PodParley PodParley
PodParley
EP 34 — Cyderes’ Stephen Fridakis on Ephemeral Credentials and Just-in-Time Access episode artwork

EPISODE · Apr 21, 2026 · 29 MIN

EP 34 — Cyderes’ Stephen Fridakis on Ephemeral Credentials and Just-in-Time Access

from Future of Data Security · host Qohash

Stephen Fridakis, CISO in Residence at Cyderes, comes to this conversation with a framework that cuts against how most security teams still operate: stop thinking about perimeters, start thinking about consequences. His argument is that the question of "are we secure or not" is not just unhelpful, it's the wrong unit of measurement entirely, and he offers a more honest alternative built around what an organization can afford to lose versus what must never leave.Stephen makes a precise and underappreciated case for why shadow AI is fundamentally different from every other control problem a CISO has faced. Once sensitive data is submitted to a public model, it is embedded, transformed, and learned. There is no rollback. The most effective response is not detection after the fact but building organizational awareness before the decision to submit is ever made. He also breaks down why static trust models have collapsed under AI, arguing that just-in-time data access and ephemeral credentials are no longer aspirational, they are necessary, and why past behavior can no longer serve as a proxy for future safety.Topics discussed:Reframing CISO governance around consequence management rather than perimeter defense or binary secure/not-secure assessmentsApplying the afford-to-lose framework to prioritize finite security budgets against the data that matters mostUnderstanding AI irreversibility as a distinct control problem where sensitive data submitted to public models cannot be retrievedShifting shadow AI strategy from post-submission detection to pre-decision awareness building across the organizationReplacing static role-based trust models with context-driven identity evaluation that accounts for data stage and purposeMoving toward ephemeral credentials and just-in-time data access as the foundation of modern security architectureEvaluating where AI delivers real operational value versus where uncontrolled use produces unreliable and unexplainable outputsAdvising new CISOs to build both technical depth and business fluency to avoid the most common leadership failure points

What this episode covers

Stephen Fridakis, CISO in Residence at Cyderes, comes to this conversation with a framework that cuts against how most security teams still operate: stop thinking about perimeters, start thinking about consequences. His argument is that the question of "are we secure or not" is not just unhelpful, it's the wrong unit of measurement entirely, and he offers a more honest alternative built around what an organization can afford to lose versus what must never leave.Stephen makes a precise and underappreciated case for why shadow AI is fundamentally different from every other control problem a CISO has faced. Once sensitive data is submitted to a public model, it is embedded, transformed, and learned. There is no rollback. The most effective response is not detection after the fact but building organizational awareness before the decision to submit is ever made. He also breaks down why static trust models have collapsed under AI, arguing that just-in-time data access and ephemeral credentials are no longer aspirational, they are necessary, and why past behavior can no longer serve as a proxy for future safety.Topics discussed:Reframing CISO governance around consequence management rather than perimeter defense or binary secure/not-secure assessmentsApplying the afford-to-lose framework to prioritize finite security budgets against the data that matters mostUnderstanding AI irreversibility as a distinct control problem where sensitive data submitted to public models cannot be retrievedShifting shadow AI strategy from post-submission detection to pre-decision awareness building across the organizationReplacing static role-based trust models with context-driven identity evaluation that accounts for data stage and purposeMoving toward ephemeral credentials and just-in-time data access as the foundation of modern security architectureEvaluating where AI delivers real operational value versus where uncontrolled use produces unreliable and unexplainable outputsAdvising new CISOs to build both technical depth and business fluency to avoid the most common leadership failure points

NOW PLAYING

EP 34 — Cyderes’ Stephen Fridakis on Ephemeral Credentials and Just-in-Time Access

0:00 29:06

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Share this episode

Similar Episodes

I'm ok

Mar 26, 2026 ·1m

Food Saved My Life

Mar 19, 2026 ·34m

Eat More Vegetables: The 4 Foods That Beat Ozempic (Naturally)

Feb 18, 2026 ·11m

How to End Heart Disease with Dr. Fuhrman

Feb 11, 2026 ·45m

Revolutionizing Breast Health: QT Imaging, Overdiagnosis, and What to Do Instead

Jan 27, 2026 ·35m

REMIX: Why we over-shop and compulsively acquire, and how to stop, with Dr Jan Eppingstall

Jan 9, 2026 ·61m

Similar Podcasts

Ask A Spaceman Archives - 365 Days of Astronomy Ask A Spaceman Archives - 365 Days of Astronomy Podcasting Astronomy Every Day of the Year Eat to Live Jenna Fuhrman, Dr. Fuhrman Our health is our most precious gift and smart nutrition can change your life. Each month, join Dr. Fuhrman and his daughter, Jenna Fuhrman as they discuss important topics in the world of nutrition. Eat to Live will change the way you eat and think about food. French Your Way Jessica: Native French teacher founder of French Your Way Boost your French listening skills and test your comprehension with this one of a kind series of podcasts. Get the chance to listen to a real conversation between native speakers talking at normal speed AND customise your learning experience through carefully designed sets of questions (2 levels of difficulty) available for download at www.frenchvoicespodcast.com. All interviews also come with the transcript. French teacher Jessica interviews native speakers of French from around the world who share a bit of their life and passion. Where else would you meet in one same place a French yoga teacher based in Melbourne, a soap manufacturer from Provence, or a couple cycling around the world? That Hoarder: Overcome Compulsive Hoarding That Hoarder Hoarding disorder is stigmatised and people who hoard feel vast amounts of shame. This podcast began life as an audio diary, an anonymous outlet for somebody with this weird condition. That Hoarder speaks about her experiences living with compulsive hoarding, she interviews therapists, academics, researchers, children of hoarders, professional organisers and influencers, and she shares insight and tips for others with the problem. Listened to by people who hoard as well as those who love them and those who work with them, Overcome Compulsive Hoarding with That Hoarder aims to shatter the stigma, share the truth and speak openly and honestly to improve lives.

Frequently Asked Questions

How long is this episode of Future of Data Security?

This episode is 29 minutes long.

When was this Future of Data Security episode published?

This episode was published on April 21, 2026.

What is this episode about?

Stephen Fridakis, CISO in Residence at Cyderes, comes to this conversation with a framework that cuts against how most security teams still operate: stop thinking about perimeters, start thinking about consequences. His argument is that the question...

Can I download this Future of Data Security episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!