All topics
Topic

Identity & Access

Identity as the new perimeter — access, MFA, and passwordless.

Edition #99

Machines Gain Access. Leaders Carry the Risk.

View edition →
  • SecurityInfoWatch

    The Hidden Identity Threat Lurking Behind APIs and Automation

    Machine identities now significantly outnumber human users in many enterprises, with API keys, OAuth tokens, and service accounts often unmanaged, overprivileged, or poorly rotated. The article explains how attackers exploit these vulnerable machine identities and highlights their emergence as a rapidly expanding attack surface that traditional IAM programmes struggle to govern.

Edition #98

Visibility Isn't Resilience. Better Decisions Are.

View edition →
  • Forbes Technology Council

    Why Continuous Identity Verification Is The Future Of Cybersecurity

    Traditional authentication models, built for office-based work, are outdated against attackers who bypass passwords and hijack active session tokens. Continuous identity verification is described as the next standard in enterprise defense architecture.

Edition #95

AI Expands the Attack Surface. Trust Must Evolve.

View edition →
  • Cybersecurity Dive

    Companies Are Failing to Keep Up With AI’s Identity Sprawl, Creating Entry Points for Hackers

    Organisations are rapidly creating accounts and machine identities for AI agents without adequate visibility or governance. These unmanaged identities can introduce excessive access privileges and new entry points for attackers.

Edition #94

Cyber Risk Expands. Leadership Must Align.

View edition →
  • Forbes Technology Council

    Managing Borderless and Machine Identities With Modernized Zero-Trust Principles

    Modern organisations must move away from location-based perimeter security and adopt identity-focused zero-trust architectures. Strong identity visibility and control are required across cloud, edge, and on-premises environments.

Edition #93

Attack Paths Multiply. Ownership Must Be Clear.

View edition →
  • Computer Weekly

    When Your Biggest Security Risk Has Never Signed a Contract

    Non-human AI agents are increasingly acting on behalf of organisations and gaining access to enterprise systems. The article examines the identity, authorisation, and accountability challenges created by securing autonomous entities that are not employees or traditional third parties.

  • Security Magazine

    From the Hammer to the Scalpel: The Evolution of Account Takeover

    Account-takeover attacks have evolved from large-scale credential stuffing and brute-force attempts into targeted social-engineering operations. The article explains why behavioural analytics and continuous verification are increasingly important for identifying authorised fraud and sophisticated impersonation.

  • SC World

    Key Questions to Ask When Evaluating an Identity and Access Management Vendor

    Selecting an IAM platform is complicated by application integrations, directory requirements, and the need for custom development. The article outlines the questions organisations should ask vendors to uncover hidden complexity and determine whether a solution meets their operational needs.

Edition #92

Prevention Isn’t Enough. Recovery Preserves Trust.

View edition →
  • Security Magazine

    Reframing MFA Bypass: Four Identity Gaps Attackers Exploit

    Many incidents described as “MFA bypasses” actually exploit weaknesses surrounding authentication, including session theft, phishing relays, account-recovery processes, and fraudulent identity enrolment. Effective protection therefore requires controls across the entire identity lifecycle.