489 --> 00:34:52,610 And then I start signing malicious code. 672 00:34:52,850 --> 00:34:56,650 And you have an Asus machine, and your Asus update application 673 00:34:56,650 --> 00:34:59,610 engine just downloads the malware and deploys it on your 674 00:34:59,610 --> 00:35:01,290 machine. And it doesn't really know any 675 00:35:01,290 --> 00:35:03,970 better because it goes, oh, it's it was signed by an authorized 676 00:35:03,970 --> 00:35:06,690 source, right? So that's that's an example. 677 00:35:06,690 --> 00:35:10,650 So should there be an authoritative source in your 678 00:35:10,650 --> 00:35:13,210 organization for all of your machine identities? 679 00:35:13,920 --> 00:35:15,920 Yes. Should we start thinking about 680 00:35:15,920 --> 00:35:17,320 it now? Yes. 681 00:35:17,360 --> 00:35:20,600 Is there technology available for them to do it in one like we 682 00:35:20,600 --> 00:35:22,200 do that would mirror human identity? 683 00:35:23,200 --> 00:35:24,440 Not really. I thought you were going to say 684 00:35:24,440 --> 00:35:27,600 yes. Not maybe. 685 00:35:27,600 --> 00:35:29,040 Yeah, it. Depends on the use case and I 686 00:35:29,040 --> 00:35:30,560 think the types, right? Correct. 687 00:35:30,560 --> 00:35:31,320 Yeah. Correct. 688 00:35:31,320 --> 00:35:34,760 We we see some interesting things with secrets managers 689 00:35:34,760 --> 00:35:39,520 again Pam this area. That traditional service account 690 00:35:39,520 --> 00:35:43,180 management type thing? Correct, correct. 691 00:35:43,420 --> 00:35:46,900 And then you have on the certificate side there I see 692 00:35:46,900 --> 00:35:50,660 some interesting things there. You have companies like Venify 693 00:35:50,660 --> 00:35:52,980 and Key Factor and others we're talking about machine identity, 694 00:35:52,980 --> 00:35:54,780 but that's a little bit more on the crypto space. 695 00:35:54,780 --> 00:35:58,340 But there hasn't been this leap to connect those dots with the 696 00:35:58,340 --> 00:36:00,740 service account side to to all this. 697 00:36:00,740 --> 00:36:03,500 But I think if you, if you go back and look at Gartner, 698 00:36:03,500 --> 00:36:06,220 Gartner's talking about this more and more, good, right? 699 00:36:06,260 --> 00:36:08,500 It's going to be an expensive problem to solve. 700 00:36:09,080 --> 00:36:14,080 I think there are folks whose mindset is don't sell things on 701 00:36:14,080 --> 00:36:18,640 FUD factor and it's like we're going to need a lot of money to 702 00:36:18,640 --> 00:36:21,280 solve this problem. It's a very real problem. 703 00:36:21,520 --> 00:36:25,480 The results are, you know, these major breaches that you're 704 00:36:25,480 --> 00:36:28,720 seeing. It's like that could happen to 705 00:36:28,720 --> 00:36:31,160 us. It's not FUD factor. 706 00:36:31,200 --> 00:36:35,160 No, no. I mean, I've been in this space 707 00:36:35,160 --> 00:36:40,620 for two decades now. And you know, I started out 708 00:36:40,620 --> 00:36:42,660 doing more like social hacking and all that. 709 00:36:42,660 --> 00:36:46,420 It was BBS stuff, IRC, you know, we're not getting more origin 710 00:36:46,420 --> 00:36:47,100 story. But. 711 00:36:48,260 --> 00:36:51,500 And then when I got into this field, it was cybersecurity. 712 00:36:51,780 --> 00:36:53,940 It's just folks I would talk to and say you're always scaring 713 00:36:53,940 --> 00:36:54,780 us. You're scaring us, you're 714 00:36:54,780 --> 00:36:56,580 scaring us. And and I don't think, Jim, now 715 00:36:56,580 --> 00:36:59,060 today I've heard anyone say that to me. 716 00:36:59,420 --> 00:37:03,500 I mean, if you are tripping over yourself and trying to scare 717 00:37:03,500 --> 00:37:04,780 someone with data, look at this breach. 718 00:37:04,780 --> 00:37:07,500 Look at that breach, OK, you know, just lay off. 719 00:37:08,110 --> 00:37:12,470 But again, going back to what Pam Dingell said, everyone in in 720 00:37:12,470 --> 00:37:14,590 in our space really needs to take note. 721 00:37:14,590 --> 00:37:18,270 Because as someone who was like formerly an attacker, it's like 722 00:37:18,270 --> 00:37:21,110 we have to get out of the mindset of joiner mover lever 723 00:37:21,110 --> 00:37:23,110 and think joiner mover lever adversary. 724 00:37:23,670 --> 00:37:29,630 Because attackers do not care if it's a machine, if it's a human, 725 00:37:30,550 --> 00:37:34,230 or if that machine identity or human identity is owned by this 726 00:37:34,230 --> 00:37:37,070 group in your company, that group or or or. 727 00:37:37,590 --> 00:37:40,830 You're an identity expert and this person is a is an endpoint 728 00:37:40,830 --> 00:37:42,310 security expert. They don't care about those 729 00:37:42,310 --> 00:37:45,070 roles or responsibility and they also don't have compliance. 730 00:37:45,510 --> 00:37:46,670 They don't have to adhere to anything. 731 00:37:46,670 --> 00:37:50,070 They'll just try and get in. So all this infighting we might 732 00:37:50,070 --> 00:37:54,070 have as as a community or as an organization, attackers love 733 00:37:54,070 --> 00:37:58,830 that, you know. And so I think that we are, you 734 00:37:58,830 --> 00:38:02,230 know number one, we need to plan on more attacks happening on our 735 00:38:02,230 --> 00:38:03,990 machines. It's only going to happen. 736 00:38:04,910 --> 00:38:07,150 Pam talked about identity infrastructure. 737 00:38:07,600 --> 00:38:09,600 Identity infrastructure is run by machines. 738 00:38:09,960 --> 00:38:12,840 Humans write the code, but it's the machines that are executing. 739 00:38:12,840 --> 00:38:16,360 It's containers and workloads in the cloud that allow you to 740 00:38:16,360 --> 00:38:18,800 authenticate, that allow you to do that SSO. 741 00:38:19,240 --> 00:38:22,760 And if someone compromises that because they stole a cert or 742 00:38:22,760 --> 00:38:27,120 they did whatever, they now own your identity infrastructure and 743 00:38:27,120 --> 00:38:30,280 they can do lots of things. Now you're in big trouble. 744 00:38:30,920 --> 00:38:32,680 Exactly. So I totally agree with you. 745 00:38:32,680 --> 00:38:35,720 This is a. I I think Simon said in the last 746 00:38:35,720 --> 00:38:38,280 session, he's like, this is going to be a Titanic problem to 747 00:38:38,280 --> 00:38:40,400 solve. Yeah, we've already talked about 748 00:38:40,400 --> 00:38:45,960 like the separation of duties within the hacker community, 749 00:38:45,960 --> 00:38:47,760 right? Some people go and steal the 750 00:38:47,760 --> 00:38:51,840 credentials with fishing or whatever method they use and 751 00:38:51,840 --> 00:38:54,600 sell them. The people who buy them just 752 00:38:54,600 --> 00:38:57,960 know how to run scripts. Once they get in, it's like, OK, 753 00:38:57,960 --> 00:39:01,720 I'm on this machine now. I'm going to try these 10 or 15 754 00:39:01,720 --> 00:39:06,220 things I can do to escalate my privileges or see how I can move 755 00:39:06,220 --> 00:39:07,860 laterally. Exactly. 