Articles about Identity

The year 2025 will not be a revolutionary one, it will be evolutionary, with developments coming into effect that were necessitated by events and happenings in 2024, and solutions to address these events reaching maturity levels that allow an appropriate, comprehensive response. With threats like ransomware certain to continue, identity resilience is going to become more important in the year ahead and, as such, identity will become the critical component of security.

This shift in emphasis started to take place in 2024, but there will be a greater focus on it among business leaders in the year ahead as they start to understand that identity is one of the biggest threats to any organization as it is a key vector for attackers.

Continue reading →

Identity is at the root of most cyberattacks, but although we're seeing greater adoption of things like biometrics we still rely heavily on passwords.

There's added complication in the form of soaring numbers of machine identities too. Here's what some industry leaders think the identity landscape has in store for 2025.

Continue reading →

Automations empowered by artificial intelligence are reshaping the business landscape. They give companies the capability to connect with, guide, and care for customers in more efficient ways, resulting in streamlined processes that are less costly to support.

However, AI-powered automations also have a dark side. The same capabilities they provide for improving legitimate operations can also be used by criminals intent on identity theft. The rise of low-cost AI and its use in automations has empowered scammers to widen their nets and increase their effectiveness, leading to a drastic increase in identity theft scenarios.

Continue reading →

As we approach the peak holiday shopping season a new survey of nearly 400 IT security decision-makers and retail customers from identity specialist HYPR shows that 58 percent of retail organizations experienced at least one authentication-related breach and 65 percent were victims of identity fraud over the last 12 months.

Retailers have suffered losses of up to $6.27 million in the last year alone due to insecure authentication methods. By contrast financial institutions reported only $4.57 million lost during the same period.

Continue reading →

Nearly half of businesses admit they are only partially confident in their ability to detect deepfakes, leaving them vulnerable to escalating fraud risks according to a new report.

The report from identity solutions company Regula shows 59 percent of businesses consider video deepfakes a serious threat, while 58 percent feel the same about audio deepfakes.

Continue reading →

Cyberattackers are targeting holidays and weekends to cause maximum disruption, yet many businesses remain underprepared outside of standard working hours.

A new report from Semperis, based on a survey of almost 1,000 cybersecurity professionals, shows that 86 percent of surveyed organizations in the US, UK, France and Germany that were attacked were targeted during a holiday or weekend.

Continue reading →

Although it may not make the headlines as often as other forms of cybercrime, identity theft remains an issue.

Now NordVPN has launched an identity theft protection service called NordProtect. Currently available to NordVPN Prime plan users in the US, it merges years of cybersecurity expertise with cutting-edge technology to offer a solution users can trust.

Continue reading →

Modernizing identity systems is proving difficult for organizations due to two key challenges, decades of accumulated identity and access management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs).

A new report from Strata Identity and the Cloud Security Alliance (CSA) finds incompatibility with non-standard, legacy applications is a barrier to deploying advanced application authentication for 71 percent of respondents, further highlighting the issue of technical debt with 54 percent of respondents citing it as their top hurdle when modernizing their IAM architecture.

Continue reading →

Most cybersecurity incidents start with some sort of identity compromise, whether that identity is human or machine.

In order to help organizations gain visibility into their identity security posture Anetac is setting up a community to serve as a collaborative space where cybersecurity leaders, practitioners, and researchers can learn and engage with experts on identity vulnerabilities related to human and non-human identities.

Continue reading →

Cost reduction is a top priority for many organizations, leading to the adoption of various technologies to automate tasks and improve efficiencies for cost savings. However, minimizing risk should also be a key objective for every business.

To achieve this, companies are looking into Identity Governance and Administration (IGA), which is a policy framework and security solution for automating the creation, management, and certification of user accounts, roles, and access rights. This ensures consistency, efficiency, and improved awareness, all of which are essential for reducing security risks. However, implementing IGA can often be seen as a laborious task that gets abandoned before the business experiences the benefits it has to offer.

Continue reading →

In today’s cybersecurity landscape, identity has emerged as the prime target for threat actors, with compromised credentials involved in 49 percent of breaches. Attackers exploit misconfigurations, use generative AI for social engineering, and purchase stolen credentials, highlighting the need for robust identity security. While Identity and Access Management (IAM) has been crucial, evolving threats demand a more proactive and multifaceted approach that integrates threat intelligence tools and processes to protect identity systems effectively.

Implementing a robust Identity Threat Detection and Response (ITDR) strategy may be the solution. ITDR merges continuous monitoring and response with proactive measures, ensuring a resilient and adaptable security posture. A robust ITDR strategy not only prevents and detects threats but also investigates and coordinates responses to restore integrity after identity infractions.

Continue reading →

In an age where cyber threats are becoming increasingly sophisticated, the management and verification of digital identities are at a critical juncture. As various sectors rapidly evolve, decentralized identity (DCI) systems emerge as a revolutionary approach to managing and verifying user identities. These autonomous systems promise to change how we access and use online services. However, many organizations need help with adopting this promising technology.

A recent survey by Ping Identity, which included responses from 700 IT decision-makers worldwide, highlights these challenges. In the UK, 82 percent of IT decision-makers see value in decentralized identities for their customers and employees, yet only about a third (34.5 percent) currently offer this option. A significant reason for this gap is the need for more clarity about the benefits, with 31 percent of respondents unsure what advantages decentralized IDs would bring.

Continue reading →

Active Directory (AD) was introduced in the late 90's when corporate networking barely had virtualization and remote work, not to mention cloud services.

AD controls authentication and authorization to most of an organization's on-premises applications and data, and through synchronization and federation with Entra ID, Okta or other cloud identity provider (IDP) provides these same controls to cloud applications and resources.

Continue reading →

A new study from the Identity Defined Security Alliance (IDSA) finds that 90 percent of organizations experienced an identity-related incident in the past year and 84 percent suffered a direct business impact as a result.

The survey of over 520 identity and security professionals from organizations with over 1,000 employees finds the most significant impact, seeing a measurable rise this year, is distracting from core business (52 percent).

Continue reading →

According to a new survey, 77 percent of organizations have suffered from instances of cyberattacks or data breaches in the past 12 months due to improper access or over-privileged users.

The study from ConductorOne, based on a survey of 523 US-based IT security leaders at companies with 250 to 10,000 employees, also finds 41 percent of respondents say there had been multiple instances of cyberattacks or data breaches due to the same improper access issues.

Continue reading →