Hi [[ session.user.profile.firstName ]]

Podcast | Becoming Identity-Aware with Identity Defined Security Alliance

In a recent report from Identity Defined Security Alliance, 79% of enterprises surveyed suffered an identity breach in the past two years. For episode 11, Executive Director for the IDSA, Julie Smith, joins us with special guest, Gil Kirkpatrick (16-time Microsoft MVP and Chief Architect at Semperis). They discuss zero-trust model initiatives, the NIST Framework, and the call for organizations to have an identity-centric strategy.



Want to learn more about IDSA?
Identity Defined Security Alliance provides vendor-neutral, free education, and resources that help organizations reduce the risk of a breach through identity-centric security strategies. To learn more, visit: https://www.idsalliance.org/
Recorded Sep 24 2020 23 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Julie Smith | Executive Director, Identity Defined Security Alliance (IDSA)
Presentation preview: Podcast | Becoming Identity-Aware with Identity Defined Security Alliance

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • An Identity-Centric Approach to Harden a COVID-19 Critical Business Dec 10 2020 5:00 pm UTC 60 mins
    George Irungu, Summa Health CISO and Paul Lanzi, Remediant Co-founder and COO
    Stories from the field on rolling out a Privileged Access Management program to a blended remote workforce

    COVID-19 came on pretty suddenly for many of us. The effect it had on the operations and IT infrastructure of health systems ratcheted up rapidly, as they tried to manage (1) an influx of patients, planned and unplanned, (2) new standard operating procedures, (3) migrating and supporting a blended on-premises / remote workforce and (4) a surge in targeted pandemic-related cyberattacks.

    Please join us to hear from George Irungu, an experienced hospital system CISO. George is joined by Paul Lanzi (COO and Co-Founder of Remediant) and will walk through how he used an identity centric approach to adapt and evolve his security program to meet hospital operational needs, manage risk and defend the patient and employee experience.
  • Healthcare Security Fireside Chat: NIST, Identity, and Ransomware Recorded: Nov 19 2020 61 mins
    Scott Breece, Community Health Systems CISO and Gil Kirkpatrick, Semperis Chief Architect
    No one can ignore the sharp uptick of hospitals victimized by ransomware. And in healthcare, the stakes are higher. Just last month, a 78-year-old patient at University Hospital Düsseldorf died after a ransomware attack crippled the hospital's IT systems and forced doctors to attempt to transfer her to another facility. It's clear just how physically dangerous cyberattacks can be, but there are no signs of attackers slowing down. Healthcare organizations, both large and small, are in the crosshairs because human collateral pays. All it takes is a user clicking on the wrong link to kick off a deadly campaign. So, what action can defenders take to avoid becoming a victim of ransomware?

    The Identity Defined Security Alliance (IDSA) provides the framework and practical guidance that helps organizations put identity at the center of their IT security strategy. In this fireside chat, Scott Breece, IDSA Advisory Board Member, and CISO at Community Health Systems, joins Gil Kirkpatrick, Chief Architect at Semperis, for a candid debate about yesteryear's best practices and how to push towards a safer tomorrow. Topics of conversation include the NIST Cybersecurity Framework, managing multiple identity systems in healthcare IT environments, and of course, ransomware.
  • Identity-Centric PAM for Cloud and DevOps Recorded: Oct 29 2020 58 mins
    Chris Owen, Director, Product Management at Centrify
    According to recent research by the Identity-Defined Security Alliance (IDSA), 59% of organizations say that cloud applications are driving a 5X increase in the number of identities over the past 10 years. And, over the past two years, 79% have had an identity-related breach.

    Digital transformation has massively expanded the threatscape, as modern technologies like cloud, DevOps, containers, microservices and more are creating an explosion in the number of machine identities in the IT estate. Now more than ever, it’s vital to take an identity-centric approach to securing privileged access to resources in on-premises, hybrid, and multi-cloud environments.

    In this webinar from Centrify, an IDSA member, we’ll explore:
    1. How organizations have evolved their use of cloud
    2. How Privileged Access Management (PAM) solutions have transformed to support new methodologies and tooling
    3. The differences between a shared account approach and identity-centric approach to PAM
    4. 6 key challenges organizations face for DevSecOps when it comes to cloud, and how to solve them
  • Panel: Future Proofing Identity Security Recorded: Oct 28 2020 52 mins
    Julie Smith, Executive Director of Identity Defined Security Alliance (IDSA)
    Sean Deuby, host of HIP podcast, sits down with industry experts and a special guest, Julie Smith.

    Julie Smith is the Executive Director of the IDSA, responsible for executing the mission on behalf of the membership and the identity and security community. Throughout her career she has held various leadership roles in technology and solutions companies, including product management, product and solutions marketing and business development. Prior to joining the IDSA, Julie spent 12 years in the identity and security industry with leading vendors and solution providers.

