100 Things I Love about Identity, and The Identity 50 Update

Hey Jedi welcome to the 100TH edition of the Identity Jedi Newsletter.

This edition will be a little different. So if it’s your first time here (Welcome, glad to have you!) this isn’t the typical newsletter. This one is a love letter. A love letter to identity, and a love letter to YOU! Because without you this doesn’t happen. That’s right Jedi this is just as much a celebration for you. But with that, I’ve also got some new things to share with you, but more on that later.

Here’s what’s coming in this week’s 100TH EDITION!

This week's edition

• How It All Started

• THANK YOU

• 100 Things I learned Writing a Newsletter About Id …

• IDENTITY 50 HAS A NEW HOME

  • Good Reads

  • Podcasts

  • The Last Word and Announcements

How It All Started

I’ve never told the full story of how the newsletter started, and given we are 100 editions in, I figured it was time. So here goes.

I can’t find the exact text that started it, but it came from my buddy Lance and went something like this:

For some context, EA stands for Ebony Ascent. The first media platform I launched with my media company. That text, and the phone call a couple of days later, led to a series of conversations over the next couple of weeks that led to the creation of this newsletter. Fun fact: The first newsletter was sent using Mailbrew. I hadn’t found Beehiiv yet, and I was leery of diving into the newsletter. A year earlier, I had stumbled across this small newsletter called Morning Brew, and I fell in love with it. It was perfect. Bitsized information from across the world of business, and a referral program that got you free swag! I was hooked! So in my eyes, if I was going to do a newsletter it had to be like Morning Brew. I looked endlessly but couldn’t find a platform that offered the features that MB seemed to have. Spoiler Alert: It’s because they custom built it! So from the start IDJ was doomed. But theeeeen. I got this text:

AND IT WAS ON !

The process of starting something new is both exhilarating and exhausting. The rush of creating that first newsletter and sending it to no one, to watching the subs go up weekly, it was insane!

Add to the mix that at the time, Beehiiv was still an up-and-coming startup company that was rolling out changes every week. Interacting with them in real time and seeing changes roll out days later was excellent. As more people subscribed, my confidence grew that it was the right step to take, and that the content was the right kind.

Now, next up, I wanted to do a referral program. I wanted to get some cool swag and get people excited about spreading the newsletter. But how was this going to work? What things should I offer, would people really refer the newsletter? One thing I’ve learned in my entrepreneurship journey is that you’ll never have all the answers, sometimes you just have to make them up as you go. So I did, and man did it work! In fact one reader ( and you know who you are because you’re reading this right now) got 12 referrals in one day, and to date has over 50! Needless to say I wasn’t prepared for that type of growth..lol. But I figured it out..kind of.

Side Note: The swag for the referral program is something the team and I are going to address this quarter. It’s been an issue for a while. The truth is, swag is expensive, and so is logistics. But we’ve got a plan to deal with it and will be sifting through the backlog.

I loved every minute of putting together each newsletter ( and I still do). I’ve dedicated 20 years to this crazy field of Identity and I love it! Will I do another twenty…meeeh we’ll see, I’ve got some other things on the horizon I’m focused on, but this allowed me to combine the best of both worlds and I’m thankful for that. I’m genuinely grateful for this journey over the past two years, and I’m excited about the future of the newsletter. And with that I want to say…

THANK YOU

Now I told you that this just as much about YOU as it as about me of the team that helps put all of this together. YOU are the reason this newsletter has reached 100 editions. You’re engagement, your enthusiasm for the field of Identity and your feedback has been the fuel that has kept this small train going. There are plenty of days I don’t want to write this, or have no clue what to write about but I think about YOU. I think about the promise I made to deliver you content every two weeks ( It was weekly but that almost killed me..lol). And so I find a way to get it done. So for every single character of text that you’ve read, for every single person you’ve shared this with. THANK YOU.

THANK YOU for reading, for supporting, and for being apart of this amazing community we are building.

100 Things I learned Writing a Newsletter About Identity

After writing a newsletter about identity for a while, I’ve learned a few things—some deep, some funny, some painfully obvious in hindsight. Here’s my list of 100 lessons, observations, and hard-earned insights from writing about identity, security, and the wild world of IAM.

