You're listening to the identity at the center podcast. This is the show that talks about identity and access management and making sure you know who has access to what let's get started. Welcome to the identity of the sender podcast. I'm Jeff. And that's Jim. Hey, Jim. Hey, Jeff. How are you? Happy New Year? My man happy New Year. Feels like forever. Since we've done one of these at least a couple weeks for sure. Yeah. But you have to, you have to get the cobwebs out.
I was wondering Jeff. Did you get a nice Christmas gifts? You know, I did go nice wallet for my wife. I am a terrible person to shop for because I'm one of those people who just if I see something, I just buy it. So I did get a wallet for my wife, the proverbial Snickers bar every year, which I'm a huge fan of Snickers bars. So yeah, it was, it was good about yourself, I did. But but first, just the wallet. I can't see you with like, the big George Costanza wallet with
a bunch of coupons. Like you're a cashless guy, I'm picture. Some kind of high-tech wallet that blocks the ability to scan your chip cards and all that jazz. Of course, for those interested I have a ridge wallet now, so one of those with an air tag connected to it. So if I lose it can kind of find it. But yes, a very very slim. You know. I don't like to have the that the jit the big George Costanza, you know, like it's like a library book. You got your back pocket.
Yeah, you keep in your back pocket, then 30 years down the The road, it's got back problems. Yeah, exactly. Sitting on it or when you sit on it, like you're sitting at an angle. Well, my beautiful significant. Other Denise got me, 100 identity at the center. Stickers vinyl stickers, which we can give out a conferences this year and to guess. So I guess we can say this episode was sponsored by Denise. All right, well, thanks Denise, appreciate that.
They look good, right? I mean it's our logo, it sticks onto stuff. It's a sticker needs. No more introduction. I think right? Yeah, yeah. Ellis T, dishwasher proof to at that. So if you want to wear in the dishwasher that would be okay. Mark a shower with it. I guess you know whatever you do with the sticker is totally your business. We don't judge we don't care exactly what else we got going on over the break. We finally joined the feta verse and created a mastodon account.
So now we are at idac podcast at infosec dot. Exchange seem to be like we're most people were sort of gravitating towards from the ND space. So now we're over there still kind of learning the ins and outs of it. I realized my first posts, the I do like the little videos and stuff like that. The dimensions were way off like they use, they use a totally different aspect ratio, then Twitter and like, LinkedIn and
others sigh. It was like, trying to mess around with the app, but yeah, you'll find us now on Macedon at IDC podcast at infosec data Exchange, in addition to Twitter at DDC podcast, Website has our has all our info and stuff like that, but that was, that was something new. We also started, I know you're not big into the social side gym but we're on Mastodon though. Okay, I'll be right there.
Hey, I also wanted to mention our friend friend of the show Espen Bago reach out to me over the break and he's written a Blog on the ID Pro website called words of identity. So it's really kind of a meant to be like a go to Index of kind of popular I guess for outside of our industry there Buzz terms for inside of our industry, they're just a lingua Franca and the idac podcast is cited as a source for how he came up with
some of the definitions. So it's pretty proud of that will put the link to that blog in the in the show notes as well. Yeah, it's like a dictionary for Stuff. Mutt. Who knows, right? Maybe we'll actually all agree. Three, same definitions for stuff in a dining space. We'll see. It's called a mess. I know. So, so definitely thanks to Aspen for that. What else we got going on this year? We got a lot going on with. So, we've got some upcoming conferences.
We've got the gardener, I am Summit in March will be there. Are you looking forward to that I am. This is a big one because we're actually going to be on stage. Bringing the identity at the center podcast show to a live studio audience. It will be something. It will be very cool, very different. I think hopefully for from a Gartner, a perspective we're going to have Henry K on. I think we're going to have Becky as well. Who knows what else is gonna
happen? But the idea is that we're going to actually have and the episode style present, not presentation, just assigning a fireside chat because there's never a fire on the pill on the stage is based are just going to bring Lake hopefully not okay. No fires. Yeah the only fire will be how hot the show is, right?
But yeah, the idea is to bring it up, you know, basically, Really treat one of the sessions like an episode and we'll have some questions and stuff that we'll be asking the analysts we've been told that we can ask pretty much whatever we want so we might get some tough questions. I think we'll probably solicit from our listening audience. If there's any questions that you would love to ask a Gartner analyst, you don't send it to us on LinkedIn, Twitter, Mastodon, whatever. Maybe we're.
