Hybrid Identity Protection Podcast

Semperis
  • 5.0 (3)
  • TECHNOLOGY
  • UPDATED SEMIMONTHLY

The HIP Podcast is the premier podcast for cybersecurity pros charged with defending hybrid identity environments. Hosted by 15-time Microsoft MVP and Active Directory security expert, Sean Deuby. Presented by Semperis: the pioneers of identity-driven cyber resilience for the hybrid enterprise.

  1. How a Single Breach Can Turn into a Full Compromise with Tim Beasley, Senior Incident Response Consultant at Semperis

    3D AGO

    How a Single Breach Can Turn into a Full Compromise with Tim Beasley, Senior Incident Response Consultant at Semperis

    This episode features Tim Beasley, a Senior Incident Response Consultant at Semperis with decades of experience in compromise recovery and post-breach response. With a background that includes leading recovery efforts at Microsoft’s DART team and helping build the Compromise Recovery Security Practice, Tim brings deep operational insight into what happens after attackers gain access. His work spans ransomware, nation-state intrusions, and large-scale identity compromises across public and private sector organizations. In this episode, Tim explains why gaining access is only the beginning of modern attacks and why identity remains the primary path for escalation. He breaks down how attackers exploit credential exposure and identity infrastructure, and why prevention alone fails without a recovery-first mindset. He shares real-world lessons from incident response and recovery, including how teams contain threats and limit the impact of identity compromises. This episode reframes identity security as a resilience problem and offers a clearer way to think about preparing for the breach you haven’t detected yet. Guest Bio Tim Beasley is a Senior Incident Response Consultant at Semperis. He is Microsoft and VMware Certified, a MIS graduate, and a self-driven IT professional with experience in both public sector and private sector technology. While extremely loyal to employers, Tim has gained quality knowledge throughout a career that's enabled tremendous growth in an IT security environment. He enjoys challenges and implements proactive measures to maintain complete customer satisfaction and success. Guest Quote “Everything in compromise essentially starts with identity. We always say identity is the new perimeter. It's true. All attacks, breaches, every engagement that I've been a part of... all start with a compromised set of credentials.” Time stamps 00:41 Meet Tim Beasley: Cybersecurity Specialist 01:32 Tim's Journey at Microsoft 12:24 The Role of Identity in Cybersecurity 20:57 Real-World Cybersecurity Identity Challenges 23:27 The Big Four in Identity Management 24:01 Flashcard Fiascos: Cyberattacks Across Industries 32:50 Assume Breach Mentality 37:08 Conclusion and Final Thoughts Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory and Entra ID environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Connect with Tim on LinkedIn Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis

    40 min
  2. Rethinking the Human Factor in Identity Security with World-Leading Cyberpsychologist, Dr. Mary Aiken

    FEB 3

    Rethinking the Human Factor in Identity Security with World-Leading Cyberpsychologist, Dr. Mary Aiken