756 00:39:08,020 --> 00:39:10,860 I I didn't go to cooking school. I'm not going to say if I'm a 757 00:39:10,860 --> 00:39:13,300 good cooker or bad cook, but I can follow a recipe. 758 00:39:14,260 --> 00:39:16,580 I can follow a recipe. Makes them feel a good cookie 759 00:39:16,580 --> 00:39:19,340 would have, said Chef. There we go. 760 00:39:19,420 --> 00:39:22,780 There we go. But I mean you know we could if 761 00:39:22,780 --> 00:39:25,620 you break it down and and people can follow recipes. 762 00:39:25,620 --> 00:39:29,140 And I, I, I, I know one of the talks today. 763 00:39:29,140 --> 00:39:31,180 When? When I can't remember the 764 00:39:31,180 --> 00:39:33,110 speaker's name. It drogged my memory. 765 00:39:33,110 --> 00:39:37,910 It's been a long day but when she was going through all the 766 00:39:37,910 --> 00:39:41,990 stuff with ChatGPT and she showed an Icelandic banking 767 00:39:42,070 --> 00:39:45,270 attack and it's like, hey, I think there was only what, few 768 00:39:45,270 --> 00:39:47,510 100,000 people who could speak Icelandic. 769 00:39:47,750 --> 00:39:50,950 But now with the advent of ChatGPT, everyone can, everyone 770 00:39:50,950 --> 00:39:52,830 can. I can make a phishing campaign 771 00:39:53,150 --> 00:39:56,030 that's in a that's in a that's in Icelandic. 772 00:39:56,030 --> 00:39:57,790 Sorry. And. 773 00:39:58,400 --> 00:40:01,400 Now as a result, a lot some of the Icelandic banks are like, 774 00:40:01,400 --> 00:40:04,440 wait a minute, are the number of phishing attacks just increased? 775 00:40:04,720 --> 00:40:06,840 You know, it's like, well ChatGPT made it easy. 776 00:40:07,200 --> 00:40:11,600 So I think to Jim's point, you know, unfortunately a lot of 777 00:40:11,600 --> 00:40:14,320 these things are getting easier for attackers to take advantage 778 00:40:14,320 --> 00:40:15,760 of. And I think machines, just 779 00:40:17,040 --> 00:40:19,480 machines give them a massive attack surface. 780 00:40:19,480 --> 00:40:22,520 We thought humans were of decent size attack surface. 781 00:40:22,800 --> 00:40:25,400 Machines are even bigger. Is that Rachel Toback? 782 00:40:25,600 --> 00:40:26,680 Yes. So, yeah. 783 00:40:26,840 --> 00:40:28,200 Credit where Credit's. Yes. 784 00:40:28,200 --> 00:40:31,000 Yes. Sorry, my brain is my brain's 785 00:40:31,000 --> 00:40:34,240 fried today, but. Well, if your if your security 786 00:40:34,240 --> 00:40:36,880 strategy relies on people not knowing how to speak your 787 00:40:36,880 --> 00:40:41,320 language you know, you probably should be thinking of other lay 788 00:40:41,320 --> 00:40:43,080 other layers to that security onion. 789 00:40:43,080 --> 00:40:45,280 You should be building exactly exactly. 790 00:40:45,560 --> 00:40:49,440 We've been talking a lot about Pam as sort of like one of the 791 00:40:49,440 --> 00:40:51,040 areas of solving this. But is it Pam? 792 00:40:51,600 --> 00:40:54,560 Maybe this is more like IGA considering the life cycle looks 793 00:40:54,560 --> 00:40:58,800 a lot like a human. Gardner has a market guide that 794 00:40:58,800 --> 00:41:01,800 talks about matching up machine accounts and to machine 795 00:41:01,800 --> 00:41:04,600 identities. Maybe IGA is we should be 796 00:41:04,600 --> 00:41:09,960 starting this if if IGA's root, you know capabilities to know 797 00:41:10,440 --> 00:41:14,200 who has access to what, how difficult is it to turn into 798 00:41:14,480 --> 00:41:18,080 what has access to what? Doesn't matter if it's a human 799 00:41:18,080 --> 00:41:21,160 or non human. Is IGAA place that we should be 800 00:41:21,160 --> 00:41:23,320 looking at to store these accounts or at least to 801 00:41:23,960 --> 00:41:26,920 inventory them and start to at least try to manage or govern 802 00:41:26,920 --> 00:41:29,840 them. So I I actually do think IGA is 803 00:41:29,840 --> 00:41:30,800 so. So I agree with you. 804 00:41:30,800 --> 00:41:33,920 I think IGA is a a big part of the core. 805 00:41:34,640 --> 00:41:40,840 But again I think if you think about when I describe the 806 00:41:41,480 --> 00:41:45,680 identity life cycle, there's onboarding, there's the creation 807 00:41:45,680 --> 00:41:50,010 of this identity. IGA could play a role there, but 808 00:41:50,010 --> 00:41:54,250 it could also be IGA orchestrating a connection into 809 00:41:54,250 --> 00:41:56,730 let's just say the identity is deemed that it needs to be a 810 00:41:56,730 --> 00:41:59,650 certificate coming from a certificate authority. 811 00:42:00,690 --> 00:42:02,250 IGA doesn't traditionally do that. 812 00:42:02,690 --> 00:42:05,730 So you're going to need some kind of orchestration capability 813 00:42:05,730 --> 00:42:09,370 to call out to a certificate authority which could be on Prem 814 00:42:09,370 --> 00:42:11,730 or in the cloud and then you know pulls it in. 815 00:42:11,730 --> 00:42:13,490 So. So I agree that I think IGA is 816 00:42:13,490 --> 00:42:16,720 at the is that really when you distill it down is really the 817 00:42:16,720 --> 00:42:19,480 core because it is about governance and administration 818 00:42:19,480 --> 00:42:22,480 and all that. But I think what IGA is missing, 819 00:42:22,480 --> 00:42:25,400 the traditional part, which is there's going to be a lot of 820 00:42:25,400 --> 00:42:28,240 heavy lifting here is the orchestration side of it. 821 00:42:28,520 --> 00:42:30,960 There really has to be a lot of, again, you need to say what kind 822 00:42:30,960 --> 00:42:32,960 of machine is it. It's something that needs a 823 00:42:32,960 --> 00:42:35,040 certificate. We need certificate authority. 824 00:42:36,080 --> 00:42:38,720 It's this other kind of machine that just needs a secret, OK? 825 00:42:38,720 --> 00:42:41,400 It needs to go into some kind of secret manager to generate a 826 00:42:41,400 --> 00:42:44,040 secret and pull it out. That could be a Pam function, 827 00:42:44,300 --> 00:42:48,620 but it's IGA at the core. It could be a symmetric key, it 828 00:42:48,620 --> 00:42:50,820 could be, you know a whole variety of things. 