Articles about Identity

The network firewall was designed for a world that doesn’t exist anymore. When corporate assets sat behind a data center perimeter, inspecting packets between ‘inside’ and ‘outside’ made sense.

But today, with workloads spread across multiple clouds, SaaS platforms, and edge environments, that perimeter has dissolved. Attackers don’t need to smash through firewalls when they can compromise privileged credentials and operate from within. A rogue or stolen admin account can cause catastrophic damage, something no network firewall can stop. The battlefield has shifted from networks to identities.

Continue reading →

The AI wave is translating into an increased number of AI agents in the workplace, which equates to a surge of both non-human identities (NHIs) and agentic identities. This is resulting in an urgent focus for CIOs and CISOs on identity threats and recovery.

New research from Rubrik Zero Labs, based on a survey by Wakefield Research of over 1,600 IT security decision makers, finds 89 percent of respondents have fully or partially incorporated AI agents into their identity infrastructure, and an additional 10 percent have plans to.

Continue reading →

Banks, fintechs, and crypto platforms are ramping up investment in fraud prevention and identity verification (IDV), positioning it as the next layer of cyber defense, according to a new survey.

The study from Regula shows banks are leading this trend: the share of institutions intending to increase IDV budgets by more than 50 percent is nearly tripling -- from 4.4 percent to 15 percent in just two years.

Continue reading →

A new report from Ping Identity finds that 68 percent of consumers are now using AI, up from 41 percent a year ago. But at the same time fewer than one in five (17 percent) say they have ‘full trust’ in the organizations that manage their identity data.

The findings of the study, carried out by Talker Research which interviewed 10,500 consumers across 11 countries, show that 75 percent say they are more concerned about personal data security than five years ago. In addition 39 percent cite AI-driven phishing as the modern scam that concerns them most.

Continue reading →

The retail industry continues to be a top target for cyber criminals, retailers rely heavily on digital infrastructure to manage consumer data and operations so they remain an attractive target for attackers seeking financial or operational disruption.

The cyberattacks earlier this year hitting UK retail (Marks & Spencer, Co-op, Harrods) are the latest reminder that identity is still one of the weakest links.

Continue reading →

New research from Osterman and Silverfort reveals that although nearly 70 percent of organizations believe their identity defenses are ‘mature’ there is a worrying gap between perception and reality.

This comes against a rising tide of identity threats, 72.1 percent of identity leaders report that the threat level of identity-related attacks has increased or remained unchanged in the past year. The most significant jumps include AI-powered attacks, ransomware-based attacks, and social engineering of desk staff to reset credentials or MFA factors (up 14.3 percent).

Continue reading →

If you’ve seen ‘Blade Runner’ you’ll know how difficult it can be to determine if someone is human or not. While that was fiction it’s worth remembering that it was set in 2019.

In 2025 and in the real world it’s becoming increasingly difficult to tell humans from bots in the online world. AI-powered bots, nearly indistinguishable from humans, are multiplying rapidly. This presents a growing nightmare for headhunters, security officers and more. We spoke to Terence Kwok, founder and CEO of blockchain identity platform Humanity Protocol, about the challenge of verifying humanity online.

Continue reading →

CrowdStrike has launched Falcon Next-Gen Identity Security, a new unified solution aimed at protecting identity across the full attack chain.

The platform covers human users, non-human service accounts, and AI agent identities, delivering security without the usual integration delays typically seen in multi-vendor setups.

Continue reading →

With identity security growing more complex a new report shows that of 70 percent of enterprises recognize the need to consolidate their identity security tool stack.

The study by Enterprise Strategy Group for Silverfort finds that while 70 percent of teams plan to expand their use of an existing tool to cover a new use case in the next 12-18 months, 62 percent of organizations plan to implement a new tool to satisfy a use case, hinting that current solutions may not be adequate to satisfy evolving priorities.

Continue reading →

The latest Threat Detection Report update from Red Canary shows a rise of almost 500 percent in detections associated with cloud accounts during the first half of 2025.

This significant rise stems primarily from Red Canary’s expanded identity detection coverage and the implementation of AI agents designed to identify unusual login patterns and suspicious user behaviors. This includes identifying logins from unusual devices, IP addresses, and virtual private networks (VPNs), which significantly increases the detection of risky behaviors.

Continue reading →

Cybercriminals are increasingly using sophisticated identity-based attacks (phishing, social engineering, leveraging compromised credentials) to gain access as trusted users and move laterally across systems undetected.

We spoke to Cristian Rodriguez, field CTO, Americas at CrowdStrike, about the company’s recent research into these attacks and now organizations can defend against them.

Continue reading →

AI-powered fraud is evolving faster than most organizations can detect it. That’s the message from Proof, the identity authorization company, in its new report, The Trust Ledger: Transaction & Identity Fraud Bulletin.

The research reveals how synthetic identities, stolen credentials, and generative AI are fueling a surge in digital impersonation and fraud across industries.

Continue reading →

Recent high-profile attacks have placed increased emphasis on the software supply chain and the need to understand where code has originated.

A developer's coding style is as unique as their fingerprint and, thanks to artificial intelligence, it’s possible to identify an author based on a short code segment. Felix Mächtle, a researcher at the University of Lübeck and member of the AI Grid research network, has developed a tool that does just that. We spoke to him to learn more.

Continue reading →

Organizations are continuing to struggle to identify and address security vulnerabilities in hybrid identity systems such as Active Directory, Entra ID, and Okta.

This is among the findings of a new report, from AI-powered identity security and cyber resilience company Semperis, which is based on results from Purple Knight a free Active Directory security assessment tool by Semperis that has been downloaded by 45,000+ organizations.

Continue reading →

Advanced phishing kits and info-stealing malware have accounted for a 156 percent jump in cyberattacks targeting user logins.

A new report from cybersecurity company eSentire shows attackers are increasingly opting for obtaining login credentials and session cookies via phishing or malware. This then allows them to carry out Business Email Compromise (BEC) attacks, gain access to bank accounts, or steal cryptocurrency.

Continue reading →