Identity and access management is often sold as a technical problem, but real-world deployments tell a different story. For MSSPs managing access across multiple client environments, IAM becomes a test of trust, accountability, decision fatigue, and human behavior. In this episode of CISO Stories, we explore why access reviews become rubber stamps, why least privilege is harder than it sounds, and how cognitive bias can quietly shape security decisions. We also dig into the uncomfortable question: when organizations outsource IAM, are they outsourcing control — or just the labor? Because in the end, identity is not just about who gets access. It is about who owns the risk when access goes wrong. Show Notes: https://cisostoriespodcast.com/csp-224 00:00:00 Introducing Dr. Dustin Sachs and His Cybersecurity Research 00:04:50 Unpacking Automation Bias and Blind Trust in MSSPs 00:13:22 Understanding Shared Responsibility and Accountability with MSSPs 00:20:49 Overcoming Human Assumptions and IAM Management Challenges 00:33:49 Empathizing with Users for Frictionless Cybersecurity Practices
Trust cues for videos
Clips curated by TrustOps carry the Curated label. External embeds link out to the original publishers.