Join IDSA
Join IDSA

Archives

  1. Start Governing NHIs by Managing Access, Not Credentials

    October 16th, 2025 by Paul Hunter | Posted in News, Perspective, Research |

    Tags: , , , , , , , , ,

    This is part 3 in our series on non-human identity (NHI) governance. In this post, we focus on one of the most persistent risks in production infrastructure: static credentials and standing privilege. Static credentials are still at large in most environments and many enable dangerously over-permissioned and under-governed access to sensitive systems and data. API…

  2. Beyond Humans: Governing Machine Identity Access at Scale

    October 9th, 2025 by Paul Hunter | Posted in News, Perspective, Research |

    Tags: , , , , , , , , ,

    In organizations today, every identity—human or machine—is a potential pivot point in an attack. Most progress in identity security has focused on authenticating people: SSO, MFA, admin lockdowns, automated provisioning. Important steps, but they only address half the identities accessing your systems. The other half—machines like CI/CD pipelines, service accounts, automation tools, AI agents, and…

  3. Outnumbered and Underprotected: The Hidden Risk of Non-Human Identities

    October 2nd, 2025 by Paul Hunter | Posted in News, Perspective, Research |

    Tags: , , , , , , , , , , , ,

    Most security teams have focused their identity governance efforts on managing human access. You’ve got SSO in place. MFA is enforced. There’s a reasonably consistent process for onboarding and offboarding employees. You probably run access reviews on a quarterly basis and, if you’re further along, maybe you’ve deployed a PAM solution to protect privileged user…

  4. Break Glass Accounts – Risk or Required

    October 1st, 2025 by Paul Hunter | Posted in Best Practices, Perspective, Research |

    Tags: , , , , , , , , , , , , , ,

    We have all seen the sign, “In case of fire, break glass, and pull alarm.” While this necessary mitigating control for fire safety is explicitly known and present in almost every building, an analogy translates into the cybersecurity landscape as “break glass accounts.” In fact, few risk-mitigating controls stir as much debate among CISOs as…

  5. How Convergent Identity-Based Security Reduces Risk, Increases Efficiency

    August 26th, 2025 by Paul Hunter | Posted in Best Practices, News, Perspective, Research |

    Tags: , , , , ,

    This blog was originally published by Bravura Security here.   In an era where 80% of data breaches involve compromised credentials and privilege escalation, traditional identity and access management (IAM) and privileged access management solutions (PAM) solutions are falling behind. While organizations have invested millions in layered implementations rooted in traditional enterprise approaches, these solutions…

  6. 2025’s Identity Security Storm: AI, IoT and Emerging Threats

    August 20th, 2025 by Paul Hunter | Posted in Best Practices, News, Perspective, Research, Security Outcomes |

    Tags: , , , , , , ,

    This blog was originally published by Bravura Security here. A stark reality faces modern enterprises: 94% of cyber attacks now specifically target identity systems, not traditional network defenses. As threats rapidly evolve, organizations struggling with fragmented identity and access management (IAM), privileged and access management (PAM), and password management architectures face increasing risk from sophisticated…

  7. How to Prevent $4M Breaches with Unified IAM and PAM Defense

    August 5th, 2025 by Paul Hunter | Posted in Best Practices, How To Advice, Perspective |

    Tags: , ,

    The identity security landscape has reached a critical tipping point. As AI-powered attack tools become readily available, attackers target identity credentials and privileged access with unprecedented sophistication and scale. Traditional fragmented security approaches are crumbling under the weight of automated threats that can simultaneously exploit both identity and privilege vulnerabilities.  According to EMA Research, the…

  8. Compliance and Unified Identity Security in Financial Services

    July 31st, 2025 by Vaughn Camarda | Posted in Best Practices, How To Advice |

    With all the sensitive data financial institutions collect, it should come as no surprise that the financial services industry is one of the top targets for cybercriminals. That’s also why compliance with stringent regulations and standards is so important — in fact, it’s essential for doing business. In the interconnected financial landscape, managing multiple point solutions for compliance…

  9. Mastering Financial Services Compliance With IAM and PAM

    June 25th, 2025 by Paul Hunter | Posted in Best Practices, Perspective, Research |

    Tags: , , , ,

    This blog was originally published by Bravura here. Managing data access is an ongoing journey for businesses in the financial services industry. Policies such as the Sarbanes-Oxley (SOX) Act and the Gramm-Leach-Bliley Act (GLBA) establish regulations that your business must follow when implementing any identity access management (IAM) or privileged access management (PAM) tool. Auditors will check your system for compliance…

  10. The Impact of Security Breaches on Educational Institutions

    June 11th, 2025 by Paul Hunter | Posted in Best Practices, Perspective |

    Tags: , , , ,

    This blog was originally published by Bravura here.   Educational institutions oversee hundreds or thousands of students and faculty members daily. Therefore, it’s no surprise they deal with large volumes of valuable data, like: Student and educator login information. Home addresses. Birthdays. Full names. Social security numbers. Credit card information and other financial records. Education…

« Previous EntriesNext Entries »
Background

READY TO MAKE AN IMPACT?

Let's work together to help everyone become more secure.
Join the IDSA