1. Identity is everywhere. Seriously. It’s in security, in business, in life. You can’t escape it.

2. People think IAM is just about logging in. It’s not.

3. The best identity solutions start with asking the right questions, not buying the shiniest tool.

4. Half of IAM projects fail because of people, not technology.

5. The other half fail because no one asked, “Why are we doing this?”

6. Identity is the foundation of security. Without it, everything else crumbles.

7. People will trust you if you help them make sense of IAM without making them feel dumb.

8. Nobody reads documentation. They should. But they don’t.

9. Compliance is not security, but security helps with compliance.

10. Identity is the new perimeter—but also, it’s been the perimeter for a while now.

11. The phrase “identity is the new perimeter” is starting to get old.

12. Passwords are the worst—but they’re still here.

13. The real reason MFA adoption is slow? People hate change.

14. Every IAM project has a moment where someone says, “Why is this so hard?”

15. The answer is always: because identity touches everything.

16. Identity people love frameworks. Too many frameworks.

17. RBAC is easy in theory and painful in practice.

18. ABAC is even harder—but nobody wants to admit it.

19. The best IAM professionals know how to talk to the business.

20. If you make identity sound boring, people will ignore it.

21. You don’t need an IAM assessment—you need to ask the right questions internally.

22. Some organizations still think spreadsheets are a viable IAM tool.

23. They are wrong.

24. Every IAM team has a spreadsheet of shame.

25. The first time you explain non-human identities, someone will ask, “So… like robots?”

26. Identity governance is about people, process, and politics—the tech is secondary.

27. IAM is a journey, not a project.

28. IAM projects never really end. They evolve.

29. Identity debt is real. And it’s expensive.

30. The best IAM leaders influence without authority.

31. Most IAM roadmaps are aspirational.

32. Every IAM project has a moment where someone says, “Just turn it on and see what happens.”

33. This is always a bad idea.

34. You can’t automate bad processes. ( We’ll you can…but…..)

35. IAM is about trust.

36. Identity is the one thing everyone depends on but no one wants to own.

37. Just because something works doesn’t mean it’s secure.

38. People get weirdly emotional about usernames.

39. Your IAM strategy is only as good as your data.

40. Most identity problems are data problems.

41. Your single source of truth probably isn’t.

42. No one wants to talk about orphan accounts… until there’s a breach.

43. IAM people love telling horror stories.

44. Every IAM conference has at least one “this is why you need identity” talk.

45. Half the room already knows. The other half is there because they have to be.

46. The best IAM solutions solve real business problems, not just security problems.

47. Role mining sounds cool until you have to do it.

48. No one likes access reviews.

49. The best access reviews are the ones that don’t happen. (Because they’re automated.)

50. IAM is the unsung hero of security.

51. You can’t have Zero Trust without strong identity.

52. The phrase “Zero Trust” is overused.

53. Zero Trust without identity is just network segmentation.

54. The best IAM engineers understand psychology.

55. IAM vendors love buzzwords.

56. The best IAM vendors focus on real-world outcomes.

57. Vendor bake-offs are exhausting.

58. Every organization has at least one “shadow IAM” system.

59. Identity professionals develop trust issues from working with bad data.

60. A good identity program requires business alignment, not just security buy-in.

61. IAM teams are always understaffed.

62. Someone will always try to reinvent RBAC.

63. SaaS changed everything for IAM.

64. Cloud made IAM both easier and harder.

65. Every IAM migration takes longer than expected.

66. No one reads audit logs… until there’s an incident.

67. IAM is a never-ending cycle of cleanup.

68. Most IAM problems start with onboarding.

69. Identity is personal. (Even in enterprise security.)

70. The best IAM professionals ask better questions.

71. IAM people need to market themselves better.

72. Identity orchestration is the future.

73. Identity security is shifting from IT to security teams.

74. AI won’t replace IAM professionals—but it will change the game.

75. IAM without automation is a ticking time bomb.

76. People think IAM is expensive. Breaches are more expensive.

77. Executive buy-in can make or break IAM projects.

78. IAM success stories are rare.

79. The best IAM deployments are the ones you don’t hear about.

80. Governance without enforcement is just documentation.

81. Decentralized identity is coming.

82. Some people think decentralized identity will solve all problems.

83. It won’t.

84. Identity pros love a good existential debate.

85. “Who has access to what?” is an eternal question.

86. No one ever deletes accounts fast enough.

87. IAM is cross-functional whether people realize it or not.

88. Developers don’t want to deal with identity.

89. But they have to.

90. The biggest IAM challenge? Change management.

91. IAM success stories need to be told better.

92. The best identity leaders make IAM relatable.

93. Identity is not just an IT problem.

94. Every IAM talk includes at least one “why is this so hard?” moment.

95. People will pay attention to IAM when it breaks.

96. IAM newsletters are niche—but the audience is passionate.

97. The best IAM content is practical, not theoretical.

98. Identity is never finished.

99. Writing about identity makes you better at explaining it.

100. IAM is one of the most important (and underappreciated) fields in security.

What would you add to this list? 🚀 What’s your favorite one? Drop a comment, hit reply, let me know!

IDENTITY 50 HAS A NEW HOME

The latest updates are live! Shout to Crunchbase! Added some stats powered by Crunchbase to most vendors and updated some commentary.

The Last Word and Announcements