Join IDSA
Join IDSA

Tag Archives: identity security

  1. AI agents are forcing a reckoning with identity and control

    February 16th, 2026 by Vaughn-Shane Camarda | Posted in Best Practices, Perspective, Security Outcomes |

    Tags: , ,

    This blog was originally published here. Most organizations never planned for AI to start making real decisions. They started with simple helpers. An agent answered basic questions or generated small automations so teams could avoid opening another IT ticket. It felt harmless. But as these agents become more capable and more autonomous, they begin operating…

  2. The State of Identity Governance in 2026: Why Boards Think Access Is Under Control When It Isn’t

    February 11th, 2026 by Vaughn-Shane Camarda | Posted in News, Perspective, Research |

    Tags: , , , ,

    In many organizations, identity governance appears healthy at the executive level. Provisioning SLAs are met. Access reviews complete on time. Audit findings are addressed. Yet identity-related failures continue to surface in breach investigations, audit reports, and post-incident reviews. The issue is not that identity governance processes are inactive. It is that boards are typically shown…

  3. Enterprise Password Management for the Breach Era

    January 23rd, 2026 by Vaughn-Shane Camarda | Posted in Best Practices, Perspective, Security Outcomes |

    Tags: , , , , , , , , ,

    This blog was originally published here. Credential breaches are a top concern for IT Directors and CISOs across every industry. When attackers compromise user credentials at scale, the ability to reset passwords quickly and securely becomes mission-critical. Yet, most enterprises still rely on legacy password reset tools—solutions that were never designed for the speed, scale,…

  4. Enterprise Password Management: A Secure Access Checklist

    December 29th, 2025 by Vaughn-Shane Camarda | Posted in Best Practices, How To Advice, Perspective |

    Tags: , , , , , , , , , , , ,

    This blog was originally published here IT Admins and CISOs in today’s enterprise environments face mounting challenges in managing passwords across sprawling user bases, applications, and devices. In industries like financial services, higher education, and energy, the stakes are even higher: a single compromised password can lead to data breaches, regulatory penalties, and reputational damage….

  5. CIO POV: What Am I Actually Supposed to Do with Agentic AI?

    December 16th, 2025 by Vaughn-Shane Camarda | Posted in Best Practices, News, Perspective, Security Outcomes |

    Tags: , , ,

    This blog was originally published here. For every enterprise CISO in the world right now, the burning question isn’t about cloud, TPRM, or internal threats. It’s about how to securely and responsibly adopt AI—specifically, agentic AI, the buzziest of today’s AI buzzwords. There’s no shortage of stats on skyrocketing adoption trends. Consider EY’s recent Technology Pulse Poll,…

  6. From AAA to Assurance: How the UK Telecoms Security Act Is Shaping Identity-Based Network Control

    October 31st, 2025 by Vaughn-Shane Camarda | Posted in News, Perspective, Research, Security Outcomes |

    Tags: , , , , , , , ,

    Introduction As CISOs, we often face regulations that seem far removed from the practical realities of running identity and access infrastructure. The UK’s Telecommunications Security Act (TSA) and its accompanying Code of Practice mark a significant shift in that dynamic. Identity and privileged access management are no longer back-office hygiene tasks; they are front-line compliance…

  7. Self Assessment: Modern Access Management Maturity

    October 30th, 2025 by Vaughn-Shane Camarda | Posted in News, Perspective, Research |

    Tags: , , , , , , , , ,

    To conclude this 5 part series on the importance of comprehensive and deliberate NHI governance, we are pleased to share this self assessment framework to help organizations understand where they are in their access management maturity journey. In case you missed it, here’s what we’ve covered so far: 1. Outnumbered and underprotected: the hidden risk…

  9. Close the NHI Governance Gap

    October 23rd, 2025 by Vaughn-Shane Camarda | Posted in News, Perspective, Research |

    Tags: , , , , , , , , ,

    We’ve spent the better part of the last decade tightening our grip on workforce authentication. SSO is widespread. MFA is table stakes. Access reviews, offboarding workflows, and role-based policies are now standard practice. It took time and iteration, but we got there.  Now it’s time to apply that same rigor to machine identities. The service…

  10. Start Governing NHIs by Managing Access, Not Credentials

    October 16th, 2025 by Vaughn-Shane Camarda | Posted in News, Perspective, Research |

    Tags: , , , , , , , , ,

    This is part 3 in our series on non-human identity (NHI) governance. In this post, we focus on one of the most persistent risks in production infrastructure: static credentials and standing privilege. Static credentials are still at large in most environments and many enable dangerously over-permissioned and under-governed access to sensitive systems and data. API…

Next Entries »
Background

READY TO MAKE AN IMPACT?

Let's work together to help everyone become more secure.
Join the IDSA