Best listening experience is on Chrome, Firefox or Safari. Subscribe to Fed Tech Talk’s audio interviews on Apple Podcasts or PodcastOne.
This week on Federal Tech Talk, host John Gilroy speaks with Tim Li, principal at Deloitte and a cyber government and public services industry leader. He provides insight on a topic that is of increasing importance to federal information professionals: identity management.
Li uses his two decades of experience in federal IT to put identity management in perspective. The conversation began with his take on privilege misuse and compromised credentials. He contrasted concepts like identity management in point solutions with ecosystems.
When it comes to cybersecurity, some report “insider threats account for 43% of all data breaches.” Li agreed, then expanded on his rationale
It is obvious that today’s federal identity management is fragmented and decentralized. The question remains, how to incorporate best practices for identity management. Li addresses the concepts of Zero Trust and micro-segmentation of networks.
When it comes to the DoD, there is an initiative called Cybersecurity Maturity Model Certification that addresses identity management issues. Katie Arrington, CISO for assistant secretary for Defense Acquisition, was quoted as saying that the CMMC is a new way of thinking about cybersecurity.
Li agrees with the fact that a single point solution or a “checkbox” kind of solution will not allow federal IT professionals to scale with today’s large data stores and a wide range of cloud options.