Cisco Live 2026 runs May 31 through June 4 at the San Diego Convention Center. I'm speaking this year, which is something I've been building toward for a while. The session is focused on enterprise IAM strategy — specifically the gap between where most large organizations are today (a patchwork of legacy MFA and fragmented identity infrastructure) and where they need to be (a coherent, phishing-resistant, Zero Trust-aligned authentication layer).
What the Session Covers
The talk is structured around a framework I have developed across dozens of enterprise IAM deals: the Authentication Maturity Model. It is not a vendor framework — it is a practical map of the five stages most large enterprises move through on the way to phishing-resistant authentication, with specific decision points, procurement considerations, and implementation sequencing at each stage.
Stage 1 is where most organizations start: SMS OTP and password-based MFA with some SSO. Stage 5 is fully phishing-resistant FIDO2 with device attestation, hardware security keys for privileged access, and passkeys for the broader workforce. The session shows the realistic path from 1 to 5 — and more importantly, where organizations stall and why.
I will be covering: how to build the business case for phishing-resistant MFA when your board thinks "we already have MFA"; the three procurement patterns that accelerate enterprise IAM decisions (compliance deadlines, cyber insurance renewals, and breach response); how to sequence a migration that does not break clinical workflows, factory floors, or remote workers; and how to evaluate FIDO2 hardware vendors on criteria that matter in regulated industries (FIPS 140-2/3 certification, CMMC alignment, PIV interoperability).
Why This Matters: The Security-Sales-Procurement Gap
Most IAM sessions at conferences talk to security architects. Mine is different because I am coming at this from the sales and procurement side. The reason phishing-resistant authentication moves slowly in large enterprises is not technical — the technology is mature. It is organizational. Security teams know what they need. Procurement teams have different priorities. And most vendors do not know how to bridge that gap.
Ten years of closing enterprise IAM deals has taught me that the technical win and the commercial win require completely different conversations. The session will give security teams the language and the frameworks to win both — the technical decision and the budget decision — faster.
If you are in security architecture, you will leave with a procurement playbook. If you are in sales or channel, you will leave with a technical credibility framework. If you are in compliance or risk, you will leave with a maturity model you can show your board.
Who Should Attend
The session is designed for enterprise security teams at organizations with 1,000+ employees navigating an IAM modernization. Channel partners and resellers who want to sharpen their IAM practice will also find it useful — the procurement frameworks apply directly to partner-led deals. Compliance officers in regulated industries (healthcare, government, finance, education) are welcome; I will cover the compliance drivers (CMMC, HIPAA, EO 14028, NIST 800-63B) that are forcing IAM decisions in 2026.
Find Me at the Show
If you are attending Cisco Live 2026, come to the session — I will share the exact room and time closer to the conference. Outside the session, you can find me at the Feitian booth or set up a one-on-one by visiting kevintlam.com/meet?event=ciscolive. Leave your email and I will send you the slide deck and case studies after the session.