There’s more to security than AI models and keeping them safe. Identity and user security are sure to be hot topics during this year’s RSAC Conference. In this episode, Tom Hollingsworth is joined by Jack Poller and Drew Conry-Murray as they discuss what’s hot in the non-AI areas of security. They discuss the importance of identity-based security and how it can be extended to include non-human employees. They also discuss how enterprises are focused on securing browsers with extensions and not forcing a specific application. The guests debate the advantages and disadvantages of all of these aspects as well as how AI will eventually provide additional context around them all.
We Are Long Past Passwords
Passwords have served their use in the enterprise. We need to start moving away from simple passwords as an authentication mechanism. In this episode of the Tech Field Day podcast, Tom Hollingsworth is joined by Tony Efantis, Karen Lopez, and Fernando Montenegro as they discuss the premise that we are long past passwords, exploring the complexities and frustrations of relying on them for myriad online accounts. The conversation highlights the concept of economic externalities, where developers easily implement simple passwords, but the burden of managing hundreds of unique credentials falls on the individual user. While passwords were initially designed for basic authentication, there has been a shift towards alternative mechanisms like one-time codes sent to email or passkeys because of user laziness and the security risks associated with password reuse and compromised credentials. Ultimately, what is needed a balanced, risk-based authentication approach is necessary, tailoring security levels to the sensitivity of the data being protected, and leveraging technologies like biometrics and background risk assessments to create a more convenient and secure user experience, even as attackers continue to evolve their methods.