Identity management in 2025: 4 ways security teams can address gaps and risks
venturebeatWhile 99% of businesses plan to invest more in security, only 52% have fully implemented multi-factor authentication (MFA), and only 41% adhere to the principle of least privilege in access management.
Adversaries, including nation-states, state-funded attackers and cybercrime gangs, continue to sharpen their tradecraft using generative AI, machine learning (ML) and a growing AI arsenal to launch increasingly sophisticated identity attacks. Deepfakes, tightly orchestrated social engineering and AI-based identity attacks, synthetic fraud, living-of-the-land (LOTL) attacks and many other technologies and tactics signal that security teams are in danger of losing the war against adversarial AI.
“Identity remains one of the hairiest areas of security—in really basic terms: you need authorization (authZ: the right to access) and authentication (authN: the means to access). In computer security, we work really hard to marry authZ and authN,” Merritt Baer, CISO at Reco.ai, told VentureBeat in a recent interview.
“What we have ...
Copyright of this story solely belongs to venturebeat . To see the full text click HERE