829 00:42:50,820 --> 00:42:55,500 So I think it's it's it's we can take the classic notion of IGA, 830 00:42:55,660 --> 00:42:59,740 but it has to be augmented to in order to I I I think really 831 00:42:59,740 --> 00:43:03,380 fulfil the variety of the different types of use cases. 832 00:43:03,380 --> 00:43:08,340 And the last thing I'll say, Jeff is that you mentioned it 833 00:43:08,340 --> 00:43:13,540 earlier, but the velocity of these things is going to 834 00:43:13,700 --> 00:43:17,300 absolutely mean that anyone who's running this 835 00:43:17,460 --> 00:43:20,700 infrastructure that would create or destroy these machine 836 00:43:20,700 --> 00:43:23,420 identities, it really has to be like. 837 00:43:23,900 --> 00:43:25,860 Super critical. Now it's Tier 1. 838 00:43:26,100 --> 00:43:29,380 Whatever the highest thing is to make sure it's got the 839 00:43:29,380 --> 00:43:33,470 appropriate resources back up. You know recovery plant like all 840 00:43:33,470 --> 00:43:36,030 that stuff, it's, it's critical infrastructure for the 841 00:43:36,030 --> 00:43:38,910 organization, correct, Correct. And even if we look at, again, I 842 00:43:38,910 --> 00:43:40,870 keep coming back to certificates because certificates are 843 00:43:40,870 --> 00:43:43,870 actually a good, a good best practice for what When I was at 844 00:43:43,870 --> 00:43:49,350 Gartner, we talked about PKI and IoT authentication, digital 845 00:43:49,350 --> 00:43:52,070 certificates, that kind of form. And even when you think about 846 00:43:52,070 --> 00:43:56,150 Fido and passkeys, that's PKI based, that is the gold standard 847 00:43:56,150 --> 00:44:00,760 for authentication is using PKI. But you got to make sure that 848 00:44:00,760 --> 00:44:04,680 that is not only scalable, everyone can talk scale, it's 849 00:44:04,920 --> 00:44:07,120 response time. That's the thing that if a 850 00:44:07,120 --> 00:44:09,280 consumer is sitting there, what is that? 851 00:44:09,280 --> 00:44:11,320 Just type something in for this chat bot and it's supposed to be 852 00:44:11,320 --> 00:44:14,960 LLM based and it's taking 20 minutes to get back to me. 853 00:44:14,960 --> 00:44:16,040 They'll just kill the transaction. 854 00:44:16,120 --> 00:44:19,880 This is like when traders would buy, you know, land near. 855 00:44:20,270 --> 00:44:23,350 The circuits that were driving markets because they wanted a 856 00:44:23,350 --> 00:44:26,550 faster response time, is that where we're headed? 857 00:44:27,070 --> 00:44:31,310 We need to have your identity management nerve center next to 858 00:44:31,310 --> 00:44:34,990 wherever your bot plant is. I I will say we haven't gone far 859 00:44:34,990 --> 00:44:38,870 from that. My son who who's a teenager, he 860 00:44:38,870 --> 00:44:43,310 is big in a fortnight and we recently moved from Canada to 861 00:44:43,310 --> 00:44:48,710 the San Diego area and he's he's like, hey daddy, Oh my gosh like 862 00:44:49,010 --> 00:44:50,770 so the main servers are in Los Angeles. 863 00:44:50,770 --> 00:44:52,930 We're so close to these servers. We're so. 864 00:44:53,050 --> 00:44:55,770 Way down now, Yeah. So he's not on like those 865 00:44:55,770 --> 00:45:00,850 traders, he's he's and then he keeps riding me to keep bumping 866 00:45:00,850 --> 00:45:06,490 up our bandwidth, you know? Can we get T1 lines, Daddy? 867 00:45:06,650 --> 00:45:08,770 Yeah. You don't really need T1. 868 00:45:08,770 --> 00:45:12,210 What you need is is symmetrical speeds. 869 00:45:12,630 --> 00:45:16,190 Because everybody, for whatever reason, the US loves fast 870 00:45:16,190 --> 00:45:18,230 downloads and overhooks, fast uploads. 871 00:45:18,590 --> 00:45:21,070 So if you can get like fiber or at least a symmetrical. 872 00:45:21,070 --> 00:45:24,710 I saw like Comcast is running A2 Gigabit symmetrical through 873 00:45:24,710 --> 00:45:28,150 coax, which I don't think was possible to figure out a way to 874 00:45:28,150 --> 00:45:30,030 do it. So now you're talking about 875 00:45:30,030 --> 00:45:33,550 instantaneous responses back and forth, which is crazy. 876 00:45:33,590 --> 00:45:37,190 I I'm sure they'll charge an arm and leg for it, but for people 877 00:45:37,190 --> 00:45:39,910 like. Me and Jim and others and like 878 00:45:39,910 --> 00:45:43,990 yourself right, who are doing audio, video, that instantaneous 879 00:45:44,430 --> 00:45:46,910 transfer back and forth is it can be a big game changer for 880 00:45:47,470 --> 00:45:49,190 our use cases. A normal person. 881 00:45:49,190 --> 00:45:51,190 I say normal person because let's be honest, we're a bunch 882 00:45:51,190 --> 00:45:54,390 of weirdos in here, but a normal person probably isn't going to 883 00:45:54,670 --> 00:45:57,830 have that as a use case. But machines, well, they need to 884 00:45:57,830 --> 00:46:01,190 move quick, fast. You know, lift fast, die hard. 885 00:46:01,350 --> 00:46:03,390 Yes, all that stuff. I like what you did there. 886 00:46:03,390 --> 00:46:05,590 I like what you did there but but no but that that is a a 887 00:46:05,870 --> 00:46:10,870 straight up legit point because I mean what we also didn't talk 888 00:46:10,870 --> 00:46:13,870 about as well so far is the machine to machine 889 00:46:13,870 --> 00:46:17,190 communication. So imagine if you have like to 890 00:46:17,190 --> 00:46:20,550 an autonomous agent that's working for Jim and Jim has 891 00:46:20,550 --> 00:46:24,550 given it instructions to to to say OK I need you to do trades 892 00:46:24,550 --> 00:46:27,870 for me or do whatever for me and you give it its rules and you 893 00:46:28,680 --> 00:46:33,400 here is access to my my my bank account and when you see a stock 894 00:46:33,400 --> 00:46:37,160 do something just go you don't don't have to call me up. 895 00:46:37,160 --> 00:46:40,320 I gave you the rules of engagement go now that machine 896 00:46:40,320 --> 00:46:43,280 might talk to another machine that is actually doing maybe the 897 00:46:43,280 --> 00:46:47,120 buying and selling you know on on behalf. 898 00:46:47,160 --> 00:46:50,720 And so if you have those great connections it means that there 899 00:46:50,720 --> 00:46:54,360 shouldn't be there's that that symmetrical upload and download 900 00:46:54,360 --> 00:46:57,260 between the two because it could be I'm using just transaction 901 00:46:57,260 --> 00:46:59,460 triggers but there could actually be you know bulk 902 00:46:59,460 --> 00:47:02,660 content that could be shared could be you know different 903 00:47:02,660 --> 00:47:04,420 types of things that that could be shared. 