If you want me to see if you want me to see, do don't like then? Yeah, exactly. But I linked it so, yeah, it's gonna be very exciting. That's Africa. We were kind of their unofficially last year and they took notice which is very cool and reached out. And that's why I think one of the big things that we're working on over the break is to get that worked out how to finalize the cell.
Very cool to Enrique is invited us as well as the rest of the Gartner crew and yeah, hopefully put on a rock and show and make it a thing. So that was in March. I Denver's is in May. Yeah. Will almost surely be there? We don't have any fixed plans at the moment, but But I did notice. Yeah, it got the hotel booked, but that, yeah, that's that's step one. So we'll have more info on that coming out in the future. I'm sure what I did notice is that the call for speakers is already open.
So if you got an idea for a presentation, you're interested in, you know, presenting it at, I Denver's get out to their website and submit that presentation. I also saw friend of the show, Vittorio Bertucci put out Post on LinkedIn saying that anybody who needed help putting their idea into the, right format for a call for speakers, he would be more than happy to help. So I would take him up on that offer. He's a great guy and be crazy.
Make that connection if you don't already have it plus, I mean, he speaks at every conference I think he knows what he's doing when it comes to getting his papers accepted. He's a real Pro, but the Tory is good people. I always enjoyed my conversations with him and, you know, he gives the A lot back to the community, he's got his own podcast. He does all these speaking engagements. He's very active on social and Ida Pro stuff like that. So shout out to Vittorio.
He's one of the MVPs definitely for the identity space. Yeah, absolutely. And then the, the last one that I wanted to mention was the European identity and Cloud conference in May and we have a great guest on for that today in Martin cooping her. But certainly, if you're in Europe or you can get Approval to travel to Europe who wouldn't like to do that. Certainly, that's one of the top
conferences available as well. And I think we're to get into that with Martin, so we'll talk to him in a moment about see, I see, yeah, it's a great segue, why don't we go ahead and introduce Martin Cooper anger. He's the founder and principal Analyst at coopering ercole analysts. Welcome back to the show. Martin welcome, try from trim. Pleasure to be back. Yeah. So it's been a while. I'll look see, this is episode.
I think will be 194 you were with us back on episode 106, which would have been August in 2020 once about a year and a half or so. I'm not going to ask you to go through sort of like your origin story. Like we always do with our first time guests because this is now your second time with us, but what has been happening in your world since that you know, that that last year or so what's been going on in the world of cooking or coal and Martin Cooper near
specifically? Yeah so we Growing, I'll touch ya. See in a minute, I am able to concentrate more on my research account, which is refund, got rid of some of the management tasks. And that is really, really great things. I really can focus on what is most time to me, which means doing things like podcasts, writing, research, and thinking about identity management and working on some, some ideas, some aspects, how we will publish a lot of tough around
that. And with all the evil you've been going on, the identity is based, there is, there's a ton of stuff to think about it, as well as cybersecurity. I also trust, finishing a piece on data quality data integration, which seems to be a bit away from Identity. But at the end, it isn't because at the end we have identity management. We have access governance is part of it and access governance is also very close to data governance of the things I'm doing in the data space where we
are doing it today, space. Have a lot to do with data governance like catalogs. If you don't know where the data is, you can't govern it. You can't protect that, you can secure it. So reaching out of branching out a bit but still always around our our core topic.
So this is what we are doing basically and I trust, spend a week skiing in Switzerland, had snow in contrast to I think many of the errors ski resorts in Switzerland, so the weather conditions weren't wearing that girl snow conditions weren't that good and Ours. Still not good in the Alps, but we were lucky and could ski all days. So it was a lot of fun and few people because most didn't come
for skiing. It's got to be nice to have a, I mean, first of all, to get out there and go skiing but when it's not crowded, right? And he get sort of like the out on the mountain or the past sort of to yourself maybe a little more than maybe you're used to. That sounds pretty cool. You know, you guys put out so many good pieces of research articles That the different reviews that you guys do and Analysis of the space. I guess I'm not going to try and even articulate, what Google does.
