In this episode of the Identity at the Center Podcast, hosts Jeff and Jim delve into the intricacies of compliance, governance, and cybersecurity with special guest and colleague Kia Smith, a director in RSM's Security and Privacy Risk Consulting practice. They explore the foundational role of compliance activities such as Sarbanes-Oxley, the crucial need to align governance with security, and the rising complexity of regulatory environments driven by third-party dependencies. Kia provides valuable insights into the Cybersecurity Maturity Model Certification (CMMC) and its widespread implications for industries beyond defense. The discussion also touches upon the relevance of legal language in contracts to manage risk effectively, the role of AI in compliance frameworks, and the importance of continuous compliance validation.

Chapters

00:00 Understanding Compliance: Beyond Check-the-Box

01:58 Introduction to the Podcast

03:46 The Importance of a Well-Rounded Identity Professional

06:38 Upcoming Conferences and Discount Codes

08:51 Meet Our Guest: Kia Smith

09:36 Kia's Journey from Law to Cybersecurity

13:50 The Role of a Director in Consulting

19:37 Compliance vs. Security: A Balanced Approach

21:41 The Evolving Regulatory Landscape

25:00 Managing Third-Party Risks

32:21 Setting IAM Security Standards

32:54 Cloud Service Offerings and FedRAMP

34:07 Procurement and Security Collaboration

34:45 Contractual Security Requirements

35:24 Business Involvement in Security Decisions

36:26 Reviewing Security Practices

37:10 Governance and Risk Acceptance

41:12 Impact of Regulations on Industries

42:58 CMMC and Its Broad Implications

51:30 AI in Compliance and Cybersecurity

55:33 Pickle Pops and Lighthearted Farewell

Connect with Kia: https://www.linkedin.com/in/kia-smith-mpp-cisa/

Learn more about RSM’s Digital Identity Consulting: https://rsmus.com/services/risk-fraud-cybersecurity/cybersecurity-business-vulnerability/identity-and-access.html?cmpid=ola:45559-idac:bb01

Conference Discounts!

Gartner IAM Summit - Code IDAC425 saves 425€: https://www.gartner.com/en/conferences/emea/identity-access-management-uk

European Identity and Cloud Conference 2025 - Use code idac25mko for 25% off: https://www.kuppingercole.com/events/eic2025?ref=partneridac

Identiverse 2025 - Use code IDV25-IDAC25 for 25% off: https://identiverse.com/

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at http://idacpodcast.com