904 00:47:04,420 --> 00:47:08,700 So I think we're entering a really I'm I'm I'm excited about 905 00:47:08,700 --> 00:47:12,660 where we are going with everything and I think just 906 00:47:12,740 --> 00:47:15,940 first everything has to start with recognizing a problem and 907 00:47:15,940 --> 00:47:21,420 and what I'm really happy about is that for years myself and a 908 00:47:21,420 --> 00:47:24,380 few others like Eric Wahlstrom and and and some other folks in 909 00:47:24,380 --> 00:47:29,060 the industry we've been talking about this this potential 910 00:47:29,060 --> 00:47:34,220 sleeping dragon of of issues that will happen with machines. 911 00:47:34,740 --> 00:47:38,860 But no one was really maybe there was a little bit of a 912 00:47:38,860 --> 00:47:40,620 there's that's fear, uncertainty, doubt. 913 00:47:40,980 --> 00:47:44,340 But I think we're getting to a place now where people start to 914 00:47:44,340 --> 00:47:48,060 see it and and my hope is is that the industry will rally 915 00:47:48,060 --> 00:47:50,220 together because it's not going to be 1 vendor that's going to 916 00:47:50,220 --> 00:47:52,460 be able to do this. It has to be all of us. 917 00:47:52,740 --> 00:47:55,660 The cloud providers I think are taking it seriously. 918 00:47:56,720 --> 00:48:00,680 For their cloud, for their. Well, no, I think I think you're 919 00:48:00,680 --> 00:48:05,200 touching on the top most important issues and this kind 920 00:48:05,200 --> 00:48:08,320 of starts back with Jeff's question around what's IG as 921 00:48:08,320 --> 00:48:10,080 role. Well, I think the IGA vendor 922 00:48:10,080 --> 00:48:13,600 thinks they can solve it, but they take on the piece where 923 00:48:13,600 --> 00:48:17,200 their tool works well, Privilege access management kind of the 924 00:48:17,200 --> 00:48:20,840 same thing. Access management vendors kind 925 00:48:20,840 --> 00:48:24,120 of say, well, the authentication is what really matters. 926 00:48:24,470 --> 00:48:25,550 OK. Well, there's all the other 927 00:48:25,550 --> 00:48:28,070 stuff too. Right now, you have new markets 928 00:48:28,070 --> 00:48:31,790 springing up with like the Kim or Keem, whatever you want to 929 00:48:31,790 --> 00:48:37,950 call it. So I'm not sure if if you have 930 00:48:37,950 --> 00:48:40,870 an answer for that or it's just like it's the evolving space. 931 00:48:40,870 --> 00:48:43,510 One of the things I wanted to do is recognize you like you're 932 00:48:43,510 --> 00:48:46,990 taking on this issue at a conference and it's not a solved 933 00:48:46,990 --> 00:48:48,310 issue. This is not. 934 00:48:49,100 --> 00:48:51,100 We're not at the space. We're like, yeah, we figured 935 00:48:51,100 --> 00:48:53,060 this out and here's the road map. 936 00:48:53,060 --> 00:48:54,700 Now I'm going to lay out the road map for you. 937 00:48:54,700 --> 00:48:57,260 What you're going to be talking through is like, there's a lot 938 00:48:57,260 --> 00:48:59,420 of hard problems. They're not solved by the 939 00:48:59,420 --> 00:49:02,100 industry. Here's I don't know how I think 940 00:49:02,100 --> 00:49:04,340 about them. Yeah, I I love that. 941 00:49:04,340 --> 00:49:09,620 So again, you know Gartner like really burnt in me the notion of 942 00:49:09,620 --> 00:49:13,540 like always leaving clients with recommendations and a path 943 00:49:13,540 --> 00:49:15,560 forward. So absolutely I'm not going to 944 00:49:15,560 --> 00:49:17,600 go up on stage today. OK, Doom and gloom everyone. 945 00:49:17,600 --> 00:49:19,440 I'm going to obsess about the problem and see your time. 946 00:49:19,440 --> 00:49:20,680 See you. Thanks for your time. 947 00:49:20,880 --> 00:49:24,960 Bye. No, in the presentation I have 948 00:49:24,960 --> 00:49:28,000 clear recommendations which I can, I can mention a few here 949 00:49:28,000 --> 00:49:33,160 and I I believe I did. But so you know, I'll reiterate, 950 00:49:34,080 --> 00:49:37,330 always start with discovery, enumerate and discover what 951 00:49:37,330 --> 00:49:38,850 machine. Well, first of all define 952 00:49:39,010 --> 00:49:40,850 machine identities. And if you're a Gartner client, 953 00:49:40,850 --> 00:49:42,570 look at Gartner's research. But there's more and more 954 00:49:42,570 --> 00:49:45,130 research out there that's, that's that or you can you can 955 00:49:45,130 --> 00:49:49,930 hit me up and ask me, right. But identify the machines in 956 00:49:49,930 --> 00:49:53,850 your environment do some kind of discovery process that's kind of 957 00:49:54,010 --> 00:49:56,930 you know, part of your you know your your first journey which 958 00:49:56,930 --> 00:49:59,930 would include some tooling and and so on and so forth. 959 00:50:02,090 --> 00:50:05,840 Start to think about the teams. Establish a physical and or 960 00:50:05,840 --> 00:50:07,840 virtual team. There might be some developers 961 00:50:07,840 --> 00:50:10,240 that might be in the group, maybe some of your IM team, 962 00:50:10,320 --> 00:50:11,840 maybe some of your cybersecurity team. 963 00:50:11,840 --> 00:50:16,480 Because inevitably there will be cryptography based machine 964 00:50:16,480 --> 00:50:19,000 identities. Is that someone that's 965 00:50:19,000 --> 00:50:22,040 traditionally in your IM group or are they in the cybersecurity 966 00:50:22,040 --> 00:50:26,160 group that maybe you've tagged a network infrastructure person to 967 00:50:26,160 --> 00:50:28,480 your PKI. Someone who knows PKI is 968 00:50:28,480 --> 00:50:29,960 probably a good person to have on that team. 969 00:50:30,960 --> 00:50:33,840 The other thing I mentioned too I alluded to is the risk. 970 00:50:34,660 --> 00:50:36,740 So when you identify what machines are in your 971 00:50:36,740 --> 00:50:40,100 environment, also segment them and prioritize them based on 972 00:50:40,100 --> 00:50:44,180 risks. So what machines have, you know, 973 00:50:44,180 --> 00:50:47,780 access to things that are really risky and what machines have 974 00:50:47,780 --> 00:50:49,980 access to things that are maybe somewhere in the middle and then 975 00:50:49,980 --> 00:50:52,340 stuff that, you know what if that got breached, it it's 976 00:50:52,340 --> 00:50:54,660 segmented out, it wouldn't be a problem. 977 00:50:54,660 --> 00:50:58,260 That's also handy too. So those are the first pieces 978 00:50:58,260 --> 00:51:03,240 that I would, I would recommend and just understand that it's 979 00:51:03,240 --> 00:51:06,640 totally a new space, so it's OK to be, you know, no one's behind 980 00:51:06,640 --> 00:51:08,680 here, we're all just learning here. 981 00:51:08,800 --> 00:51:12,760 If anything, we're we're keeping up just by even knowing and 982 00:51:12,760 --> 00:51:14,520 understanding that there is a problem here that we need to 983 00:51:14,520 --> 00:51:16,880 address exactly. I mean just you want Tactical 1, 984 00:51:16,880 --> 00:51:18,960 so this is something Simon mentioned. 