But for those who I guess, maybe are living a rock. I can't imagine people who are listening to the podcast, maybe aren't aware but for those who aren't, I guess, what is like if you had to describe Coomer cool analyst to somebody who is not familiar with the work. How would you describe that to somebody? So I think what makes us a bit
unique are two things. The one is, we are one of the very few European analyst companies, which means we look, we've all globally, we take a club or perspective, but we surely have a bit more inside, maybe sometimes than into your office and then other regions. Yeah. Uh, turkey at our point is we are, we are a boutique and listen to sense of it. We're still very focused. So our topics, our identity, and cybersecurity and some parts of the data's in AI space. As long as they relate in the
one other way, was identity. For cybersecurity. So this makes us I think a bit but unique with this focus on of covering everything but being really targeted at these areas and doing this for close to two decades right now. Yeah so that's that's what we do at the end.
Is there a favorite piece of I don't know research or type of output that you put out there because I know there's a lot that you do, I think of things like, you know, Better analysis or, you know, future kind of think pieces. But is there a spot that you really like to be in? So if any of us a lot of very much like the leadership combust format, which is our way to look at market, segments to compare the vendors, and their offerings to rate them.
So this is, I think surely one of the most valuable for maxim. I frequently hear that this that people like to sort of the density and the amount of information sources These are 50 70 or sometimes even longer more pages.
Documents are really, really large documents with a lot of detail, but I think it was a very, very valuable is to listen to the audio podcast of Matthias, my colleague, who runs our own equipment, call Alice podcast, where he talks was an analyst so it's more could be a cold. People talking was Kubiak old people, but I think still still in Interesting. These are some of the pieces of writing. There's a lot of the block and we use section as well. What are you?
Yeah, let me let me add to that. That I want to give a shout out to Matias and his podcast. I think it's one of the best offerings out there right after identity. Its Center, of course, but now he does a fantastic job. I've heard you on the podcast several times, and it made me also think about the comment you made of Unloading some of the management tasks so that you can focus more on being like the chief analyst, if you will, which I think is fantastic.
Because I think are the things that the identity space, Maybe maybe all areas of it but it's like, you build all this expertise in this in this area of subject matter I didn't access management and then the career path becomes that you do more management tasks and then you get further and further away from things but it seems to be everybody who does that. It just has a yearning to get back in there and like and live
that stuff. I was wondering what your thoughts were on that comment but Also, you know, specific to hey, you've got all these analysts, who write the, the white papers, and the the briefings, what is your, what is the role that you take, in terms of of those writings? Do you edit them to are you like Hands-On and creating them or how does that work? So I have right? Some of the stuff myself and I like doing that. I also take a roll so we call it a bit mentorship for for the
younger analysts. So, to regularly meet with them and talk about what is on their desk and how to do it best and giving them sort of sort of transferring my experience and I think editing and stuff like that, as this distributed across a lot of shoulders. But about it's also part of me specifically, for younger analysts. I'm known for providing a A lot of detailed feedback at the beginning, but not in the sense of this is wrong.
But in a sense of I would do it that way because of, and I think this is very important this explanation of why I would do that way or that way, or some discussion and accepting that some say, okay, maybe that's there are better ways because there are better ways. And so this is, this is part of my role here. So, talking with a lot of people, but also writing some stuff, supporting my team. And yeah that feels my day. Yeah yeah. So I mean you guys are known for the leadership Compass.
You're known for the EIC but I'm not sure how many people know about some of the other webinars that you do that are wouldn't call them ad hoc but I mean you always have a list of like hey here's upcoming webinars that are free. So I'm kind of coming from the The Bargain Hunter Cheapskate angle of like hey there's a bunch of free. Content that you guys put out there. We want to make sure that our listeners know about that. What's the best way for them to go out there and find those you
know, these free webinars. Yeah, so first just go to our website at www.breckwell.com. There's the webinar section, there's in the event section where you find a lot of things and then it doesn't sound like bargain-hunting, but I think it's still still the best one of the best ways to do it. If you go to the upper, Or right Edge, there's become a client. But there's also the basic option, which is you can register, for instance, 41 months, for certain level of
free access and stuff like that. And that allows you to get get a lot of information. And you also will end up, and I think this is always every one of us has mixed feelings about the mailings you receive. But register for these mailings because you'll get the information about upcoming events upcoming webinars to try for free, maybe maybe go to one of the platforms. To subscribe to Matias podcast
stuff like that. So there's really a lot of information which is freely available and just click on the upper right Edge and check the website there's various ways to find quite quite a good number of free content. Okay great. So what did you jump into a couple topics today? If we could spend a few minutes on each one, that would be fantastic. The first one is, yeah, I follow you on. On LinkedIn. And for some reason, LinkedIn, prioritize your posts, because I like them a lot.