    Siddharth Bhai is a Product Management Lead at Google Cloud. His current focus is to provide product leadership for managed security services, which streamline customer deployments and enable enterprises to focus on the best public clouds have to offer. He has been active in the Identity & Access Management space for over a decade and enjoys working with many Fortune 1000 & emerging companies. He has spoken about Identity & Access Management at major industry conferences, including Directory Experts Conference, Microsoft TechEd, and Google Cloud Next.

    Gil Kirkpatrick is the Chief Architect at Semperis. Gil has been building commercial products for enterprise IT for a very long time, focusing primarily on identity management and security-related products. He has been named a Microsoft MVP for Active Directory and Enterprise Mobility for each of the last 15 years, and is the author of Active Directory Programming, as well as the founder of the Directory Experts Conference.

    Host: Sean Deuby, 15-time Microsoft MVP and HIP Podcast Host. Sean brings 30 years’ experience in Enterprise IT and Hybrid Identity to his role as Director of Services at Semperis. An original architect and technical leader of Intel's Active Directory, Texas Instrument’s Windows NT network, and 15-time MVP alumnus, Sean has been involved with Microsoft identity technology since its inception.
  • Automating Attestation: A Critical Step in Security Risk Management Recorded: Oct 9 2020 47 mins
    Andy Smith (Centrify), Allen Moffett (Atos); Eric Uythoven (LexisNexis Risk), James Carder (LogRhythm)
    As the number of identities an organization manages explodes, making sure the right resources (human and non-human) have the right access can be overwhelming. Whether driven by compliance requirements or security risk management, attestation processes can provide periodic visibility into dynamically changing access – who has access, who granted it and who approved it. Automating those processes is a critical step to keeping access rights in line with the principle of least privilege and more importantly, can be automatically triggered as a result of a high-risk event.

    In this panel, part of the Security Outcome Deep Dive Series, identity and security experts will provide real world examples about the role of attestation processes in a security risk management program, the key stakeholders involved and how it can be achieved using technologies that may already be deployed
  • Security Outcome Deep Dive: Governance-Driven Provisioning of Privileged Account Recorded: Oct 1 2020 44 mins
    Christopher Hills, BeyondTrust Deputy Chief Technology Officer and Chris Arnold, Avatier VP of Development
    In this webinar, we'll discuss the details of identity-defined security outcomes, privileged user accounts and entitlements are granted and removed through governance-driven provisioning. These outcomes provide organizations evidence of control over who has access to what resources that are required to meet security controls and compliance requirements, for example PCI, HIPPA, SOX, etc, as well as reduces risk of breach due to too much privileged access.

    Part of our Security Outcome Deep Dive series, where we examine each of the Identity Defined Security Outcomes and Implementation Approaches recently published by the IDSA providing organizations with vendor-neutral guidance on reducing the risk of an identity-related breach.
  • Podcast | Becoming Identity-Aware with Identity Defined Security Alliance Recorded: Sep 24 2020 23 mins
    Julie Smith | Executive Director, Identity Defined Security Alliance (IDSA)
    In a recent report from Identity Defined Security Alliance, 79% of enterprises surveyed suffered an identity breach in the past two years. For episode 11, Executive Director for the IDSA, Julie Smith, joins us with special guest, Gil Kirkpatrick (16-time Microsoft MVP and Chief Architect at Semperis). They discuss zero-trust model initiatives, the NIST Framework, and the call for organizations to have an identity-centric strategy.



    Want to learn more about IDSA?
    Identity Defined Security Alliance provides vendor-neutral, free education, and resources that help organizations reduce the risk of a breach through identity-centric security strategies. To learn more, visit: https://www.idsalliance.org/
  • Security Outcome Deep Dive: Principle of Least Privilege Recorded: Sep 11 2020 40 mins
    Asad Ali, Thales Sr Technologist, Saravanan Thiyagarajan, CyberArk Director Of Technology and Industry Relations
    In this webinar, we'll discuss the details of identity-defined security outcome, user and privileged access rights are granted according to the principle of least privilege and how organizations can reduce the threat landscape by eliminating elevated privileged access beyond roles and responsibilities and detecting and automatically resolving policy-violating account access to maintain continuous compliance.

    Part of our Security Outcome Deep Dive series, where we examine each of the Identity Defined Security Outcomes and Implementation Approaches recently published by the IDSA providing organizations with vendor-neutral guidance on reducing the risk of an identity-related breach.
  • Hacking Identity: The Good, Bad and Ugly of Identity-Centric Security Controls Recorded: Sep 3 2020 64 mins
    Jerod Brennen, SailPoint Identity Strategy and Solutions Advisor
    Identity-related breaches have become ubiquitous. From phishing attempts, to social engineering to compromised privileged credentials, capturing a legitimate set of credentials and even better with privileged access, is every cybercriminals dream. Knowing your opponent and the methods they use to steal identities can be the first step in enhancing an enterprise security strategy with an identity-centric security focus that has resulted in fewer breaches for some companies.

