The 59th Edition of the Identity Jedi Newsletter

Question of the week, CISO Survival Guide, and Identity Data Fabric

Presented by

Wednesday 11/1/23 - Identity Jedi Newsletter - Subscribe

Hey Jedi welcome to the 59th edition of the Identity Jedi Newsletter! We are in November, people! NOVEMBER! Crazy right? The year is flying by, and hopefully, you’ve taken time to enjoy it. We don’t get these days back, so enjoy every single one you get!

eBook: How to minimize third-party risk with vendor management

A robust vendor management program isn’t just required by compliance frameworks like SOC 2 and ISO 27001. It’s also a critical part of a holistic trust management strategy.

Implementing a vendor management program, however, has become more complex and challenging with the proliferation of SaaS tools and shadow IT. And many overstretched security teams are being asked to do more with less.

To stay compliant and secure — and deepen trust with customers and partners — security teams need a way to proactively manage vendor risk.

This guide from Vanta, the leading trust management platform, brings together perspectives from the frontlines of vendor security management. Get insights and best practices from security and compliance leaders. 

Share the news, grow the community, get free stuff! Let’s keep this thing going and get to the 1k mark!

Let’s Get to the Good Stuff!

  • CISO Survival Guide

  • Identity Data Fabric..New term, who dis?

  • Identity Quesiton of the week

CISO Survival Guide

Came across this gem when scouring Al Gore’s internet for interesting tidbits about identity.

Cisco, Nightdragon, ForgePoint Capital, and Team8 all walk into a bar…

And at the end of the night produce a report that looks to guide CISO’s down the treacherous path of leading a security team in today’s world. I haven’t looked at the report itself, as of course it’s gated behind a marketing capture page, and I just didn’t want to submit my work email to their combined marketing campaign. (Seriously, marketing folks, there’s got to be a better way)

However, the article broke down the major components, and I like the areas of coverage:

  • Identity

  • Data

  • Code

  • Infrastructure

I would add one more to this: Culture. I think more than anything else a CISO’s job is to build a security-centric culture. Until an organization values security and puts it top of mind, it’s a tough uphill climb to accomplish anything else. Security tools, assessments, reports, those things are all good at the tactical. Solving the immediate need, but the bigger need. The bigger problem is that this is a never-ending fight. This isn’t something that you just check off and it’s done, it’s a lifestyle. Delivering security to your co-workers and customers is a choice. A choice you make every day. A choice you need the rest of your team, and organization to make as well. Don’t think we talk enough about that.

Identity Data Fabric

A new term I’ve been seeing floating around.

Identity Data Fabric

It’s all the rage, I get it in all my custom suits and blazers; it’s breathable, soft, and really turns heads at meetings.

But it’s also something that lives at the heart of every identity implementation. Putting it simply:

It’s the collection of all the pieces of data that make an organization’s digital identity.

But I’m a big example person, so let’s break that down using one.

Ok let’s keep this simple: You’re an organization with 2 authoritative HR sources, 1 Active Directory Domain, and a SAP System. You have employee number set in HR system 1. You drive application access based off attributes in SAP, both HR systems, and SAP, and currently none of the applications are synced.

You need to build rules and policies from this collection of resources and pull this data together in order to have a unified view of a digital identity in your organization.

THAT is your identity data fabric.

And THAT Jedi, will be worth it’s weight in gold over the next 5 years. Because that will be the key to truly managing identities and access at a dynamic level. The ability to curate and analyze this data will drive automation, policy creation and the realization of a truly elastic identity platform that can respond to events in near real-time. And I don’t think it’s very far off..scratch that, I KNOW it’s not that far off.

However, one KEYpiece that is missing from this seemingly mythical silver bullet that will not only slay werewolves but cure all IAM ailments.

1) Process

The fabric is nothing without the process that manages that fabric. Think of this as more “data flows” than anything else. The ability to setup and manage the data flows on your identity fabric are crucial, because you need to understand and control how the data is compiled.

Identity Question of the Week

A new segment I’m introducing. A burning question around identity everyweek to get the juices flowing and conversation going.

This week’s question: How do we jumpstart identity?

If you’re an organization that has yet to start down the path of developing an identity program. How do you get started quickly? What are the secrets? Shortcuts? What are some things we can do from a technogoy standpoint to make this easier? What tools haven’t we built yet?

Food for thought.

Identity Jedi Show Podcast

So the live footage is in and edited and the the recordings for Season Two are underway, should have new episodes coming to you in two weeks, and the rolling out to you from there. Buckle up, we got some great conversations coming your way! Get subscribed now so you don’t miss out!

Hey Jedi, I’m hanging out tomorrow with the wonderful folks at Strata to talk identity, AND try to pick some locks. Come hang out and join the fun!

The Last Word

November is here. Hope you had a wonderful Halloween holiday yesterday. I’m not much of a Halloween guy myself, but I’m all for people having fun. As we stare down the Holiday season and look towards 2024, it’s been a fast moving year in identity. Don’t think we’ve seen the last of activity for the year, but it’s setting up be a very intriguing 2024.

In completely random news: I went to the Dave Chapelle tour last night in Atlanta. He’s my all time favorite comic, and it’s been a big goal of mine to see him live, and I finally got the chance. I’m so glad I did, it was an AMAZING SHOW. So remember despite everything you have going on in life, treat yourself, create those memories. You wont’ regret it.

Be Good to each other, Be Kind to each other, Love each other

-Identity Jedi

What did you think of this weeks newsletter?

Login or Subscribe to participate in polls.

Join the conversation

or to participate.