And recently, you appeared in interview talking about cyber security, awareness, training, and I thought you had a really interesting take maybe it's Unique. Take, can you tell us about that? Yeah, you know, I think that thing started with me receiving one of these mailings from from a German magazine and I lost his the humanist, the weakest link and security headline. And I wrote back to the Editor in Chief has that, you know,
Peter is his name. I have fully disagree with this statement because this is really discouraging. So if you tell people you're, you're making the mistakes, you're the weakest links, that weakest link. This isn't that motivating at all? And it's not fair because you know we always say okay. Oh what why did you fall trap to this phishing attack and gave your password away? The right question to ask would be why was there still a password?
If there's no password used and no password to give away, the human can't make the mistake. And so, to some certain extent it's blaming all the people in our organizations for things. They are not really guilty for or at least what they did. Follow crap to a phishing attack isn't the root cause because the root causes, oh, we're not yet passed for Less, we are not yet. Strong MFA everywhere. Six like that or we don't have a good email filter, email security solution.
So that there are way too many stay always will be some. There are way too many malicious links still ending up in the inbox of the people. Yeah. No, I think that's really interesting. Take, you know, I I feel like at least I've become, you know, really good at sniffing out fishing attacks by email.
And so I wonder is that partially due to the fact that, you know, the companies I've worked for I've done a really good job of you know, making me aware like every time they send these like phishing emails, or things like that, I'm incentive incentivize or disincentivize to click through to them in other words, if I get caught clicking on one, I get this email.
Like, hey dummy, you clicked on a phishing email, or do you think it's just that everybody in society is now getting better at spotting these these fake emails? You know, I think how does technology so you know when I look at my inbox them frequently it's a Oh you really receive emails from let's say chairman Jeff or whoever. And and then this helped me alerting it and I think then people also are sometimes probably a bit more scared and
more educated. So if you've my mother sometimes as that, there's a strange email in my inbox. What should I do? Because she she probably wouldn't wouldn't know what a team. The term fishing means, but she knows that there's, they could be something wrong and I think that this is, It's a, I think it's especially in business. It's a mix of measures. We need training awareness training. Yes, we need this, these approaches, where you get mail sent, and then become informed, okay?
You've clicked one, you should have click but he also needed technology to, to reduce the amount of stuff that dance in it in our inbox or that that where we can do things wrong. So it's a mix of the rioting. But back to the interviewer discussion I had in that a while ago, the point is really, I think we should encourage people to understand that they are part of our defense. Humans are the first line of defense or power of the first line of defense and and do it.
More motivating them. Yeah, they call him the we think it went great. Yeah. Yeah, definitely following you on that one. Okay. Second topic, one of the things that we chatted about prior to, you know, getting on, was that what is it? That could shake up the IGA. So I think a lot of our listeners, they're the identity practitioners of the world. While them either are focused on deploying, IGA running IGA or at least that's somewhere in their
job. Responsibility. And the IGA space has been pretty static. I feel like for the last few years but I think that is due for a shake-up. So I'm wondering is it is a convergence that will shake up, IGA? Or is this something else? It does the space if you need to be shaken up. How much time did you say we have for this pain? I've heard of ours.
Okay, there's there's there's a lot of stuff to talk about and maybe doesn't that is the part where I It could quickly him on the ICA, May 9th to 12th Berlin. Greatly is very Central to the town. So people have to be moved their last year to Berlin and the venue is really a great one. So don't miss it be there. It's it would be really fun and we'll talk about a lot of things where we feel identity management must change or is about to change nothing in some areas. We already see the.
So we see this Cloud infrastructure, entitlement management. Or we call it during Dynamic resources, Island, access management stuff really impacting the traditional Pam, the British access management Market, we see the delivery from the cloud. We have this concept of identity Fabrics.
I think we started talking about is three four, five years ago already and wrote quite a lot of stuff and we see this picked up being picked up more and more as a umbrella as a holistic perspective on. It does this mean that we need Sort of technically, conversions of all Solutions in 21 other. And with the others, I'm a bit reluctant, because we have seen so many big monolithic Tools in many areas of it's--, which didn't really succeed over time and I'll sing in an age of micro
services and container-based. Deployments and modern architectures, we and apis. We can do it at different and better. So, having something where we can put together various elements into a the common framework with a consistent UI with consistent sets of apis etcetera. One of the big things I believe is, which is coming back. By the way, is policy-based access controls. So, when you look at the success of opa, open policy. Hm. Then this is a clear indicator for that.