    Join Jerod Brennen, currently a SailPoint Identity Strategy and Solutions Advisor, but formerly a pen tester who worked in SecOps developing a solid grasp of the good, the bad, and the ugly of enterprise identity security. For red teams, this presentation will cover pen testing tips and tricks to circumvent weak or missing identity security controls. For blue teams, we'll also cover the steps you can take to shore up your identity-centric security controls and catch pen testers in the act. Purple teaming, FTW!
  • Security Outcome Deep Dive Series: Access Rights Revoked Based on Risk Recorded: Aug 27 2020 28 mins
    Ben Goodman, ForgeRock Senior Vice President Global Business and Corporate Development
    In this webinar, we'll discuss the details of identity-defined security outcome, Access is revoked upon detection of high-risk event associated with that identity, and how organizational exposure to defined policy breaches can be monitored and reduced.
    Note: If you have viewed other webinars in the series or are already familiar with the IDSA, skip ahead 6 minutes for the Security Outcome discussion.

    Part of our Security Outcome Deep Dive series, where we examine each of the Identity Defined Security Outcomes and Implementation Approaches recently published by the IDSA providing organizations with vendor-neutral guidance on reducing the risk of an identity-related breach.
  • Security Outcome Deep Dive Series: Continuous Access Rights Discovery Recorded: Aug 13 2020 40 mins
    Morey Haber, BeyondTrust CISO and CTO and Chris Gregory, Saviynt VP of Channel Development and Operations
    In this webinar, we'll discuss the details of identity-defined security outcome, all user and privileged access rights are continuously discovered and how organizations can reduce the risk of a breach from over-privileged access and invalid or orphaned accounts.

    Part of our Security Outcome Deep Dive series, where we examine each of the Identity Defined Security Outcomes and Implementation Approaches recently published by the IDSA providing organizations with vendor-neutral guidance on reducing the risk of an identity-related breach.
    Note: If you have viewed other webinars in the series or are already familiar with the IDSA, skip ahead 6 minutes for the Security Outcome discussion.
  • Security Outcome Deep Dive Series: Continuous Identity Assurance Recorded: Aug 5 2020 28 mins
    Cassie Christensen, SecZetta Identity Solutions Advisor
    In this webinar, we'll discuss the details of identity-defined security outcome, user's identity is systematically proven through the identity lifetime, and how organizations can ensure access is granted to the right identity.

    Part of our Security Outcome Deep Dive series, where we examine each of the Identity Defined Security Outcomes and Implementation Approaches recently published by the IDSA providing organizations with vendor-neutral guidance on reducing the risk of an identity-related breach.
    Note: If you have viewed other webinars in the series or are already familiar with the IDSA, skip ahead 6 minutes for the Security Outcome discussion.
  • Security Outcome Deep Dive Series: Protecting Privileged Accounts with MFA Recorded: Jul 28 2020 30 mins
    Paul Lanzi, Remediant co-founder and COO
    In our latest research, 79% of companies surveyed experienced an identity-related breach in the last 2 years and interestingly only 38% of those companies have implemented multi-factor authentication (MFA) to protect privileged accounts. Because these accounts, whether human or non-human (machines, service, application), are considered the riskiest, organizations should consider an extra layer of security through MFA.
    Please join Paul Lanzi, IDSA Technical Working Group Member and Remediant co-founder and COO as he discusses the details of identity-defined security outcome, all privileged access requires MFA, and how organizations can implement additional protections for their most sensitive accounts, reducing the risk of an identity-related breach.
  • Incorporating Identity in Your Security and Zero Trust Strategies Recorded: Nov 19 2019 54 mins
    Joe Gottlieb, SVP of Strategy and Business Development, SailPoint & Erik Bartholomy, Security Architect, LogRhythm
    Experts predict that total losses related to cybercrime will reach $6 trillion in 2021. The weapon of choice has been compromised identity and yet security teams run for the door when discussing identity and access management. The rapid adoption of cloud and mobile is forcing organizations to rethink their security model, with Zero Trust generating the most noise these days. In this webinar, we’ll explore how the emerging intersection of identity and security can reduce the risk of a breach (and the resulting financial and reputational losses) and enable a modern day Zero Trust approach.

    The Identity Defined Security Alliance is dedicated to helping organizations improve their security posture through identity-centric security strategies, education and frameworks. Join Joe Gottlieb, IDSA Executive Board Member and SailPoint SVP of Strategy and Corporate Business Development and Erik Bartholomy, LogRhythm Security Architect, to learn how:
    - You can make identity and security work better together
    - Identity-centric security is redefining Zero Trust
    - LogRhythm was able to fully transition to the cloud, eliminate infrastructure (VPNs, firewalls and directories) and become more secure
Advocating the importance of identity-centric security strategies
This channel brings together the leading identity and security vendors and industry experts to regularly educate security leaders on how to reduce risk through identity-centric strategies. For more information check out www.idsalliance.org.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Podcast | Becoming Identity-Aware with Identity Defined Security Alliance
  • Live at: Sep 24 2020 5:40 am
  • Presented by: Julie Smith | Executive Director, Identity Defined Security Alliance (IDSA)
  • From:
Your email has been sent.
or close