985 00:51:19,240 --> 00:51:24,320 It's like 70% of respondents to a survey question was machine 986 00:51:24,320 --> 00:51:27,160 accounts should use multi factor authentication. 987 00:51:28,240 --> 00:51:31,320 Where do you stand on that? Yeah, 100%. 988 00:51:31,600 --> 00:51:34,680 We're getting to a point where something, let me just start 989 00:51:34,680 --> 00:51:36,600 this way as in terms of evolution, when you talked about 990 00:51:36,760 --> 00:51:39,880 Pam talking about the evolution of the Microsoft Authenticator, 991 00:51:40,360 --> 00:51:42,360 it's the evolution of thinking about machine identities. 992 00:51:42,840 --> 00:51:47,080 You know, when we think about Pam, you know, years ago it was 993 00:51:47,080 --> 00:51:51,000 just we had Pam on its own and then it's like, wait a minute, 994 00:51:51,000 --> 00:51:53,760 Pam needs to be bolted in with MFA and hopefully other 995 00:51:53,760 --> 00:51:57,160 passwordless strong Fido based methods, right? 996 00:51:57,160 --> 00:52:00,430 Because why would you have a privileged user that's not using 997 00:52:00,430 --> 00:52:02,870 that, right. So that that just is laughable 998 00:52:02,870 --> 00:52:04,670 at this point, right? We have to do that. 999 00:52:05,710 --> 00:52:07,110 We're not doing that for machines. 1000 00:52:07,470 --> 00:52:10,630 So when I saw Simon's data, I I totally agree with that. 1001 00:52:10,630 --> 00:52:15,190 I think machines have to have strong identities and with that 1002 00:52:15,190 --> 00:52:20,310 it should come part and parcel with some kind of authentication 1003 00:52:20,310 --> 00:52:23,990 risk, view cause like a machine again in that that journey, just 1004 00:52:23,990 --> 00:52:26,670 because that machine exists and it's allowed to exist, and let's 1005 00:52:26,670 --> 00:52:30,000 just say it's not ephemeral and it goes to authenticate to a 1006 00:52:30,000 --> 00:52:33,280 certain resource, should it be allowed access to that resource 1007 00:52:33,280 --> 00:52:35,840 at that time, Maybe there's an attack going on in the 1008 00:52:35,840 --> 00:52:39,600 organization. It's like this bot that's a 1009 00:52:39,600 --> 00:52:42,920 clone of Jim shouldn't be allowed to access the credit 1010 00:52:42,920 --> 00:52:45,440 card database right now because we're under attack right now, 1011 00:52:46,280 --> 00:52:48,220 right? So. 1012 00:52:48,220 --> 00:52:50,900 So I think all these things need to start to come together, and 1013 00:52:50,900 --> 00:52:52,060 we're just not doing that right now. 1014 00:52:52,060 --> 00:52:55,580 If a machine wants has access in your environment and it wants to 1015 00:52:55,580 --> 00:52:57,740 walk into a credit card database, it could do that, 1016 00:52:57,860 --> 00:52:59,620 which is, by the way, that's malware. 1017 00:52:59,780 --> 00:53:01,620 That's ransomware. Ransomware is a machine I was. 1018 00:53:01,620 --> 00:53:02,660 Going to say you just described it. 1019 00:53:02,940 --> 00:53:07,300 Yeah, ransomware is a machine. And in terms of managing machine 1020 00:53:07,300 --> 00:53:11,620 accounts, you know we talked about AI, generative AI in terms 1021 00:53:11,620 --> 00:53:16,460 of kind of the bots but. Did you see a role for AI 1022 00:53:16,460 --> 00:53:18,580 relative to machine account management? 1023 00:53:19,140 --> 00:53:21,780 Oh. The bots watching the bots. 1024 00:53:22,700 --> 00:53:24,540 Is this how the matrix started? Yes. 1025 00:53:24,860 --> 00:53:28,300 So so or or or Terminator with Skynet. 1026 00:53:28,420 --> 00:53:32,620 Yeah. I mean you know it it's there is 1027 00:53:32,620 --> 00:53:36,500 a point where the the look the bad actors are already starting 1028 00:53:36,500 --> 00:53:40,220 to use you know evil GBT, fraud GBT like was discussed today in 1029 00:53:40,220 --> 00:53:45,300 in in the keynote I I transmit our researchers are certainly 1030 00:53:45,300 --> 00:53:48,460 seeing that like we're seeing the threat environment just 1031 00:53:48,820 --> 00:53:52,620 really quickly has done a huge phase change and so they have 1032 00:53:52,620 --> 00:53:56,500 this now access to all this stuff and we do have to fight 1033 00:53:56,500 --> 00:53:58,740 fire with fire. It's all we it always has been 1034 00:53:58,740 --> 00:54:02,180 and always will be an arms race and it's like the situation 1035 00:54:02,180 --> 00:54:05,900 where if someone is firing tons of missiles at you or you gonna 1036 00:54:05,900 --> 00:54:09,570 have humans on the ground you know shooting shooting them down 1037 00:54:09,570 --> 00:54:11,730 manually. No you're going to need a system 1038 00:54:11,730 --> 00:54:16,050 that is automated and is using AIML to fight back. 1039 00:54:16,450 --> 00:54:18,650 So I'll I'll just say this legitimately. 1040 00:54:18,650 --> 00:54:20,770 We saw how good that works if you ever played Missile Command, 1041 00:54:21,610 --> 00:54:22,690 right? Well, yeah, exactly. 1042 00:54:22,690 --> 00:54:24,090 Yeah, right. That's what you're going to 1043 00:54:24,090 --> 00:54:24,570 lose. Yeah. 1044 00:54:24,610 --> 00:54:27,810 I mean, well, so there's a couple ways I think about AIML 1045 00:54:27,810 --> 00:54:30,730 and benefiting, let's just say, security and identity leaders. 1046 00:54:31,010 --> 00:54:38,100 One is there's AIML tools that hopefully your vendors are 1047 00:54:38,100 --> 00:54:41,860 starting to build to help with administering and managing the 1048 00:54:41,860 --> 00:54:44,420 stuff, right? So think about access 1049 00:54:44,420 --> 00:54:46,860 certifications when you think about governance, right? 1050 00:54:46,860 --> 00:54:49,900 Like for years they talked about identity intelligence. 1051 00:54:50,220 --> 00:54:54,700 I think now we have the technology for vendors to apply 1052 00:54:54,700 --> 00:54:57,860 that to give you a better idea, be like anticipate all these 1053 00:54:57,860 --> 00:55:00,700 recertifications I need to do so I don't have to do it manually. 1054 00:55:01,250 --> 00:55:04,210 That would be nice. Or short circuit like can I 1055 00:55:04,210 --> 00:55:08,730 interface with a chat bot where I'm like, how do I set up this 1056 00:55:08,730 --> 00:55:10,530 certain policy within this product? 