And so I think we will see changes. We need changes. Also look at IGA, I think everyone struggles with Roland Rose and recertification, so, Need to change something, no doubt about it, but all of that would be probably topics for separate sessions. Happy to be back here and go into Deep dive on some of these. Well it's an open door obviously whenever you want to come back
with us, you know. And it struck me when you mention, apis and moving more to an API based approach or microserver, microservices based approach. I still feel like, you know, as I talk with, you know, our clients in the real world, what work Stuff is they struggle just getting this stuff deployed and this is one of my predictions that I have last year at the end of 2020 to was.
I think, like a lot of organizations are gonna take a step back to try to get back to basics a little bit when it comes to Identity. And IGA is one of those basic foundational technologies that if you do it, right, it's awesome, right? It helps so many different things but it's very difficult to get deployed and to get the
pulley, right? And think, one of the things that I'll point a finger At the vendors in this space is they distract quite a bit with bells and whistles that are great to have but are more like a year three year five of the deployment and it hasn't been enough Focus. Paid on getting the basics right? Humble yeah off-boarding things like that. Yeah I think that's part of it and I think we the toys also when you start doing IGA right today then you need to do it
right for the next decade. Or so. So I think it's done. So thinking about how Masters look for the next 10 years. Known how not, how how did it look for the past 10 years and everything? You brought it up to the bells and whistles and they dared a lot of things which are saying, okay, I help you dealing better
with rolls. I help you doing recertification more efficiently but I think it's time that we step back and say how can we sort of Cure the root call, the cause not the symptoms and illnesses really dealing with symptoms. As I've said a huge topic here which probably could keep our hours discussing and maybe we split this into some parts and do it over the next couple of months. Well, we definitely be open to that. Let me move us on to the next question.
This area or the last one in the section which is really around the cybersecurity Leadership Summit. So that's the other event that you guys do in addition to you. I see that maybe you can talk about for a second but many what I noticed is that many of your speakers are cisos and my thinking is that many, I am practitioners folks like myself and Jeff. Aspired to be cisos is that I am a good path for becoming a see. So, and what advice would you give to? And I am practitioner that wants
to become a see. So, yeah. So I think the thing first you should ask yourself, do I want to become a sea? So it's a pretty hot chair, isn't it? And you look at like look at it. So that is truly one power of it and the other But I think this is more promising. Where do you feel most comfortable? Sorry, do you feel being a manager? As I see. So it means you do a lot of management stuff. You you do a lot of things more about managing everything by
risk, a lot of reporting. So I think that's that's what you need to be clear about it. So what do you want to achieve? But if you want to become a seesaw, do identity, surely is a good. Starting point, s, it can be
cyber security experience. I think the advantage of, of identity, as a starting point is that you have a lot of stuff, which is around governance, which is along around risk, which is around working with the business, probably more than when you're in some of the sort of the core areas of cybersecurity, whatever, configuring fire, firewall rules, or so. And you're further away, Away from some of these core skills of a seasonal talking
communicating with the business governance risk aspect, is that era? So identity surely can be a good good starting point when you say okay see so is my career Target. You know, you got to be cool pretty well-rounded and security to be a Cecil, right? Can't just be focused on one
area. I think you bring up a lot of interesting points about you know if you're looking to go down that path, having those relationships with the business is a huge part of being in sort of that, you know, leadership management capacity is developing those relationships, you know, learning how to work with people, you know, across the aisle. So to speak, right? Or another business units, whatever it may be, I think the The thing that sometimes can be a challenge as you have to know
which battles to fight. If everything is on fire, then nothing's on fire. So you have to be able to prioritize and say, okay this is when we can solve things because most cisos do not have an unlimited, you know, budget of money resources time. They've got to pick and choose where where is the risk now? And do I need, do I need to mitigate and work on now versus something that I can punch him
later? Which is, by the way, a lot of the things I A lot of barbiturates optimizing your tools portfolio, because the problem when you take facility, broader cyber security perspective, is that there are a lot of tools that a lot of these tools came in, because something went wrong or something, went wrong in a company.
