Identity at the Center·May 18, 2026·1h 1m·Episode #423

#423 - The Middle Market Identity Security Gap with Robert Snodgrass

Download audio Show notes Apple Podcasts

Show notes

Connect with Robert: https://www.linkedin.com/in/robert-snodgrass-7a199412/

Review the RSM US Middle Market Business Index Special Report on Cybersecurity 2026: https://rsmus.com/middle-market/cybersecurity-mmbi.html?cmpid=ola:45559-idac:bb01

IDPro new member discount: https://idpro.org/idac/

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at http://idacpodcast.com

TIMESTAMPS

00:00:00 Introduction and Scatter Spider social engineering discussion

00:04:00 IDPro discount code and upcoming conferences

00:06:26 Guest intro: Robert Snodgrass and the MMBI report

00:09:05 Defining the modern middle market

00:12:00 The confidence gap: 96% confident, 18% breached

00:15:04 Why attackers log in and top identity investment priorities

00:19:00 Why only 23% of leaders prioritize digital identity

00:22:00 Internal partnerships as the path to identity program success

00:25:10 AI, shadow AI, and non-human identity risks

00:31:00 NHI governance at scale: 45 to 1 ratio

00:34:50 Cybersecurity budget realities in the middle market

00:39:00 EU regulation and top-line cybersecurity drivers

00:42:03 NIST CSF adoption and risk framework value

00:46:00 Incident response planning: the two-minute drill

00:52:16 Bitcoin Pizza Day and closing thoughts

KEYWORDS

identity security, middle market, cybersecurity, MMBI, RSM, Robert Snodgrass, phishing-resistant MFA, non-human identities, NHI, shadow AI, incident response, NIST CSF, IAM, identity governance, ransomware, tabletop exercises, digital identity, cybersecurity budget, identity program, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald

← Previous

#422 - Decoded - Securing AI Agents with Standards You Already Have

Jeff and Jim welcome back Robert Snodgrass, Principal at RSM, for a deep dive into the RSM Middle Market Business Index cybersecurity report. The conversation covers the confidence gap facing middle market organizations, why digital identity remains undervalued despite being the primary attack surface, non-human identity governance, flat cybersecurity budgets, risk framework adoption, and what good incident response preparedness actually looks like. The episode wraps with a spirited Bitcoin Pizza Day toppings debate. Connect with Robert: https://www.linkedin.com/in/robert-snodgrass-7a199412/ Review the RSM US Middle Market Business Index Special Report on Cybersecurity 2026: https://rsmus.com/middle-market/cybersecurity-mmbi.html?cmpid=ola:45559-idac:bb01 IDPro new member discount: https://idpro.org/idac/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com TIMESTAMPS 00:00:00 Introduction and Scatter Spider social engineering discussion 00:04:00 IDPro discount code and upcoming conferences 00:06:26 Guest intro: Robert Snodgrass and the MMBI report 00:09:05 Defining the modern middle market 00:12:00 The confidence gap: 96% confident, 18% breached 00:15:04 Why attackers log in and top identity investment priorities 00:19:00 Why only 23% of leaders prioritize digital identity 00:22:00 Internal partnerships as the path to identity program success 00:25:10 AI, shadow AI, and non-human identity risks 00:31:00 NHI governance at scale: 45 to 1 ratio 00:34:50 Cybersecurity budget realities in the middle market 00:39:00 EU regulation and top-line cybersecurity drivers 00:42:03 NIST CSF adoption and risk framework value 00:46:00 Incident response planning: the two-minute drill 00:52:16 Bitcoin Pizza Day and closing thoughts KEYWORDS identity security, middle market, cybersecurity, MMBI, RSM, Robert Snodgrass, phishing-resistant MFA, non-human identities, NHI, shadow AI, incident response, NIST CSF, IAM, identity governance, ransomware, tabletop exercises, digital identity, cybersecurity budget, identity program, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald