Episode 3

full
Published on:

18th Jun 2025

Evolution of Identity Governance in Modern Organizations with Martin Sandren

In this conversation, Joseph Carson and Martin Sandren delve into the evolving landscape of Identity Governance and Access Management (IGA). They discuss the significance of IGA in modern organizations, the challenges faced, and the impact of cloud solutions and AI on identity management. The conversation highlights the need for contextual and adaptive policies, the importance of interoperability, and the role of community engagement through conferences to stay updated in this rapidly changing field.

Key Takeaways

  • IGA is essential for managing access and compliance in organizations.
  • The shift to cloud-based IGA solutions has transformed the landscape.
  • Contextual and adaptive policies are becoming the norm in identity management.
  • AI is playing a crucial role in enhancing identity governance.
  • Interoperability between systems is a significant challenge.
  • Phishing attacks are increasingly sophisticated due to AI advancements.
  • Zero trust principles emphasize reducing friction in access management.
  • Shadow IT and shadow AI pose risks to organizational security.
  • The signal-to-noise ratio in ITDR systems is a major concern.
  • Engagement in conferences and communities is vital for professional growth in IGA.

Chapters

  • 00:00 Introduction to Identity Governance and Administration
  • 01:43 Understanding IGA vs. IAM
  • 04:02 Challenges and Shortcomings of IGA
  • 10:05 The Role of IGA in Modern Organizations
  • 17:20 Modernizing IGA: Cloud Solutions and Innovations
  • 19:07 The Acceleration of Cloud Adoption
  • 21:01 Evolving Identity Management Landscape
  • 22:53 AI's Role in Identity Governance
  • 24:41 Managing Non-Human Identities
  • 26:05 The Rise of Shadow IT and AI
  • 28:37 Future of AI in Identity Management
  • 30:35 Staying Updated in a Rapidly Changing Field

Resources:

Join an IdentiBeer meetup near you

https://identi.beer/

Next Episode All Episodes Previous Episode

Listen for free

Show artwork for Security by Default

About the Podcast

Security by Default
Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends.
Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends, real-world threats, and practical advice for staying safe in the digital world. With insightful interviews and clear explanations, Joseph makes complex topics accessible for both IT professionals and curious listeners alike.

About your host

Profile picture for Joseph Carson

Joseph Carson

I am a distinguished cybersecurity professional with over 30 years of experience in enterprise security and infrastructure.

Throughout my career, I have been an active contributor to the cybersecurity community, serving as an educator, ethical hacker, and speaker at global conferences. I hold both the Certified Information Systems Security Professional (CISSP) and Offensive Security Certified Professional (OSCP) certifications as well as advise various governments, critical infrastructure organizations, and industries such as finance and transportation on cybersecurity matters.
I am the author of "Cybersecurity for Dummies," a book that has gained global recognition for helping companies integrate people, processes, and technology to strengthen their defense against cyberattacks. The book has over 50,000 readers worldwide and provides a straightforward approach to understanding cybersecurity.

In addition to my writing, I have authored numerous articles and research papers, contributing to publications such as The Wall Street Journal, USA Today, Dark Reading, and CSO Magazine. I also host the bi-weekly podcast "Security by Default" which offers insights from leading cybersecurity experts and discusses best practices for navigating security challenges.
I am dedicated to educating the next generation of cybersecurity leaders and his commitment to building a safer internet have made him a respected figure in the cybersecurity community.