And there was an urge to acquire a solution to your throat, too long at the problem, and hope that it helps, which means that there are a lot of tools not very well integrated. And I recommend to everyone step back and do really, a sort of an assessment of your cyber 622 security, tools, portfolio, which should include identity management. And you can also do it for identity management.
What do you really need? Who should own it, what contributes to the risk mitigation best at which price at which total cost of ownership? The problem in cybersecurity, surely is retiring, cyber security, tools is a risk because if exactly in that area, something goes wrong. Then you're in trouble. On the other hand you frequently have overlapping capabilities and reducing complexity definitely helps also in doing more with your always tight budgets.
And so, I think this exercise is always worse time and money spent is a really good points and I know where I'm going but of time. So I want to get. So maybe a little bit of a lightning round here. Take advantage of a big brain and talk through maybe some of these Buzz words that I keep hearing in the identities. Based, I'm sure we're all starting to grow tired of it. So the idea here is we're going to throw out a term and then Martin and like 30 seconds to a minute.
Give us your thoughts on it and we're going to start with, with the elephant in the room decentralized identity. What are your thoughts on it? One of the most promising technology areas that last year with you, I see, we started the first time where you talking about, how can you improve your identity broses as your existing Legacy? I am. But integrating with these varieties identity and I think there's a huge huge potential to look out by saying I have something and identity.
I can use that for making decisions for improving my onboarding process, think about work for Mary anywhere. So there's a really huge potential in that Don't just look at it as blockchain ID and something. Esoteric it's there and you can use it to make it to really, massively improve your I am. As of right now, January 20 23. Is it a technology in search of a problem? Whereas there are applicable use cases that people should be jumping on just to start leveraging that decentralized
concept. I think onboarding of business partners and to a certain extent, even I'm pleased, it's a great area, a side of the typical consumer authentication, use cases, but I think this is one of the the areas, which is great A bit on the longer term because it needs a lot of innovation in all. We do around identity management. That would be if you have a lot of proofs, think about it and using it for policy-based authorizations. But that's probably the second
or third. Step one boarding improving processes. That area could be to lower hanging fruit. Okay. How about see IEM? Cloud infrastructure and title it management. I feel like this is a area that got pretty hot sort of like the beginning of 2022. Maybe unto 2021. Where is it stands right now? What are your thoughts on that space? Yeah so I think the there's a huge challenge which will render started to create solutions to address the switches we have.
devops we have sore at trial development of applications, we run that also in a natural manner in some Environment, which frequently is a public lot but not necessarily necessarily it could be also whatever they could kubernetes environment in our own Data Center and all this is not static anymore. So historically, we sought about oh we have humans that are managing servers right now. We don't have the service
anymore. We have workloads, they go up and down permanently, change permanent changes, and we have a lot of services that are managing that. Which makes the problem more complex, more Dynamic, and we need solutions for death. I think we should not restrict it to Claude because it's every runtime environment that we need to cover and it's modern infrastructure, it's sort of the entire workloads across the stack. So we need to think this even bigger, but not looking at it.
Surely is a huge risk because that's where I've seen some interesting samples. That's where a lot of organizations have massive, massive over entitle management, management over excessive over entitlement. So nothing about least privilege there and we need to address it and you guys started to work through this process, a dream, which you mentioned earlier, Dynamic, resource and title and an entitlement, and access management had to get it right.
Thanks. We had a conversation with Paul Fisher back in. I want to say March of 20:22, I think is episode 1 36 which would be a good one to check out for kind of people to get some more opinions on that. Jim, I know that key Morecambe or whatever we're pronouncing it, this week is near and dear to your heart. What are your thoughts? Well I I think it's important of important approach but I think it's just one piece of the
puzzle I think. Managing Cloud infrastructure, security holistically, detective controls proactive, controls machine. Accounts human accounts, it's a big picture and I think Keem covers one portion of that. And I find that what Enterprises are looking for is like that, that one solution that covers it all. And so overlaps with all the the software development life cycle because actually, I think there are a lot of these changes come in. So and also there we need a lot of more. Solution.
