Join IDSA
Join IDSA

Archives

  1. From AAA to Assurance: How the UK Telecoms Security Act Is Shaping Identity-Based Network Control

    October 31st, 2025 by Paul Hunter | Posted in News, Perspective, Research, Security Outcomes |

    Tags: , , , , , , , ,

    Introduction As CISOs, we often face regulations that seem far removed from the practical realities of running identity and access infrastructure. The UK’s Telecommunications Security Act (TSA) and its accompanying Code of Practice mark a significant shift in that dynamic. Identity and privileged access management are no longer back-office hygiene tasks; they are front-line compliance…

  2. Identity and Access Management and Identity Governance Explained

    October 22nd, 2025 by Paul Hunter | Posted in Best Practices, Perspective, Security Outcomes |

    Tags: , , , , , , , , ,

    Mitigating identity-related access risks is critical as organizations face evolving threats daily. As businesses shift to multi-cloud and hybrid environments, identity sprawl such as shadow IT and unmanaged SaaS apps has become a top attack vector. Identity and access management (IAM) and identity governance and administration (IGA) must now secure identities beyond corporate perimeters, spanning AWS, Azure, Google Cloud, and SaaS platforms…

  3. Break Glass Accounts – Risk or Required

    October 1st, 2025 by Paul Hunter | Posted in Best Practices, Perspective, Research |

    Tags: , , , , , , , , , , , , , ,

    We have all seen the sign, “In case of fire, break glass, and pull alarm.” While this necessary mitigating control for fire safety is explicitly known and present in almost every building, an analogy translates into the cybersecurity landscape as “break glass accounts.” In fact, few risk-mitigating controls stir as much debate among CISOs as…

  4. 5 Reasons Disconnected Apps Are An Enterprise Risk You Can No Longer Ignore

    September 30th, 2025 by Paul Hunter | Posted in Best Practices, News, Perspective, Research |

    Tags: , , , ,

    Companies of every size depend on Identity and Access Management (IAM), Identity Governance and Administration (IGA), and Privileged Access Management (PAM) to secure logins, enforce policies, and meet compliance requirements. These platforms are the backbone of modern identity security. But there’s a problem: they can only secure what they connect to. The apps that don’t…

  5. How Convergent Identity-Based Security Reduces Risk, Increases Efficiency

    August 26th, 2025 by Paul Hunter | Posted in Best Practices, News, Perspective, Research |

    Tags: , , , , ,

    This blog was originally published by Bravura Security here.   In an era where 80% of data breaches involve compromised credentials and privilege escalation, traditional identity and access management (IAM) and privileged access management solutions (PAM) solutions are falling behind. While organizations have invested millions in layered implementations rooted in traditional enterprise approaches, these solutions…

  6. Why You Should Say Goodbye to Manual Identity Processes

    August 6th, 2025 by Paul Hunter | Posted in Best Practices, Perspective, Research |

    Tags: , ,

    As revealed in Cerby’s 2025 Identity Automation Gap Report, 46% of security and IT leaders say their organization has already experienced a security, compliance, or operational issue directly caused by manual identity workflow execution. Why do manual identity workflows continue to exist, when the consequences of getting them wrong are so serious and when automation…

  7. 5 Things I learned delivering Zero Trust at Adobe and Cisco

    July 3rd, 2025 by Paul Hunter | Posted in Perspective |

    This blog was originally published by 909Cyber here.   Between 2017 and 2022 I was fortunate to be the leader responsible for the strategy and execution of Zero Trust initiatives at Adobe and Cisco. In my role of running enterprise Security for both companies (of course not at the same time). As the executive leading…

  8. Mastering Financial Services Compliance With IAM and PAM

    June 25th, 2025 by Paul Hunter | Posted in Best Practices, Perspective, Research |

    Tags: , , , ,

    This blog was originally published by Bravura here. Managing data access is an ongoing journey for businesses in the financial services industry. Policies such as the Sarbanes-Oxley (SOX) Act and the Gramm-Leach-Bliley Act (GLBA) establish regulations that your business must follow when implementing any identity access management (IAM) or privileged access management (PAM) tool. Auditors will check your system for compliance…

  9. Why Identity Automation Fails at 96% of Organizations

    June 24th, 2025 by Paul Hunter | Posted in Best Practices, News, Perspective, Research |

    This blog was originally published by Cerby here. Enterprise security teams have invested billions in identity security infrastructure over the past decade, building sophisticated systems to manage access and monitor risk. But when it comes to executing identity processes and decisions, our latest research reveals that 96% of organizations still rely on manual workflows.  …

  10. The Impact of Security Breaches on Educational Institutions

    June 11th, 2025 by Paul Hunter | Posted in Best Practices, Perspective |

    Tags: , , , ,

    This blog was originally published by Bravura here.   Educational institutions oversee hundreds or thousands of students and faculty members daily. Therefore, it’s no surprise they deal with large volumes of valuable data, like: Student and educator login information. Home addresses. Birthdays. Full names. Social security numbers. Credit card information and other financial records. Education…

Next Entries »
Background

READY TO MAKE AN IMPACT?

Let's work together to help everyone become more secure.
Join the IDSA