Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo
Artwork

Content provided by EM360Tech. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by EM360Tech or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
Player FM - Podcast App
Go offline with the Player FM app!

Why Are 94% of CISOs Worried About AI, and Is Zero Trust the Only Answer?

15:50
 
Share
 

Manage episode 509487016 series 2948336
Content provided by EM360Tech. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by EM360Tech or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

Identity fabric, a contemporary, flexible identity and access management (IAM) architecture, should “be involved at every stage of authentication and authorisation,” says Stephen McDermid, CSO, EMEA at Okta Security.

According to CISCO’s VP, 94 per cent of CISOs believe that complexity in identity infrastructure decreases their overall security.

In this episode of The Security Strategist podcast, Alejandro Leal, podcast host and cybersecurity thought leader, speaks with McDermid about Identity Fabric, the modern threats to identity security, the role of AI in cybersecurity, and the importance of collaboration among industry players to combat these novel threats.

Stephen emphasises the need for organisations to adopt a proactive approach to identity governance and to recognise that identity security is a critical component of overall cybersecurity strategy.

Poor Identity Governance

Enterprises today face a complicated web of users, applications, and data. Identity, once hailed as a small IT problem, is now at the forefront of cyberattacks, and they are becoming highly lucrative targets for cybercriminals.

Alluding to recent high-profile breaches on the UK high street, McDermid points out the financial impact estimated in hundreds of millions of dollars. The common feature observed among these cyber incidents is the misuse of “poor identity governance.” This happens when users’ old login information lacks multi-factor authentication (MFA) or when attackers use social engineering to reset passwords.

The reality today is that attackers now use automation and AI to find valid identities, which makes their work easier than ever, owing to a vast number of compromised credentials available online. The scale of the threat is massive. McDermid noted that "fraudulent sign-ups actually outnumbered legitimate attempts by a factor of 120." This indicates that organisations need to accept that "a breach is inevitable."

Ultimately, McDermid's message was clear and pressing. He urged CISOs to understand where their identities are throughout their businesses. Furthermore, he stressed on the need to assume a breach and consider how to respond.

The CSO also called for them to challenge their SaaS vendors to commit to the new standards. In his opinion, only through this type of collective action can the security community hope to make a difference in what seems to be a losing battle right now.

Takeaways

  • Identity Fabric is a framework for managing identities at scale.
  • Modern attacks exploit poor identity governance and lack of MFA.
  • Organisations must assume breaches are inevitable and prepare accordingly.
  • AI can enhance identity threat detection and response.
  • Collaboration among vendors is essential for improving security standards.
  • Human oversight is crucial in AI decision-making processes.
  • Shared Signals Framework improves API efficiency and security.
  • Interoperability is key to addressing identity security challenges.
  • Organisations should centralise governance of identities throughout their lifecycle.
  • CISOs must stay informed about emerging threats and trends.

Chapters

  • 00:00 Understanding Identity Fabric
  • 02:21 Modern Threats to Identity Security
  • 06:32 Collaboration in Cybersecurity
  • 10:38 AI Agents and Identity Security
  • 14:14 Key Takeaways for CISOs

  continue reading

174 episodes

Artwork
iconShare
 
Manage episode 509487016 series 2948336
Content provided by EM360Tech. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by EM360Tech or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

Identity fabric, a contemporary, flexible identity and access management (IAM) architecture, should “be involved at every stage of authentication and authorisation,” says Stephen McDermid, CSO, EMEA at Okta Security.

According to CISCO’s VP, 94 per cent of CISOs believe that complexity in identity infrastructure decreases their overall security.

In this episode of The Security Strategist podcast, Alejandro Leal, podcast host and cybersecurity thought leader, speaks with McDermid about Identity Fabric, the modern threats to identity security, the role of AI in cybersecurity, and the importance of collaboration among industry players to combat these novel threats.

Stephen emphasises the need for organisations to adopt a proactive approach to identity governance and to recognise that identity security is a critical component of overall cybersecurity strategy.

Poor Identity Governance

Enterprises today face a complicated web of users, applications, and data. Identity, once hailed as a small IT problem, is now at the forefront of cyberattacks, and they are becoming highly lucrative targets for cybercriminals.

Alluding to recent high-profile breaches on the UK high street, McDermid points out the financial impact estimated in hundreds of millions of dollars. The common feature observed among these cyber incidents is the misuse of “poor identity governance.” This happens when users’ old login information lacks multi-factor authentication (MFA) or when attackers use social engineering to reset passwords.

The reality today is that attackers now use automation and AI to find valid identities, which makes their work easier than ever, owing to a vast number of compromised credentials available online. The scale of the threat is massive. McDermid noted that "fraudulent sign-ups actually outnumbered legitimate attempts by a factor of 120." This indicates that organisations need to accept that "a breach is inevitable."

Ultimately, McDermid's message was clear and pressing. He urged CISOs to understand where their identities are throughout their businesses. Furthermore, he stressed on the need to assume a breach and consider how to respond.

The CSO also called for them to challenge their SaaS vendors to commit to the new standards. In his opinion, only through this type of collective action can the security community hope to make a difference in what seems to be a losing battle right now.

Takeaways

  • Identity Fabric is a framework for managing identities at scale.
  • Modern attacks exploit poor identity governance and lack of MFA.
  • Organisations must assume breaches are inevitable and prepare accordingly.
  • AI can enhance identity threat detection and response.
  • Collaboration among vendors is essential for improving security standards.
  • Human oversight is crucial in AI decision-making processes.
  • Shared Signals Framework improves API efficiency and security.
  • Interoperability is key to addressing identity security challenges.
  • Organisations should centralise governance of identities throughout their lifecycle.
  • CISOs must stay informed about emerging threats and trends.

Chapters

  • 00:00 Understanding Identity Fabric
  • 02:21 Modern Threats to Identity Security
  • 06:32 Collaboration in Cybersecurity
  • 10:38 AI Agents and Identity Security
  • 14:14 Key Takeaways for CISOs

  continue reading

174 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Listen to this show while you explore
Play