So so we have a lot of pieces and bits and pieces for protecting that or that or that part of the software development. I'll apply cycle but we need to bring these things together and that will be probably something which keeps the vendors and the organization's busy for the next year's. Yeah, exactly. I posted on Twitter the other day and in memoriam image, about the password password will die and it was you know 2012-2013
everything was struck out. What Your thoughts, you know, up to this year like I feel like we've been saying for a decade now that passwords are going to die. This is the year is going to happen. What are your thoughts on password authentication in the year? 2023 is this is this the year again but at that we start to see things move you know, I'm a bit of Sonic I'm so so probably I would be more on the side of it takes its time and what we see is, definitely a lot of
adopt O'er. Adoption Enterprises. With different types, of password lessons, indication that, that is a positive thing. But when you look at the reality of when you're just using some services in the web, then in most cases it's still username password only. And so we have still a long way to go to the to go past follow us. Everywhere.
In the Enterprises we see see a definitely not take A lot of Technology available that everything is that path will last as if this claimed to be, but I think we're on the right way here. So, we're trending up in the right direction at least, but I miss you, I think it does take a while. Especially we start thinking about, you know, this is a pretty seismic change. I think it's the user experience its Investments that the
Enterprise level. And these generally take a few budget Cycles to kind of work through. I think we're starting I'm down that path but I think it'll be five ten years by the time we see it become really prevalent and if there's an interesting discussion about potentially decoupling the authentication from from everything which is sort of behind so that you sort of can use the same time so that users are can use the way they want to.
Also indicate which changes every now and then because they might change the devices you technology coming while the backend systems are Have been segregated from that. So sort of having a an authentication layer around which is more consistent and which remain stable? Even we feel whatever change from with the one access management to the other access management product. I think this is, this is an interesting way of thinking and basically I think we need to continue what what a lot of
people are stuck. Have started to to talk about and think about the various types of so to speak control planes around identity. You to sort this out. I think this this way of thinking is very helpful. I have to admit. I'm not fully done with my own thinking on that but I'm working on it. What's the thing raise? You can always change opinions and get smarter over time, right? Yeah. Maybe we should ask the question instead of. Is this the year that the
password eyes and ask is this? The decade that the password guys who were at the final conference, right? And you're starting to hear some very exciting. He's from big companies, but even they're taking on some portion of their total passwords. And would you hear about, you know, Citibank knocking out passwords for, you know, hundreds of millions of customers? That's exciting. But I also think you look at the KC leadership report on password list for it and by Alejandro, right?
And there's like, 23 vendors, it remind you of like the early west of almost every The tower within identity access management starts with a lot of vendors that it shrinks down to a smaller number of vendors. Then those vendors start losing direction or stop keeping up with the product then all these newcomers Rush In And then they push the L to either adapt or die. And so I think we're still at that kind of wild-west Phase 23 vendors like that's it's kind of
mind-blowing. Well I think it's weird. A couple of more when you do, go to the windows to watch section, then we probably end up as 50 or so. Not only 23, but I would agree with you and I think that. But is it a decayed where it dies? I think. The problem is that it dies is like wisdom Mainframe, you know, there's a place there will be passwords probably forever. But in more restricted
scenarios, probably. So the Mainframe that were dyed and password and I will die as much as people tried to kill it is still alive. It's like, you know what is dead, may never die for my Game of Thrones fans out there. All right, we're running out of time, but I want to make sure that we end on a lighter note and, you know, we could pick Martin, we can pick your brain all day long for hours like you
said. So we'll definitely have to have you come back on and get into some of the stuff, a little more. Tail. But before we go, it is the new year and I'm wondering if you've made any New Year's resolutions, you know, I would dare to say I gave up on that a bit, so it's wrapped really worked out. So there are things I tried. And moreover the year, maybe this year, probably, I need to get rid of some of the key extra kilos, I have acquired but it's not letting you use resolution.
Your New Year's resolution was to not have a resolution and she's just so to speak Buffon. Jim about yourself, any New Year's resolutions. So I'm a big believer in setting goals to better yourself. And I also think that New Year's is a great time to do it, right? Because you get this break before the end of the year. It's a really think about your life and I come up with strategies and you know, plus the calendars turning over right. So but I did not set any resolutions this year.
That doesn't hold me back from setting up a new goal down the road master. I would encourage everybody to do. I mean, so how I've always lived? My life is very goal-oriented. So I've always got always got to be working towards something. I want to talk to younger people like, you know, teenagers art, I've got a couple of teenagers at home, you know. I tell them they've got to live a goal-oriented life.
You can't just Meander through life and expect to somehow, you know, achieve something important in this world. You've got to be Oriented and you need to in your life, have a mix of short-term, intermediate term and long term goals or I mean in my book otherwise you will never achieve those goals are not going to happen by accident. You're not going to have Financial Fitness in your later years. If you don't set those goals.