1057 00:55:10,770 --> 00:55:12,930 And I can just type in two things and boom, it tells me 1058 00:55:12,930 --> 00:55:15,810 what to do. So that's where I see the first. 1059 00:55:16,170 --> 00:55:18,010 I've seen many. I've been briefed by many 1060 00:55:18,010 --> 00:55:21,090 vendors and that's where I see a lot of the quote UN quote, 1061 00:55:21,090 --> 00:55:25,610 innovation right now today. But the other aspect is how that 1062 00:55:25,610 --> 00:55:29,450 technology can be used to fight bad actors. 1063 00:55:29,450 --> 00:55:34,090 So monitoring machine identity behavior, and then if something 1064 00:55:34,090 --> 00:55:37,170 happens it's weird. Then it can respond either by 1065 00:55:37,330 --> 00:55:40,930 terminating that machine. Or pause the transaction, pause 1066 00:55:41,370 --> 00:55:44,010 exactly or stop and get more information. 1067 00:55:44,250 --> 00:55:47,650 So it's similar with like risk based authentication on the 1068 00:55:47,650 --> 00:55:51,330 human side going back to what you're saying as well with with 1069 00:55:51,410 --> 00:55:55,330 the, you know the the 70 some percent of of people saying 1070 00:55:55,330 --> 00:55:58,800 machines should have MFA. Hopefully that's what what you 1071 00:55:58,800 --> 00:56:01,400 know people were thinking as well they should have risk based 1072 00:56:01,840 --> 00:56:04,600 kind of authentication for these machines as well and if 1073 00:56:04,600 --> 00:56:06,160 something's weird they're just just stop it. 1074 00:56:06,160 --> 00:56:09,560 That's where I see AI now, also helping the fight here. 1075 00:56:10,520 --> 00:56:12,800 Excellent. So we'll start to wrap up 1076 00:56:12,800 --> 00:56:14,920 because we're about to hit an hour here and I want to be 1077 00:56:14,920 --> 00:56:18,000 respectful of your time, but you may be super jealous this 1078 00:56:18,000 --> 00:56:20,040 morning when you started showing me some pictures on your phone. 1079 00:56:20,360 --> 00:56:24,600 No, not like that. Star Wars Rise of the 1080 00:56:24,600 --> 00:56:26,760 Resistance. You went to this? 1081 00:56:27,380 --> 00:56:30,500 This is Disneyland. Disneyland. 1082 00:56:30,500 --> 00:56:32,540 Yep. And I want to know everything 1083 00:56:32,540 --> 00:56:34,860 about it. Yeah, yeah. 1084 00:56:34,860 --> 00:56:37,060 So you give me two minutes. No, no, no. 1085 00:56:37,580 --> 00:56:40,860 You got as much time as you need so recently did did a did an 1086 00:56:40,860 --> 00:56:45,900 amazing family trip to to Disneyland and we were lucky 1087 00:56:45,900 --> 00:56:49,740 enough to make it on the ride. I would actually say it's it's a 1088 00:56:49,740 --> 00:56:51,180 ride. It's also an experience. 1089 00:56:52,100 --> 00:56:54,140 Star Wars, Rise of the Resistance. 1090 00:56:54,140 --> 00:56:56,500 I think I got the name right and it was Rise of the Resistance 1091 00:56:56,980 --> 00:57:01,820 Usually it's a long wait you know we we we got in at with 1092 00:57:01,820 --> 00:57:04,380 decent decent timing amazing ride. 1093 00:57:04,380 --> 00:57:07,940 So it's themed after kind of the newer Star Wars movies. 1094 00:57:08,140 --> 00:57:11,540 So like Kylo Ren and all that and the the story and I don't 1095 00:57:11,540 --> 00:57:15,900 want to ruin it but the premise is, is that you you kind of come 1096 00:57:15,900 --> 00:57:20,500 in and and the cast members at Disney, they're all in character 1097 00:57:20,500 --> 00:57:21,780 and they don't break their character. 1098 00:57:22,660 --> 00:57:25,300 You know you they're like, hey you you're thank you for joining 1099 00:57:25,300 --> 00:57:26,940 the resistance. You're part of the Resistance. 1100 00:57:26,940 --> 00:57:29,980 We're going to share with you a secret base location. 1101 00:57:30,580 --> 00:57:33,580 And then you go on some, you go outside, you see all this cool 1102 00:57:33,580 --> 00:57:37,220 stuff, you go on the ship, you're flying and then suddenly 1103 00:57:37,220 --> 00:57:40,580 the Star Destroyers with Kylo Ren, they board you because they 1104 00:57:40,580 --> 00:57:43,500 believe that you have the location of some base, but you 1105 00:57:43,500 --> 00:57:45,340 deny it. Then you're on like a Star 1106 00:57:45,340 --> 00:57:47,780 Destroyer with like hundreds of Stormtroopers on this. 1107 00:57:47,780 --> 00:57:50,480 It's amazing. And then, you know, then you go 1108 00:57:50,480 --> 00:57:52,320 on kind of the ride, if you will, so. 1109 00:57:52,520 --> 00:57:56,320 So when you say on like you're you're not talking about like 1110 00:57:56,320 --> 00:58:00,720 watching a video, right? You're in this thing or you're 1111 00:58:00,720 --> 00:58:02,160 help me understand the perspective here. 1112 00:58:02,520 --> 00:58:05,880 You're in this thing. You're seeing stuff. 1113 00:58:06,320 --> 00:58:11,080 You're it's a blend of multimodal multimedia. 1114 00:58:11,720 --> 00:58:14,920 Wind blows on you and stuff like, oh, you feel everything, 1115 00:58:15,040 --> 00:58:17,600 See shakes, Yeah, you feel everything. 1116 00:58:17,840 --> 00:58:22,000 It it it goes beyond just a ride that you get on it just it takes 1117 00:58:22,000 --> 00:58:25,320 you somewhere or you sit in something and hear music and it, 1118 00:58:25,440 --> 00:58:29,080 I mean it, it really does try to tap into all your senses and and 1119 00:58:29,080 --> 00:58:32,040 everything. And I was blown away. 1120 00:58:32,040 --> 00:58:36,790 Probably one of the most enjoyable experiences you know, 1121 00:58:36,790 --> 00:58:38,510 I've had after. Honestly, after we did that, I 1122 00:58:38,510 --> 00:58:41,150 think we did it around midday, a full day at Disneyland. 1123 00:58:41,150 --> 00:58:43,790 I was like that's it. Everything right now, right? 1124 00:58:44,190 --> 00:58:45,430 Yeah. I mean, everything else is 1125 00:58:45,430 --> 00:58:47,550 great, don't get me wrong, but I was like, if we went home now, I 1126 00:58:47,550 --> 00:58:49,310 I wouldn't be disappointed. That'd be fine. 1127 00:58:49,830 --> 00:58:53,470 How long was the experience? That's a good question. 