Join IDSA
Join IDSA

Archives

  1. Break Glass Accounts – Risk or Required

    October 1st, 2025 by Paul Hunter | Posted in Best Practices, Perspective, Research |

    Tags: , , , , , , , , , , , , , ,

    We have all seen the sign, “In case of fire, break glass, and pull alarm.” While this necessary mitigating control for fire safety is explicitly known and present in almost every building, an analogy translates into the cybersecurity landscape as “break glass accounts.” In fact, few risk-mitigating controls stir as much debate among CISOs as…

  2. Identity Blind Spots on the Network Layer

    September 25th, 2025 by Paul Hunter | Posted in Perspective, Research, Security Outcomes |

    Tags: , , , , , , , , , , , ,

    Webinar Title: Zero Trust Falls Short Without Network Identity: Lessons from Salt Typhoon Date: October 1, 2025 Registration: Save your spot here Abstract Identity for users, applications, servers, and cloud has matured. Network devices are often the exception. Shared device accounts, SSH key sprawl, limited per-command authorization, and weak session evidence create a gap that…

  3. Salt Typhoon: How Network Admin Paths Became Attack Paths

    September 23rd, 2025 by Paul Hunter | Posted in News, Perspective, Security Outcomes |

    Tags: , , , , , , , , ,

    Webinar Title: Zero Trust Falls Short Without Network Identity: Lessons from Salt Typhoon Date: October 1, 2025 Registration: Save your spot here Abstract Salt Typhoon highlights how valid credentials and built in tools can turn network administration into an attacker highway. This post walks a likely attack chain in plain language and shows where identity…

  4. How Convergent Identity-Based Security Reduces Risk, Increases Efficiency

    August 26th, 2025 by Paul Hunter | Posted in Best Practices, News, Perspective, Research |

    Tags: , , , , ,

    This blog was originally published by Bravura Security here.   In an era where 80% of data breaches involve compromised credentials and privilege escalation, traditional identity and access management (IAM) and privileged access management solutions (PAM) solutions are falling behind. While organizations have invested millions in layered implementations rooted in traditional enterprise approaches, these solutions…

  5. 2025’s Identity Security Storm: AI, IoT and Emerging Threats

    August 20th, 2025 by Paul Hunter | Posted in Best Practices, News, Perspective, Research, Security Outcomes |

    Tags: , , , , , , ,

    This blog was originally published by Bravura Security here. A stark reality faces modern enterprises: 94% of cyber attacks now specifically target identity systems, not traditional network defenses. As threats rapidly evolve, organizations struggling with fragmented identity and access management (IAM), privileged and access management (PAM), and password management architectures face increasing risk from sophisticated…

  6. How to Prevent $4M Breaches with Unified IAM and PAM Defense

    August 5th, 2025 by Paul Hunter | Posted in Best Practices, How To Advice, Perspective |

    Tags: , ,

    The identity security landscape has reached a critical tipping point. As AI-powered attack tools become readily available, attackers target identity credentials and privileged access with unprecedented sophistication and scale. Traditional fragmented security approaches are crumbling under the weight of automated threats that can simultaneously exploit both identity and privilege vulnerabilities.  According to EMA Research, the…

  7. 5 Things I learned delivering Zero Trust at Adobe and Cisco

    July 3rd, 2025 by Paul Hunter | Posted in Perspective |

    This blog was originally published by 909Cyber here.   Between 2017 and 2022 I was fortunate to be the leader responsible for the strategy and execution of Zero Trust initiatives at Adobe and Cisco. In my role of running enterprise Security for both companies (of course not at the same time). As the executive leading…

  8. If Identity is the New Perimeter, Then We Need a Compliance Standard

    June 19th, 2025 by Vaughn Camarda | Posted in Best Practices, Security Outcomes |

    In the late 1990s, exploitable vulnerabilities began to traverse the young Internet, proving that poorly coded and tested software could be exploited for fun, financial gain, and the exfiltration of sensitive information. In order to detect these software flaws, vendors like eEye, ISS, and Nessus began creating vulnerability scanners to identify operating systems and software…

  9. The Impact of Security Breaches on Educational Institutions

    June 11th, 2025 by Paul Hunter | Posted in Best Practices, Perspective |

    Tags: , , , ,

    This blog was originally published by Bravura here.   Educational institutions oversee hundreds or thousands of students and faculty members daily. Therefore, it’s no surprise they deal with large volumes of valuable data, like: Student and educator login information. Home addresses. Birthdays. Full names. Social security numbers. Credit card information and other financial records. Education…

  10. The Zero Trust Security Model Companies Need Now

    June 4th, 2025 by Paul Hunter | Posted in Best Practices, Perspective |

    In the last two years, 79% of organizations have experienced an identity-related security breach, according to research from the Identity Defined Security Alliance (IDSA). That’s a truly staggering number, however, the even more shocking statistic is that nearly all of the security and identity professionals surveyed believe their identity-related breaches were preventable if they were…

« Previous EntriesNext Entries »
Background

READY TO MAKE AN IMPACT?

Let's work together to help everyone become more secure.
Join the IDSA