For example, you're not going to be healthy and fit if you don't set short and medium and long term goals. So I did not this year. Here. But you know, I'm always setting goals. I'm always there watching my girls, you don't wait for it. Yeah, there you go. Well, that was pretty deep. Let's quickly. Do you see, I think that's good advice. Mine was just to be more more more active on the social networks for the show.
Like, usually what we've been doing is, you know, post an announcement on, you know, Monday's or whatever it is, we put out a new show and that's pretty much it. So, I'm trying to be better about that and be more In the presence with some that stuff so hopefully you know, folks will gauge with that. But yeah, I don't know how long it'll last. I'm probably more with trim when it comes to social networks, to be honest away from her but the ice that's and the same way personally.
But for this podcast, I find it's a great way to interact with listeners. Like we're very, you know, we have really good listeners, they're always very supportive and, you know, thousands around the world which is very cool. So, having an opportunity like tap, you know that In Trust on link that we have a crane filter, media manager, Marina in our organization who really supports me on that.
And she, by the way, she also said, I should mention our upcoming Casey open select offering, which will be launched very soon. So I have a look at this asshole at our website. This is really something which helps you gives you guidance throughout the product selection process. So how do you find the right solution? We start with password Lancers indication. That will be the first area we cover and then we will add hours. Oh, very cool. Maybe.
When it's time you can come back and kind of walk us through what that looks like an end to get the word out. Alright I know we're going a little bit longer than we wanted to but I really do appreciate the time Martin. I think you know one of the things that is always a struggle for me as I listen to these conversations, I'm sitting here like okay well I'm going to produce the episode get it put together. What do we call this show?
Because I feel like it was like all over the place from an identity perspective and my my thought process right now is like something like, you know, picking Martin's brain or some Like that. Do you have any suggestions for what we should call this show? Yeah. I recently at the CSL is conference, I had to do a session of rituals called ask ask, ask me everything, or
something like that. Where people had the opportunity to bring up their questions, we trust, by the way, very interesting because we touch some, some some areas where I sort of, maybe we should do something very different. So, so some things I'll publish about soon. So I like this. Franz because yeah, you ideas come up when having these conversations lately like an opportunity to be here so. Well, yeah, I mean, this is very cool. So maybe something like a am a right. Ask me anything.
I am a Martin Cooper or something like that. Well, that's kind of come up with something but yeah. Okay. Alright, let's go ahead and wrap it up for this week is our first show back from break. So I'm very happy that you're able to join us Martin. I'll have a whole bunch of links in our show notes, You can
connect with. Martin on LinkedIn will have a link to Cooper, your coals website, the European identity, and Cloud conference, definitely want to check out for folks who are able to make it out there as well as identify verse and the Gartner Summit all things like that. So we're on the web identity at the center.com. We're on Twitter at IDC podcast. We're on Mastodon at idac podcast at infosec exchange. That's going to get real confusing at some point. So maybe there's a better way to
do that. But we're always happy to connect and engage with, you know, our listeners and I'm sure Martin's always happy to connect and engage with folks. He's been very generous with his time. Any final thoughts? You want to impart upon the crowd? That is listening Martin for this episode? I think one of the most important things, I always tell people is take the time, sometimes to step back and think about our, are you already heading in the right direction? Is it threats in?
You're doing? Because we all are so, so absorbed in our daily work that we tend to And continue and continue a program. What you're doing? But stepping back a bit of like the singer talk about with is it a symptoms? We are dressing or the course take that time. Always is very valuable. Yeah, for sure, jump about yourself words of wisdom for this first show back. You know, I'm just clearing out the cobwebs, so, you know, I'm so, so on that vacation
hangover. But, yeah, I'm looking forward to this year and I'm looking forward to all of our conference line up and Jeff. We've got to Get approved to go to the European identity conference. I just feel like this should be the year. Yeah. Daniel. If you're listening. That's that's something we probably got to coming your way in a little bit. All right. Let's go ahead and leave it there for this week, Martin. Appreciate the time.
Jim is always appreciate the time, happy New Year to all and with that we'll talk with everyone in the next one. Thanks for listening to the identity at the center podcast. If you like what you heard, don't forget to subscribe. Bribe and visit us on the web and identity at the center.com.