Identity at the Center

Jim McDonald is joined by Jeff Margolies, Chief Product and Strategy Officer at Saviynt, to discuss the intersection of artificial intelligence and identity security. Jeff shares his decades of experience in the industry, from building the IAM practice at Accenture to his current leadership role at Saviynt. The conversation covers how AI is making manually intensive identity tasks more efficient, the emergence of Identity Security Posture Management (ISPM), and the critical need to govern identities for AI agents. Jeff also provides his perspective on the future of the identity practitioner and why he remains an optimist in a rapidly changing technological landscape.

Connect with Jeff Margolies on LinkedIn: https://www.linkedin.com/in/jmargolies/

Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com

Timestamps:
00:00:00 - Introduction and Gartner Identity Conference Recap
00:02:11 - Jeff Margolies' Career Journey in Identity and Security
00:04:36 - Returning to Identity and Joining Saviynt
00:06:13 - How AI is Impacting Identity Security and Governance
00:09:56 - The Future of Identity Services in an AI World
00:13:58 - Will AI Disrupt the SaaS Model for Identity?
00:19:50 - The Impact of AI on the Identity Practitioner Job Market
00:26:16 - Identity for AI: Governing Agents and Delegated Authority
00:32:00 - Combating Deepfakes and Proving What is Real
00:34:40 - The Rise of Identity Security Posture Management (ISPM)
00:41:46 - Comparing Posture Management and ITDR
00:44:17 - Advice for CISOs: Why Posture Should Come First
00:49:35 - The Secret to Saviynt's Success and Future Outlook
00:52:19 - Lighter Note: Why Jeff Chose a Tesla for His Daughter

Keywords:
IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Jeff Margolies, Saviynt, IAM, Identity and Access Management, AI, Artificial Intelligence, ISPM, ITDR, Cybersecurity, Identity Governance, SaaS, IGA

In this episode, Jim McDonald welcomes back Martin Kuppinger, Principal Analyst at KuppingerCole, to discuss the rapidly evolving landscape of identity in 2026. With Jeff Steadman away, Jim and Martin dive deep into the intellectual challenges posed by AI agents and the limitations of traditional non-human identity frameworks. Martin explains why organizations are feeling a sense of disillusionment with AI and how a capability-based identity fabric approach can help manage the complexity. They also explore the balance between security and business enablement, the rise of workload identities, and what to expect at the upcoming European Identity and Cloud Conference (EIC) in Berlin.

Connect with Martin: https://www.linkedin.com/in/martinkuppinger/
KuppingerCole: https://www.kuppingercole.com
European Identity and Cloud Conference (EIC) (don’t forget to use our discount code idac25mko): https://www.kuppingercole.com/events/eic2026

Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com

Timestamps
00:00 - Welcome back to 2026 and EIC preparations
02:48 - The shift from future potential to current AI agent challenges
03:12 - Understanding AI disillusionment and the lack of control in regulated industries
05:19 - Security as a business enabler vs progress prevention
09:55 - Why AI agents should not be classified simply as non-human identities
11:43 - Complex relationships between humans, agents, and delegated tasks
15:17 - Self-service identity for knowledge workers and AI productivity
18:40 - The risks of decentralized agent creation and "shadow" AI
21:58 - How AI is being baked into identity products beyond role mining
26:55 - Using usage data to reduce over-entitlements
34:10 - The Identity Fabric: A capability-based approach to IAM
40:33 - Vendor rationalization and the flexibility of the fabric
47:19 - Previewing EIC 2026 topics: Wallet initiatives and consent
52:44 - Final advice: Curing symptoms vs addressing causes

Keywords:
IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Martin Kuppinger, KuppingerCole, IAM, AI Agents, Identity Fabric, EIC 2026, Non-Human Identity, Workload Identity, ITDR, IGA, Cybersecurity

Jeff Steadman is joined by RSM colleagues Rich Servillas and Charles John to explore the critical intersection of identity access management, operational resilience, and disaster recovery. Rich, a director from the cyber response group, shares insights from the front lines of ransomware and cloud intrusions, while Chuck, director of operational resilience, discusses the importance of business continuity planning. The conversation covers the true impact of security incidents on brand reputation and operations, the necessity of out-of-band communication, and why identity is often the first thing challenged and the last thing trusted during a crisis. The guests also provide practical advice for IAM professionals on reducing blast radius through standing privilege reduction and robust logging.