    This episode features Dr. Mary Aiken, Professor of Cyberpsychology at Capitol Technology University and one of the world’s leading experts on the impact of technology on human behavior. With a career spanning academia, law enforcement advisory roles, and global policy work with organizations like INTERPOL and Europol, Dr. Aiken brings deep insight into how human psychology shapes security outcomes. Her work focuses on the human layer of cyber risk—how trust, perception, fatigue, and bias influence behavior in digital environments. In this episode, Dr. Aiken explains why humans aren’t the weakest link in cybersecurity but the most targeted. She shows how attackers weaponize human behavior through phishing, MFA fatigue, and insider recruitment, and why hybrid identity must be treated as a cyber-psychological battlefield. She also discusses what human-aware defenses look like in practice and why intelligence augmentation is critical to psychological and technical resilience. This episode reframes identity security as a human problem first and offers a clearer way to think about protecting people in an increasingly manipulative digital world. Guest Bio Dr Mary Aiken is a world leading expert in Cyberpsychology – the study of the impact of technology on human behaviour. She is Professor of Cyberpsychology and Chair of the Department of Cyberpsychology at Capitol Technology University Washington D.C.’s premier STEM University, and Professor of Forensic Cyberpsychology at the University of East London. Professor Aiken is a Member of the INTERPOL Global Cybercrime Expert Group and an Academic Advisor to Europol's European Cyber Crime Centre (EC3). She is a Fellow of The Royal Society of Medicine, a member of the Medico-Legal Society and an International Affiliate Member of the American Psychological Association (APA). She is a former Global Fellow at the Washington DC Wilson Center, and is a Fellow of the Society for Chartered IT Professionals. She is a former Director of the Royal College of Surgeons (RCSI) Cyberpsychology Research Centre. Dr Aiken's work inspired the CBS PrimeTime TV series 'CSI: Cyber.' Her landmark bestselling book 'The Cyber Effect' was a 2016 'Times book of the year.' Dr Mary Aiken is recognised as an international expert in industry and policy debates at the intersection of technology and human behaviour she has been invited to present at events organised by global organisations such as the United Nations, the European Union, NATO, G7, Europol, INTERPOL and the White House. Guest Quote “People talk about humans being the weakest link in the cybersecurity equation. They're not the weakest link, they're just simply the most targeted link.” Time stamps 01:58 Meet Dr. Mary Aiken: World-leading Expert in Cyberpsychology 03:17 The Psychology of Cybersecurity 10:40 Behavioral Differences Online vs. Real World 15:17 Cyber Behavioral Attack Vectors 23:05 Future of Cybersecurity: AI and Human Collaboration 25:46 Conclusion and Final Thoughts Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory and Entra ID environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Connect with Dr. Aiken on LinkedIn Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis

    26 min
  3. Stopping Ransomware at the Backup Layer with Andy Drag, Staff Product Manager at Cohesity

    JAN 20

    Stopping Ransomware at the Backup Layer with Andy Drag, Staff Product Manager at Cohesity

    This episode features Andy Drag, Staff Product Manager at Cohesity. With a background in systems administration and two managed service provider startups, Andy brings deep, hands-on insight into the challenges IT teams face. Over the last decade, he’s led product management across backup vendors and SaaS continuity platforms, shaping products around integrations, cyber recovery, and resilience. In this episode, Andy shows how ransomware has changed the stakes for backup and identity, and why they must be treated as tier-zero systems. He explains how attackers now target backup platforms, what tighter roles, isolation, and immutability look like in practice, and why actually rehearsing recovery is more important than any architecture diagram. This is a realistic look at whether your recovery plan will work in a real-world attack or only looks good on paper. Guest Bio Andrew Drag is a Staff Product Manager at Cohesity, focused on identity resilience and Microsoft enterprise applications.. He began his career in systems administration before founding two local managed service provider startups, giving him deep, hands-on experience with the challenges IT teams face. Over the last decade, he has transitioned into product management, shaping products across legacy backup and recovery vendors as well as SaaS business continuity platforms with specific focuses on integrations, cyber recovery, and SaaS-ification. Drawing on this blend of practitioner insight and product leadership, he is passionate about building solutions that help organizations stay resilient in the face of change. Based in the New York metro area, he brings a practitioner’s perspective to product leadership, ensuring technology solves real-world challenges. Guest Quote "One of the most important things is testing your recoveries. In a disaster, when you do a recovery, you don't want it to be the first time that you're performing that recovery.” Time stamps 01:16 Meet Andrew Drag: Identity Resilience and Data Protection Expert 01:57 Why Traditional Data Protection Breaks Down 04:19 Modern Data Protection: From Backups to Resilience 05:47 The Hard Truth About Recovering After an Attack 08:43 Core Best Practices for Data Protection 10:32 Elevating Backup and Identity to Tier 0 13:23 Using Backup Data for AI and Analytics 16:22 Conclusion and Final Thoughts Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory and Entra ID environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Connect with Andy on LinkedIn Learn more about Cohesity Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis

    20 min
  4. Inside HIP Conf 2025 with Guido Grillenmeier, Semperis Principal Technologist

    JAN 6

    Inside HIP Conf 2025 with Guido Grillenmeier, Semperis Principal Technologist

    This episode features host Sean Deuby and fellow Semperis colleague Guido Grillenmeier, Principal Technologist, EMEA, in a candid recap of the 2025 Hybrid Identity Protection Conference in Charleston. They trade takeaways on what they heard, what surprised them, and what the event revealed about where hybrid identity security is headed. Sean and Guido highlight some key observations from keynote speakers including Chris Inglis (former US National Cyber Director), Alex Weinert (Semperis CPO and former VP of Identity Security at Microsoft), and other identity security and recovery experts across the world. This is a fast, grounded debrief designed to help you take in the conference highlights and carry forward the insights that will matter most in the year ahead. Time stamps 01:45 Welcome to the HIP Conf Recap 04:27 The Biggest Conference Themes and What They Signal 08:39 Active Directory’s Evolution + Microsoft’s Presence 12:54 Keynotes and the Broader Identity Threat Picture 17:14 Practical Practitioner Takeaways 26:49 Identity Security as an Ongoing Program 31:39 Wrap-Up and What’s Next for HIP Conf Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Watch all the sessions from HIP Conf 2025 Connect with Guido on LinkedIn Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis

    39 min
  5. Fixing Legacy AD Risk in a Hybrid World with Christopher Brumm, Cyber Security Architect at glueckkanja AG

    12/16/2025

    Fixing Legacy AD Risk in a Hybrid World with Christopher Brumm, Cyber Security Architect at glueckkanja AG

    This episode features Christopher Brumm, Cyber Security Architect at glueckkanja AG. With 15+ years in IT security, Chris has worked across Microsoft’s security portfolio and beyond, moving from network and data-center defense into deep identity work with Active Directory and Entra ID. He’s now an identity SME, a GK Identity Community moderator, a frequent community speaker, and a regular writer on security and identity. In this episode, Chris explores the limitations of Active Directory security and how Microsoft’s new Global Secure Access directly addresses those gaps. He breaks down how zero trust principles and granular controls work in practice, and why connecting on-prem servers to the cloud is now simpler and safer. Chris shows how this shift strengthens defenses by enforcing access through identity-first policies instead of outdated network-centric models. This is a clear, field-tested walkthrough of why hybrid identity security needs a new playbook, and how Global Secure Access helps teams close the holes attackers rely on most. Guest Bio For over 15 years, Christopher Brumm has been immersed in IT security topics, possessing extensive knowledge and practical experience in the Microsoft Security Portfolio and beyond. Over the years, he has progressed from network and data center topics to Active Directory and Entra ID, delving deeper into identity security. Today, he is a Subject Matter Expert for Identity in the Security Team and a moderator of the GK Identity Community. He regularly speaks at community events and publishes blog posts on security and identity topics. Chris's latest passion is Global Secure Access, where the themes of identity, security, and networking converge to enable a comprehensive Zero Trust approach. Guest Quote  “It’s not realistic to modernize protocols like Kerberos or SMB to support MFA and device compliance... but we have an option to control the network layer.” Time stamps 01:07 Meet Christopher Brumm: Microsoft Security MVP and CISSP 02:00 The Hybrid Identity Attack Playbook 06:03 Active Directory vs. Entra ID: The Security Gap 09:02 Breaking Down Global Secure Access 11:58 What This Looks Like for Real Users 16:17 Bringing Zero Trust to the Network Layer 17:50 What You Need to Deploy Global Secure Access 20:48 Conclusion and Final Thoughts Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Connect with Christopher on LinkedIn Learn more about glueckkanja AG Watch Christopher’s talk at HIPConf 2025 Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis

    22 min
  6. The Anatomy of Attack Path Management with Daniel Stefaniak, VP Architect - Cybersecurity and Identity at JPMorgan Chase

    12/02/2025

    The Anatomy of Attack Path Management with Daniel Stefaniak, VP Architect - Cybersecurity and Identity at JPMorgan Chase

    This episode features Daniel Stefaniak, Vice President Architect - Cybersecurity and Identity at JPMorgan Chase. With deep experience as an IT architect, consultant, and technical program manager, Daniel has helped design and deploy large-scale IAM and CIAM solutions that support millions of users. He is widely recognized for his expertise in Active Directory and Entra ID and for bringing clear, unfiltered insight into some of the industry’s toughest identity challenges. In this episode, Daniel explains why attack path management is never a one-and-done effort, how to focus on the high-impact issues that matter most, and why success depends on dedicated ownership rather than tools alone. This is an honest and practical look at what it truly takes to understand and manage attack paths in modern identity environments. Guest Bio Experienced IT Architect, Consultant, and Technical Program Manager specializing in Active Directory and Entra ID (Azure AD). A recognized industry leader in Identity and Access Management (IAM) and cybersecurity, with extensive expertise designing and deploying large-scale cloud-based IAM and CIAM solutions supporting millions of users. Former Microsoft Program Manager, instrumental in driving technical content, readiness, and enterprise adoption of Azure AD. Proven ability to lead end-to-end project lifecycles, align security strategies with regulatory requirements, and design robust directory and identity federation solutions. Guest Quote " You cannot be an active directory admin or an architect owner of the service, and run an attack path management program on the side. You need a dedicated team to do it.” Time stamps 01:05 Meet Daniel Stefaniak: The IAM Guy 02:08 The Insanity of Attack Path Management 03:27 Challenges and Realities of Attack Path Management 07:57 Choosing the Right Tools 10:32 Implementing Effective Attack Path Management 12:50 Using OKRs in Tech Path 14:50 Team and Resource Requirements 16:20 Conclusion and Final Thoughts Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Connect with Daniel on LinkedIn Learn more about JPMorgan Chase Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis

    18 min
  7. Beyond Firewalls: The People Behind Cyber Resilience with Nathan Wenzler, Field CISO at Optiv

    11/18/2025

    Beyond Firewalls: The People Behind Cyber Resilience with Nathan Wenzler, Field CISO at Optiv

    This episode features Nathan Wenzler, Field Chief Information Security Officer at Optiv. With nearly 30 years of experience leading cybersecurity programs across government agencies, nonprofits, and Fortune 1000 companies, Nathan has spent his career at the intersection of people, process, and technology. He’s helped organizations redefine what it means to build security cultures that actually work. In this episode, Nathan explains why communication (not technology) s a CISO’s most important skill, how to create a culture that values security without slowing innovation, and why empathy may be the most underrated tool in cybersecurity. This is an insightful look at the people-first mindset behind stronger, more resilient security programs. Guest Bio Nathan Wenzler is a field chief information security officer at Optiv, where he advises clients on how to strengthen and optimize every aspect of their cybersecurity program. With nearly 30 years of experience, he has built and led security initiatives for government agencies, nonprofits and Fortune 1000 companies. Wenzler has served as a CISO, executive management consultant and senior analyst, holding leadership roles at Tenable, Moss Adams, AsTech and Thycotic. He also spent more than a decade in public sector IT and security roles with Monterey County, California, and supported state and federal agencies. He is known for helping security leaders better communicate the measurable value and benefit of a mature, effective cybersecurity program to executives, technical stakeholders and nontechnical business partners. His approach emphasizes not only technical excellence but also the human and organizational factors that drive long-term security success. Wenzler has spoken at more than 400 events worldwide, educating security leaders and professionals on how to excel in their role as an organization's risk expert. He has also served on advisory boards, including the Tombolo Institute at Bellevue College, and is a former member of the Forbes Technology Council. His areas of expertise include vulnerability and exposure management, privileged access management and identity governance, cyber risk management, incident response, and executive-level communications and program management Guest Quote  “If you can win the people over in your organization, you can make those big changes for better identity governance.” Time stamps 01:22 Meet Nathan Wenzler: Veteran CISO and Security Strategist 02:16 Redefining Identity in a World of Infinite Accounts 05:15 How Culture Can Make or Break Your Security Program 13:34 Winning Over the Business: Aligning Security and Culture 24:45 From “Department of No” to Trusted Partner: Fixing Cyber Communication 40:25 The Human Side of Incident Response 46:23 Leading with Empathy: Nathan’s Advice for Security Leaders Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Connect with Nathan on LinkedIn Learn more about Optiv Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis

    51 min
  8. The DNA of Organizational Resilience: Leadership First, Technology Last with Heather Costa, Director of Technology Resilience at Mayo Clinic

    11/04/2025

    The DNA of Organizational Resilience: Leadership First, Technology Last with Heather Costa, Director of Technology Resilience at Mayo Clinic

    This episode features Heather Costa, Director of Technology Resilience at Mayo Clinic. With over two decades of experience building resilience programs at leading healthcare institutions, Heather has redefined what it means to prepare for and thrive through disruption. From Cleveland Clinic to Mayo Clinic, she’s led enterprise-wide recovery strategies that balance people, process, and technology. In this episode, Heather explains why true resilience starts with leadership, not technology, how to set clear priorities when everything feels critical, and how to design organizations that adapt and recover faster. This is a powerful look at the mindset and methods behind building resilience that lasts in healthcare and beyond. Guest Bio Heather M. Costa is a leading authority in cyber and technology resilience, currently serving as Director of Technology Resilience at Mayo Clinic. With over twenty years of experience, she has shaped resilience programs at premier healthcare institutions, notably pioneering business resilience at Cleveland Clinic before architecting Mayo Clinic’s enterprise-wide recovery and continuity initiatives. Heather is a dynamic leader, keynote speaker, and mentor, frequently invited to share her insights at organizations and conferences such as Harvard NPLI, HIMSS, and the HIPAA Summit. She is recognized for building high-performing teams and fostering the next generation of cybersecurity leaders. Heather holds a Master’s in Homeland Security – Information Security and Forensics from Penn State, a summa cum laude Bachelor’s in Emergency Management from the University of Akron, and multiple esteemed certifications including Certified Business Continuity Professional (CBCP), Certified Cyber Resilience Professional (CCRP). She is Vice President for the WiCyS Healthcare Affiliate and a member of several distinguished honor societies. Outside of work, Heather is a dedicated solo mom to five children, inspiring her family and community with her resilience and leadership. Guest Quote "[Resilience]  means not just recovering, but being better. Adapting, where we're wired in our DNA organizationally, to thrive in disruption, not just survive.” Time stamps 01:08 Meet Heather Costa: Cyber Resilience Expert 04:49 Understanding Resilience in Healthcare 22:36 Starting with Minimal Viable Recovery 25:56 Worst Case Scenario Planning 28:30 Building a Resilient Environment 29:33 Heather's Blue Sky Strategy Planning 35:26 What's Missed When Building Resilience 37:43 Final Advice on Resilience Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Connect with Heather on LinkedIn Learn more about Mayo Clinic Connect with Sean on LinkedIn Don't miss future episodes Register for HIP Conf 2025 Learn more about Semperis

    41 min
See All (88)

Ratings & Reviews

5
out of 5
3 Ratings

About

The HIP Podcast is the premier podcast for cybersecurity pros charged with defending hybrid identity environments. Hosted by 15-time Microsoft MVP and Active Directory security expert, Sean Deuby. Presented by Semperis: the pioneers of identity-driven cyber resilience for the hybrid enterprise.

Information

You Might Also Like