23rd Edition of the Identity Jedi Newsletter

99 problems and a patch ain't one, let's get Meta, Keynote in Vegas!

Wednesday 2/15/23 - Identity Jedi Newsletter - Subscribe

Hey Jedi welcome to the 23rd Edition of the Identity Jedi Newsletter. Henceforth known as the Jordan Edition.

Announcement

Taking this Identity Jedi thing on the road! Excited to announce that I’ve been honored to grace the stage at Identiverse as a keynote speaker! Now I know what your next question is. What’s the topic!? Stay tuned, I’ll tell you soon. But for now, I’ve got something special for you.

DISCOUNTS!!

That’s right! You can use my code to get 25% off Identiverse registration. Because you don’t want to miss this conference right? Identiverse, Vegas, aaand The Identiy Jedi on the big stage. It’s going to be fun! Here’s the discount code: IDV23-SPKR25. (Expires 3/31) You can use the button below to register.

We continue our climb to 200 subs! Thank you to everyone who’s referred someone, and let’s keep this party going!

Also, check out the Blogs section of the IdentityJedi Website. Some pretty good stuff, if I do say so myself, and I do.

Let’s Get to the Good Stuff!

  • Zero trust and IAM. A match made in heaven?

  • So apparently, we still don’t patch

  • Metaverse

Zero trust and IAM; go ahead and swipe right.

Zero trust is the new perimeter. In a world where there's no more "outside" or "inside," you have to know who and what is on your network and why they're there. And that means knowing who you're dealing with AT ALL TIMES. You can’t do that without the principles of IAM. Interesting quote from the article that gave me a slight chuckle:

"Overall, the risk has decreased once we focused on assigning individuals the least amount of permissions possible to do their jobs," said one survey respondent whose organization had adopted the zero-trust model.

Sooo you’re going to patch that right?

What's the biggest threat to your organization? A weak password? A lack of patching? Maybe it's something else entirely. Regardless of your answer, cybersecurity firm Horizon3.ai found that most organizations aren't doing well in the security department. In this article, Nathan Eddy discusses how organizations remain plagued with unpatched vulnerabilities and weaknesses in credential policies despite growing awareness.

Weak credential policies and a lax approach to patching were among the most common points of IT security failure for organizations in 2022, while a failure to configure tools properly left multiple organizations open to attack.

The Metaverse

In this article, Deb Radcliff states that the metaverse will bring a new breed of threats to challenge privacy and security gatekeepers. Businesses and government agencies have already started building virtual worlds to support city services, conferences, community building, and commerce. They’re also rendering spatial apps around travel, car sales, manufacturing, and architecture in what Citi predicts will be a $13-trillion market with 5 billion users by 2030. In this novel reality, new privacy and security issues will arise. Nefarious activities such as phishing, pharming, impersonation, disinformation, and inroads for ransomware will most likely start to occur. There will also be new impacts on consumer privacy because the amount of rich and detailed data collected by these apps are juicy targets for criminals and marketers. How do we plan on dealing with this?

The Last Word

The word for this year in the identity industry is VALUE. As in what value identity will bring to organizations. What is that value? For the past ten years we haven’t had to answer that question. Sure, we’ve put together some bullshit and told customers kinda, sorta what the value was, but it wasn’t really a factor. The economy was good; customers had the funds and identity was something they needed to get done. But the times have definitely changed now. Customers have seen ten years of increasing integration costs and renewal costs and are starting to ask the question.

What am I getting out of this?

As the Platform Wars continues this year, we’ll see several companies offering consolidated identity platforms. But what value will we see from those platforms? Faster implementation? Less integration? Breach prevention? Whatever it is, it cannot be more of the same. Well, It can be because capitalism, but it shouldn’t be. It should be something meaningful because that’s why we do this, right? To actually solve customer problems…right?

Till next week.

Be Good to each other, Be Kind to each other, Love each other

-Identity Jedi

The JEDI COUNCIL

The State of Identity Programs

A pattern I’ve seen the last year is that identity teams are moving to the security organization. A much-needed move in my opinion, but one that doesn’t come with its set of challenges.

Subscribe to Premium to read the rest.

Become a paying subscriber of Premium to get access to this post and other subscriber-only content.

Already a paying subscriber? Sign In.

A subscription gets you:

  • • Blogs
  • • Expert Interviews
  • • Expanded Commentary
  • • Early Access to Identity Show content

Reply

or to participate.