Highlights from “Hacking the Modern Workforce” Video Chat. To watch the full video go here.

I moderated a discussion on Friday, 4-24-20 with John Racine, managing director, Core Security and Davi Ottenheimer (@daviottenheimer), vp, trust and digital ethics, Inrupt.

Huge thanks to everyone who participated, and see below for the best quotes from the chat room. Lastly, congrats to now two-time winner of best bad idea, Dutch Schwartz of AWS. Watch the highlights video for that yet again awesome moment.

For as long as we can handle it, our video chats will be happening every Friday at 10 AM Pacific/1 PM Eastern. Please follow us on Crowdcast to get announcements of each new video chat and also be alerted the moment a video chat goes live.

Got feedback? Join the conversation on LinkedIn.

Huge thanks to our video chat sponsor, CoreSecurity, a HelpSystems company

Best quotes from the chat room

“One of the hardest aspects we’ve experienced is having so many disjointed systems (particularly legacy or business specific) that don’t integrate well with identity providers. This leads to having to, hopefully, re-create the same roles and keep them synced across those systems.” – Matthew Thomson, vp, IT security, Community First Credit Union

“I think getting the users/business onboard in this processs is also key, they provide the best insights to what kind of access is required for different teams with access to diverse systems. But most times, it seems the business doesnt want the headache that comes with this complex and continuous task.” – Richard U., head, business information security, Emirates NBD

“A metric of IAM health should be to decrease the number of stranded auth events. SSO but with adaptive MFA context.” – Mike Wilkes, CISO, ASCAP

“IDM (Identity Management) is made better by training – but application of IDM on devices and controls have severely watered that down for the industry with the obfuscation of pro vs private identity mixing together” – Elliot Lewis, CEO, Keyavi Data

“Who you are might be situational less critical than what you’re doing when interacting with the data.” – Dutch Schwartz, strategic lead, AWS Global Security Services Team

“I can open a doc with two different intents. One as an employee and another as the head of InfoSec.” – Mike Wilkes, CISO, ASCAP

“Continuous authentication based on tracked behavior that users are unaware of?” – Nelson Melo, founding engineer, Beyond Identity (possibly going for worst idea)

WORST IDEA WINNER: “Force everyone to take a cybersecurity awareness test, like a driver’s license test, and they can only receive a paycheck if they’ve passed.” – Dutch Schwartz, strategic lead, AWS Global Security Services Team