Connect with Rich: https://www.linkedin.com/in/richard-servillas-041a0551/
Connect with Chuck: https://www.linkedin.com/in/chuckjohn/

Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at http://idacpodcast.com

Timestamps:
00:00:00 - Introduction and 2026 conference outlook
00:01:44 - Introducing guests Rich and Chuck from RSM
00:03:56 - Defining operational resilience and business continuity
00:06:22 - When and how to start the planning process
00:09:55 - Chuck's background in public health and emergency management
00:12:44 - The broad impact of incidents on brand and operations
00:16:45 - Key elements every recovery plan must include
00:19:14 - Defining incident severity and matrixes
00:21:52 - Identity as the new perimeter and its operational dependencies
00:24:57 - Why hackers log in rather than break in
00:26:46 - The first hours of a cyber incident response
00:29:35 - Current threat trends and the role of AI
00:31:29 - Updating plans through post-action debriefs
00:34:31 - Cyber insurance gaps and contractual SLAs
00:40:24 - Advice for identity professionals on reducing blast radius
00:46:10 - Personal milestones and looking forward to 2026

Keywords:
IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, IAM, Cybersecurity, Business Continuity, Disaster Recovery, Operational Resilience, RSM, Incident Response, Ransomware, Cyber Insurance, Identity Governance

Jeff and Jim are joined by Gartner Analyst Rebecca Archambault for a special live edition of the podcast recorded at the Gartner Identity & Access Management Summit in Grapevine, Texas on December 10, 2025. Instead of a traditional interview, the trio hosts "Majority Rules," an interactive game show where the live audience votes on pressing and fun identity topics. Listen in to hear the pulse of the room on everything from the biggest buzzwords of the year and the true purpose of analyst 1:1 sessions, to the best strategies for navigating the vendor hall. The group explores audience preferences on IGA, AI risks, non-human identities, and the most common lies told in sales cycles. It is a fun, lighthearted look at what identity professionals are actually thinking about the current state of the industry.

Connect with Rebecca: https://www.linkedin.com/in/rebecca-becky-archambault-4b4285111/
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com

Chapter Timestamps
00:00 - Intro and Game Rules
02:40 - First Question: Favorite Podcast
03:15 - Networking vs. Education
04:08 - Buzzword of the Year: Agentic Identity
04:47 - User Behavior Analytics Usage
05:37 - Expo Hall Memories and Socks
06:20 - The Twist: Battle Royale Rules
06:45 - The True Purpose of Analyst 1:1s
07:55 - Mitigating Agentic AI Risks
08:55 - Strategies for the Vendor Hall
09:37 - The Future of IGA
10:15 - Favorite Gartner Reports
11:05 - Benefits of Just-in-Time Access
11:45 - AI in Authentication Priorities
12:35 - Securing Non-Human Identities
13:05 - Keys to Successful B2B IAM 13:40 - The Hardest Part of Role Mining
14:15 - PAM for AI Agents
14:50 - Keynote Takeaways
15:40 - Measuring IAM Success
16:20 - Defining ITDR
17:05 - The Biggest Lie in IAM Sales
17:35 - Least Favorite Gartner Report
18:10 - Audit Preparation Preferences
18:45 - Common Lies in the Vendor Hall
19:15 - The Most Dangerous Access Right
19:35 - Winner Announcement and Outro

Keywords
IAM, identity management, cybersecurity, Gartner IAM Summit, Majority Rules, game show, Rebecca Archambault, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Agentic Identity, ITDR, non-human identity, role mining, zero standing privileges

#395 - Sponsor Spotlight - Redblock

This episode is sponsored by Redblock. Visit redblock.ai/idac to learn more.

Jeff and Jim come to you live from the Gartner IAM Summit in Grapevine, Texas, for a special Sponsor Spotlight with Redblock. They sit down with CEO Indus Khaitan to discuss how Redblock uses AI and computer vision to solve the "last mile" problem in identity management: disconnected applications.

Indus explains how Redblock acts as an "agentic" layer, using screen recordings to learn administrative tasks for apps that lack APIs. The conversation covers the origin of the company name, the urgency of securing the "long tail" of applications, and how they build trust and guardrails around AI execution. They also discuss the "DoorDash" analogy for identity fulfillment and wrap up with a fun chat about Indus's passion for flying planes.

Connect with Indus: https://www.linkedin.com/in/khaitan/

Learn more: redblock.ai/idac

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at [idacpodcast.com](http://idacpodcast.com)

Timestamps
00:00 Introduction from Gartner IAM Summit
00:46 Guest Introduction: Indus Khaitan of Redblock
01:40 Indus's Journey into Identity
02:41 The Origin of the Name "Redblock"
04:20 The Underserved Market: Services vs. Software
07:34 The Urgency of Securing Disconnected Apps
09:19 Why Traditional IGA and PAM Aren't Enough
11:35 The DoorDash Analogy: Where Redblock Fits
14:30 What Makes Redblock Unique? (Agentic Process Automation)
16:15 Trusting AI with Security Tasks
18:50 Onboarding Apps via Video Recording
21:23 Deployment: Running Air-Gapped on Customer Cloud
22:17 Handling UI Changes and "Full Self-Driving" Analogy
25:40 Integration with SailPoint and Governance Tools
27:13 Speed of Integration: Days vs. Years
32:00 How the "Headless Browser" Works
33:35 Limitations: Web Apps vs. Thick Clients
36:58 Redblock's 2025 Milestones and Future Outlook
39:48 Call to Action: Solving Disconnected Apps
40:27 Impressions of the Gartner IAM Summit
44:26 Are We in an AI Bubble?
46:46 Indus's Hobby: Flying Planes

Keywords
IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Redblock, Indus Khaitan, AI, Artificial Intelligence, IAM, Identity and Access Management, Disconnected Apps, Agentic AI, Computer Vision, Gartner IAM Summit, RPA, IGA, Cybersecurity