Identity

Regulatory tightening across the EU and UK, including the EU’s new anti-money laundering package and platform-economy rules, as well as emerging age-assurance requirements around online safety, have pushed organizations to formalize identity checks at scale.

But identity verification provider Veriff has published its 2026 Identity Fraud Report, showing that 4.18 percent of all digital identity checks processed through its platform in 2025 were flagged as fraudulent – the equivalent of one in every 25 verification attempts across its global dataset.

Managing identity is one of the more challenging cybersecurity tasks and can soak up a good deal of time and resources.

We spoke to Raz Rotenberg, co-founder and CTO of Fabrix Security, to discuss the rise of self-governing IAM systems that don’t just enforce policy -- but continuously adapt, reason, and remediate access in real time.

A new identity fraud report from AU10TIX looks at how fraud is shifting from isolated attempts to adaptive, self-optimizing systems, and the need for early-warning intelligence to reshape the future of fraud prevention amid rapid advances in artificial intelligence and quantum computing.

“Fraud is no longer a static event; it’s a living signal moving through networks and devices,” says Yair Tal, CEO of AU10TIX. “At AU10TIX, we see the daily challenges our customers face as fraud evolves faster than ever. Our mission is to protect them, not just by responding to attacks, but by anticipating them. Our early-warning system helps ensure their businesses stay one step ahead, detecting risk before truth starts to drift.”

A new study reveals the extent to which medical professionals’ personal information is publicly available online, leaving them vulnerable to stalking and other forms of threats.

The report from data privacy and personal data removal service Incogni looks at 768 medical department heads from major US hospitals to see what personal information is publicly accessible and shows some concerning results.

Modern social engineering attacks no longer begin and end in the email inbox. They move across identity platforms, SaaS tools, and collaboration apps, exploiting gaps between disconnected security products, and employing increasingly sophisticated techniques to evade traditional defenses and reach end users.

To address these threats AI cybersecurity specialist Darktrace is launching a series of enhancements to Darktrace / EMAIL designed to detect and stop attacks spanning communications channels, strengthen outbound email protections and streamline SOC integrations.

The network firewall was designed for a world that doesn’t exist anymore. When corporate assets sat behind a data center perimeter, inspecting packets between ‘inside’ and ‘outside’ made sense.

But today, with workloads spread across multiple clouds, SaaS platforms, and edge environments, that perimeter has dissolved. Attackers don’t need to smash through firewalls when they can compromise privileged credentials and operate from within. A rogue or stolen admin account can cause catastrophic damage, something no network firewall can stop. The battlefield has shifted from networks to identities.

The AI wave is translating into an increased number of AI agents in the workplace, which equates to a surge of both non-human identities (NHIs) and agentic identities. This is resulting in an urgent focus for CIOs and CISOs on identity threats and recovery.

New research from Rubrik Zero Labs, based on a survey by Wakefield Research of over 1,600 IT security decision makers, finds 89 percent of respondents have fully or partially incorporated AI agents into their identity infrastructure, and an additional 10 percent have plans to.

Banks, fintechs, and crypto platforms are ramping up investment in fraud prevention and identity verification (IDV), positioning it as the next layer of cyber defense, according to a new survey.

The study from Regula shows banks are leading this trend: the share of institutions intending to increase IDV budgets by more than 50 percent is nearly tripling -- from 4.4 percent to 15 percent in just two years.

A new report from Ping Identity finds that 68 percent of consumers are now using AI, up from 41 percent a year ago. But at the same time fewer than one in five (17 percent) say they have ‘full trust’ in the organizations that manage their identity data.

The findings of the study, carried out by Talker Research which interviewed 10,500 consumers across 11 countries, show that 75 percent say they are more concerned about personal data security than five years ago. In addition 39 percent cite AI-driven phishing as the modern scam that concerns them most.

The retail industry continues to be a top target for cyber criminals, retailers rely heavily on digital infrastructure to manage consumer data and operations so they remain an attractive target for attackers seeking financial or operational disruption.

The cyberattacks earlier this year hitting UK retail (Marks & Spencer, Co-op, Harrods) are the latest reminder that identity is still one of the weakest links.

New research from Osterman and Silverfort reveals that although nearly 70 percent of organizations believe their identity defenses are ‘mature’ there is a worrying gap between perception and reality.

This comes against a rising tide of identity threats, 72.1 percent of identity leaders report that the threat level of identity-related attacks has increased or remained unchanged in the past year. The most significant jumps include AI-powered attacks, ransomware-based attacks, and social engineering of desk staff to reset credentials or MFA factors (up 14.3 percent).

If you’ve seen ‘Blade Runner’ you’ll know how difficult it can be to determine if someone is human or not. While that was fiction it’s worth remembering that it was set in 2019.

In 2025 and in the real world it’s becoming increasingly difficult to tell humans from bots in the online world. AI-powered bots, nearly indistinguishable from humans, are multiplying rapidly. This presents a growing nightmare for headhunters, security officers and more. We spoke to Terence Kwok, founder and CEO of blockchain identity platform Humanity Protocol, about the challenge of verifying humanity online.

CrowdStrike has launched Falcon Next-Gen Identity Security, a new unified solution aimed at protecting identity across the full attack chain.

The platform covers human users, non-human service accounts, and AI agent identities, delivering security without the usual integration delays typically seen in multi-vendor setups.

With identity security growing more complex a new report shows that of 70 percent of enterprises recognize the need to consolidate their identity security tool stack.

The study by Enterprise Strategy Group for Silverfort finds that while 70 percent of teams plan to expand their use of an existing tool to cover a new use case in the next 12-18 months, 62 percent of organizations plan to implement a new tool to satisfy a use case, hinting that current solutions may not be adequate to satisfy evolving priorities.

The latest Threat Detection Report update from Red Canary shows a rise of almost 500 percent in detections associated with cloud accounts during the first half of 2025.

This significant rise stems primarily from Red Canary’s expanded identity detection coverage and the implementation of AI agents designed to identify unusual login patterns and suspicious user behaviors. This includes identifying logins from unusual devices, IP addresses, and virtual private networks (VPNs), which significantly increases the detection of risky behaviors.