For years, identity and security have operated like two teams working on the same building from opposite ends—each doing important work, but rarely in the same room, and never quite solving the puzzle together.
IAM practitioners lead provisioning, access governance, lifecycle management, and the technical debt buried in decades of Active Directory decisions. Security leaders understand threat landscapes, incident response, risk appetite, and what keeps the board up at night.
But here’s the uncomfortable truth: the threat actors attacking your organization don’t respect that divide. They move laterally through identity. They exploit the gap between what IAM built and security must protect. And, even though 91% of organizations classify Identity Security as a top five initiative, the two disciplines still aren’t talking to each other the way they need to.
It’s time for an honest conversation
That’s exactly why Roy Akerman and I started Identity Decoded — the only podcast where identity and security finally sit down together.
No vendor pitches. No buzzwords. No polished talking points designed to “sound” correct. Just practitioners, leaders, researchers, and members of the cybersecurity ecosystem getting real about what it actually takes to secure the modern enterprise—and what’s broken about the way we’ve been doing it.
We bring two perspectives to every conversation: I come from a background in IAM for one of the largest retailers in the UK, Roy from decades in military and security leadership. We don’t always agree. That’s the point. The tension between those two disciplines is exactly where the most important conversations need to happen.
We launched with a story you need to hear
For our first episode, we sat down with Sreenarayan Ashokkumar, VP of Cybersecurity at Interactive Brokers—one of the world’s most respected financial institutions.
The topic: Mythos, AI-powered attacks, and the security reckoning that’s already underway.
Sree doesn’t sugarcoat anything: “One of my colleagues told me that they put Mythos connectivity into a terminal, inside a Linux kernel. The system was fully patched and had all security agents installed. They basically told it all the IP addresses, both inside and outside, and the model kept pushing itself and broke out of it. There were no CVEs—it basically created a live exploit and broke out of it through the hypervisor. So, let’s get real—this is the threat we’re facing.”
This isn’t a theoretical future risk. It’s happening now, and organizations are calling each other trying to understand what it means.
My take: Mythos is the warning flare. It’s the industry’s signal of what’s to come. And preparing for it isn’t a security team problem or an IAM problem—it’s both, together.
The “identity drawbridge” has to go up everywhere
One of the realizations I keep coming back to is this: identity is the last line of defense that can actually move fast enough to respond to AI-powered attacks.
I think of it as a drawbridge. You can draw it all the way up in a crisis, or part of the way depending on the signals you’re seeing. But right now, most organizations don’t have that drawbridge everywhere they need it—and when they do, there’s still a human in the loop making the call.
The most urgent problem in identity is getting to a place where that drawbridge raises itself, automatically, everywhere it matters, before a human even ever has to decide.
Mythos makes that urgency undeniable.
Watch and subscribe—new episode drops every two weeks
Every conversation on the Identity Decoded podcast will bring together the people doing the work every day—from IAM, security, research, and IT—to unpack what Identity Security should actually look like.
Nothing is off limits as we explore the tensions, tradeoffs, and strategies that help us truly “decode” the state of identity and security today and as we look towards the future. If you work in IAM, cybersecurity, or in a dedicated Identity Security role, this is the must-watch podcast to finally close the gap between historically separate worlds.
Watch and listen everywhere you get your podcasts and click here to subscribe so you never miss when a new episode drops.