1128 00:58:54,830 --> 00:58:57,750 It probably felt like it. If it, if it, if I feel like if 1129 00:58:57,750 --> 00:58:59,870 it's a good experience and you're into it, it goes fast, 1130 00:58:59,870 --> 00:59:01,910 right, 'cause you're engaged throughout the whole time? 1131 00:59:02,750 --> 00:59:04,950 Is it 5 minutes? Is it like half an hour? 1132 00:59:04,950 --> 00:59:07,910 To me it it felt so. I I I agree with you like it 1133 00:59:07,910 --> 00:59:11,630 definitely had experiences where it felt you know like good ones. 1134 00:59:11,630 --> 00:59:13,870 It felt like it went by fast. It didn't feel like it went by 1135 00:59:13,870 --> 00:59:19,020 fast. It it felt to me like it was 15 1136 00:59:19,020 --> 00:59:20,300 minutes long. It probably wasn't. 1137 00:59:20,300 --> 00:59:23,900 It was probably like 5 but. You're so into it and it's such 1138 00:59:23,980 --> 00:59:26,020 a good experience. Felt like 15 minutes and just 1139 00:59:26,020 --> 00:59:29,220 everything that you're that, that that your senses pick up 1140 00:59:29,220 --> 00:59:31,660 when your body picks up. It just was that. 1141 00:59:31,660 --> 00:59:36,180 And if you love those movies and just Star Wars genre, not all, 1142 00:59:36,180 --> 00:59:39,180 not only is that experience and ride great, but the whole 1143 00:59:39,180 --> 00:59:42,420 environment around it because you you walk into Star Wars 1144 00:59:42,420 --> 00:59:45,260 Galaxy edge and it's like it's a new world. 1145 00:59:45,260 --> 00:59:48,330 Even the restaurants are seemed like indoor. 1146 00:59:48,330 --> 00:59:51,010 We had Endorian chicken, which is another thing, right? 1147 00:59:51,010 --> 00:59:53,530 It tastes like chicken and they have blue milk there too, like 1148 00:59:53,810 --> 00:59:56,170 blue milk and everything. It's really, really cool. 1149 00:59:56,730 --> 01:00:00,010 But when you when you when you go on it's like you're on the 1150 01:00:00,010 --> 01:00:03,250 bridge of a or you're in you're in the hangar Bay of a Star 1151 01:00:03,250 --> 01:00:06,010 Destroyer. It it's really cool and how the 1152 01:00:06,010 --> 01:00:08,530 the backdrop behind the stormtroopers looks like a 1153 01:00:08,530 --> 01:00:11,210 shield with space raw space behind them. 1154 01:00:11,770 --> 01:00:14,450 They did a good job. I really have to applaud the the 1155 01:00:14,450 --> 01:00:18,570 team at at Disney for for doing that because it you know, it it 1156 01:00:18,570 --> 01:00:22,450 goes back to the, you know, the Imagineers I guess, right. 1157 01:00:22,450 --> 01:00:25,690 And I just think you know, amazing amazing job. 1158 01:00:25,690 --> 01:00:28,650 We need some Imagineers to come in and help us in the IM space. 1159 01:00:28,690 --> 01:00:31,010 I think you know. Can you imagine an Identity and 1160 01:00:31,010 --> 01:00:35,170 Access Management theme park? Oh yeah, that what that would 1161 01:00:35,170 --> 01:00:36,990 even like. Yeah. 1162 01:00:37,790 --> 01:00:40,230 Well, we would have, you know, Disney has the magic bands. 1163 01:00:40,670 --> 01:00:43,070 We would have like our pass key bands, you know? 1164 01:00:44,430 --> 01:00:46,550 What would be like the the top drawing ride? 1165 01:00:46,550 --> 01:00:49,430 That's a good question, Jim. What do you think? 1166 01:00:49,670 --> 01:00:52,510 I think humbersome, this is so lame. 1167 01:00:54,350 --> 01:00:57,070 Although I will say my my son said he looked at me and he and 1168 01:00:57,070 --> 01:01:01,070 again he's a teenager and he goes, hey daddy why don't why 1169 01:01:01,070 --> 01:01:04,910 don't they have like Austin Powers land you know or like 1170 01:01:04,910 --> 01:01:08,390 Towers Land, Beetlejuice Land or like he just started dropping 1171 01:01:08,390 --> 01:01:12,190 these other like cool kind of movies like you know, I said 1172 01:01:12,190 --> 01:01:14,310 what about Anchorman lands or you know. 1173 01:01:14,630 --> 01:01:17,190 They spent a lot of money for the Star Wars. 1174 01:01:17,590 --> 01:01:19,350 Be dead. It's unfortunate they shut down 1175 01:01:19,350 --> 01:01:21,950 the the, the hotel. I think though there was like a 1176 01:01:21,950 --> 01:01:24,750 hotel experience and I think I heard that they decided to shut 1177 01:01:24,750 --> 01:01:26,730 it down. It wasn't, yeah, I think. 1178 01:01:27,090 --> 01:01:30,570 I've heard really good things about it and I guess it was too 1179 01:01:30,570 --> 01:01:32,050 expensive or something. I don't know. 1180 01:01:32,050 --> 01:01:33,290 Just can't. I missed out on that one. 1181 01:01:33,810 --> 01:01:36,330 I can't always have nice things. I know I missed out on that too. 1182 01:01:36,330 --> 01:01:39,010 I remember talking about that. But then COVID happened. 1183 01:01:39,010 --> 01:01:40,410 I don't know. I don't know if it had. 1184 01:01:40,770 --> 01:01:43,650 Who knows? But But either way, I would 1185 01:01:43,650 --> 01:01:47,610 highly recommend. I haven't been to Disney World. 1186 01:01:47,930 --> 01:01:50,250 I haven't experienced their Star Wars thing. 1187 01:01:50,250 --> 01:01:52,090 So it was just Disneyland. So that one's in kind. 1188 01:01:52,090 --> 01:01:53,730 Of difference is Disneyland is in. 1189 01:01:54,070 --> 01:01:56,030 California and Disney World is Florida, correct. 1190 01:01:56,030 --> 01:01:59,550 So the weather is going to be a lot better in California, yes. 1191 01:01:59,550 --> 01:02:01,590 But it's not as big. I mean, Disney World is huge. 1192 01:02:01,590 --> 01:02:04,470 I've been to both. It's not even close. 1193 01:02:04,470 --> 01:02:07,710 No, it's not even close. I think I've spent. 1194 01:02:07,710 --> 01:02:10,950 More multiple parks. In in Florida, Yeah, you've got 1195 01:02:11,270 --> 01:02:15,550 M was it MGM, Epcot, Disney itself, plus you got all the 1196 01:02:15,550 --> 01:02:18,150 resorts things. I mean, it's a whole thing, but 1197 01:02:18,150 --> 01:02:21,190 I think what? Between the two, I actually 1198 01:02:21,190 --> 01:02:25,390 prefer Disneyland better because I think the quality is higher 1199 01:02:25,390 --> 01:02:28,950 even though there's fewer things compared to Disney World in 1200 01:02:28,950 --> 01:02:31,950 Florida, which is there's a ton of stuff to do, but the quality 1201 01:02:31,950 --> 01:02:35,910 is very inconsistent. Like for me, Space Mountain and 1202 01:02:35,910 --> 01:02:39,070 Disney World Classic, but I don't care about anything else 1203 01:02:39,070 --> 01:02:39,550 there. When my. 1204 01:02:39,550 --> 01:02:42,630 Kids were very young, was when Cars was the movie. 1205 01:02:42,630 --> 01:02:46,710 Cars was hot, and there's Hollywood studios, and they had. 1206 01:02:47,460 --> 01:02:49,740 Cars everywhere. It was like my. 1207 01:02:49,780 --> 01:02:53,260 Kids were just drawn in, so they have that. 1208 01:02:53,820 --> 01:02:57,820 So I actually, I should, I should say this, but it was kind 1209 01:02:57,820 --> 01:03:01,780 of cool, ran into a YouTube in the park and he was like so Cal 1210 01:03:01,860 --> 01:03:04,380 Disney dad. And we got so many great tips 1211 01:03:04,700 --> 01:03:07,980 from watching his video in the lead up to us doing this trip. 1212 01:03:07,980 --> 01:03:10,740 So it was like my kids were kind of excited when they saw him. 1213 01:03:10,740 --> 01:03:14,420 You know, it's like, because he's like an influencer, much 1214 01:03:14,420 --> 01:03:18,410 like you guys as well, right? And so it's no, it's it's true. 1215 01:03:18,410 --> 01:03:19,890 It's right. You don't know. 1216 01:03:19,930 --> 01:03:23,650 Go on. But it's really cool. 1217 01:03:23,650 --> 01:03:28,610 And so so but what he said was he's like, you know, Disney 1218 01:03:28,610 --> 01:03:33,850 World is very cool, but he's like one major pro when you come 1219 01:03:33,850 --> 01:03:37,970 to California because it's California Adventureland and 1220 01:03:38,330 --> 01:03:43,210 right across, like you could throw a football from one gate 1221 01:03:43,210 --> 01:03:46,650 to the other. Disneyland's on the other side 1222 01:03:46,650 --> 01:03:49,410 and downtown Disney's there. So you don't have to take all 1223 01:03:49,410 --> 01:03:53,370 these shuttles everywhere. Like you can get a really nice 1224 01:03:53,370 --> 01:03:57,730 Disney experience and I will, I will further it with Disneyland 1225 01:03:57,730 --> 01:04:03,330 is the original Disney park and it's like one of the most 1226 01:04:03,330 --> 01:04:05,410 original theme parks, I think in the world. 1227 01:04:05,410 --> 01:04:08,160 I mean, someone can correct me if I'm wrong, but YouTube videos 1228 01:04:08,160 --> 01:04:09,800 that I've watched on it, it's pretty amazing. 1229 01:04:09,800 --> 01:04:12,600 And all the tricks that Disney had to do like that that used to 1230 01:04:12,600 --> 01:04:16,520 be an orange Grove that was flat with nothing there and that was 1231 01:04:16,520 --> 01:04:19,160 transformed and and I wish I remember the name, but there's a 1232 01:04:19,160 --> 01:04:22,040 really, if you're really interested in Disney, the story 1233 01:04:22,040 --> 01:04:27,480 I find of what Walt Disney went through to get that park there 1234 01:04:27,480 --> 01:04:29,640 was incredible. Like he almost ran, ran out of 1235 01:04:29,640 --> 01:04:31,560 money. Everybody said this is an insane 1236 01:04:31,560 --> 01:04:33,520 idea. Why would people come to a theme 1237 01:04:33,520 --> 01:04:35,000 park? Like what does that even mean? 1238 01:04:35,770 --> 01:04:37,530 What is? What is the theme park? 1239 01:04:37,530 --> 01:04:39,090 Yeah, and he almost ran out of money. 1240 01:04:39,210 --> 01:04:41,250 We do the same thing in Orlando, right? 1241 01:04:41,490 --> 01:04:43,250 It was the original drain, the swamp. 1242 01:04:43,250 --> 01:04:44,970 It was like all swampland that you bought. 1243 01:04:44,970 --> 01:04:47,770 That's right. Yeah, yeah, I don't think he 1244 01:04:47,850 --> 01:04:51,810 even lived to see Disney World happen, right. 1245 01:04:51,970 --> 01:04:54,610 But anyway, But yeah, no thanks for asking. 1246 01:04:54,610 --> 01:04:57,410 It was unbelievable experience and highly recommended if you 1247 01:04:57,410 --> 01:04:59,970 love Star Wars. Well, I do and I don't. 1248 01:05:00,660 --> 01:05:02,740 And you don't. But I probably would enjoy the 1249 01:05:02,740 --> 01:05:04,060 ride. I mean the experience, right? 1250 01:05:04,100 --> 01:05:06,020 I mean, I think you can appreciate. 1251 01:05:06,020 --> 01:05:09,660 I can appreciate experience. I'd like to go to a star Star 1252 01:05:09,660 --> 01:05:12,260 Trek One star. Trek One, I'll go both. 1253 01:05:12,340 --> 01:05:15,820 I don't discriminate. I'd like to go into the hollow 1254 01:05:15,820 --> 01:05:17,780 deck. I mean, that's where we're going 1255 01:05:17,780 --> 01:05:21,020 with things like VR and AR and things like that. 1256 01:05:21,020 --> 01:05:23,980 Eventually, someday. That's it. 1257 01:05:23,980 --> 01:05:26,980 You can have experiences with that without actually being 1258 01:05:26,980 --> 01:05:31,600 there, Yeah, yeah, exactly. All right. 1259 01:05:31,600 --> 01:05:35,880 Let's go ahead and wrap it up. David, thank you so much for 1260 01:05:35,880 --> 01:05:37,720 taking time with us. Nice to see you. 1261 01:05:37,800 --> 01:05:41,360 Looking forward to your talking. You can find us on the web, 1262 01:05:41,360 --> 01:05:45,320 idacpodcast.com, Twitter at IDAC Podcasts. 1263 01:05:45,320 --> 01:05:48,800 I have a link for David and his LinkedIn if you want to share 1264 01:05:48,800 --> 01:05:52,360 Disney tips or machine identity tips or whatever, along with the 1265 01:05:52,360 --> 01:05:55,000 link to transmit security so you'll learn more about stuff 1266 01:05:55,000 --> 01:05:57,110 that he works on. What else? 1267 01:05:57,110 --> 01:06:00,670 We're on Mastodon at IDAC podcast, at infosec dot 1268 01:06:00,670 --> 01:06:05,630 exchange, connect with Jim and I at LinkedIn, like subscribe. 1269 01:06:05,750 --> 01:06:07,590 That's all the stuff that people can do to help us out. 1270 01:06:08,390 --> 01:06:11,750 Get us on the mainstage again at Keynote for for Authenticate, 1271 01:06:11,750 --> 01:06:14,790 which is very cool. Definitely a podcast highlight. 1272 01:06:14,790 --> 01:06:18,110 I think of kind of making it from 2 dudes in their basements 1273 01:06:18,230 --> 01:06:21,350 to now or you know, on a stage somewhere. 1274 01:06:21,840 --> 01:06:23,720 I think it's all of our Mastodon followers. 1275 01:06:24,480 --> 01:06:25,360 Yeah, I don't know about that one. 1276 01:06:25,880 --> 01:06:28,480 We have it out too. We have no, we've got several. 1277 01:06:29,040 --> 01:06:32,280 By far, LinkedIn is the best way to you know that we get the most 1278 01:06:32,280 --> 01:06:34,120 engagement. But I don't know. 1279 01:06:34,280 --> 01:06:37,960 I think Mastodon came along at the right time, but the 1280 01:06:37,960 --> 01:06:40,240 usability isn't quite there yet for the masses. 1281 01:06:40,840 --> 01:06:43,020 Let's wrap it up. Thanks everybody for listening 1282 01:06:43,340 --> 01:06:44,900 and we'll talk to everyone in the next one. 1283 01:06:45,820 --> 01:06:48,860 You've been listening to Identity at the Center. 1284 01:06:49,180 --> 01:06:53,300 We hope you've enjoyed the show. Make sure to like, rate and 1285 01:06:53,300 --> 01:06:56,900 review and we'll be back soon. But in the meantime, hit the 1286 01:06:56,900 --> 01:07:01,060 website at identity@thecenter.com and find 1287 01:07:01,060 --> 01:07:08,460 us on Twitter at IDAC Podcast. See you next time on identity at 1288 01:07:08,460 --> 01:07:09,420 the center.