Security news aggregator

Latest coverage for Identity and Access Management

Identity and access management limits unauthorized access by controlling accounts and permissions; least privilege and MFA reduce breach impact.

95 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Identity and Access Management (IAM) is the set of processes and systems that create and manage digital identities, verify who or what is requesting access, and decide which resources it may use. It covers people, services, applications, and devices across their lifecycle, including account creation, role changes, and removal. Authentication establishes identity; authorization applies permissions.

IAM is a primary control against unauthorized access: stolen credentials, compromised service accounts, or excessive and abandoned permissions can expose systems and data or enable an attacker to move between them. Effective practice combines phishing-resistant multifactor authentication for sensitive access, least privilege through roles or attributes, prompt joiner–mover–leaver changes, and periodic access reviews. Centralized logs and alerts for unusual authentication or privilege changes support investigation, while carefully governed federation and machine identities prevent one compromised trust relationship from granting broad access.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 95

The Fragmented State of Modern Enterprise Identity Enterprise IAM is approaching a breaking point. As organizations scale, identity becomes increasingly fragmented across thousands of applications, decentralized teams, machine identities, and autonomous systems

The Fragmented State of Modern Enterprise Identity Enterprise IAM is approaching a breaking point. As organizations scale, identity becomes increasingly fragmented across thousands of applications, decentralized teams, machine identities, and autonomous systems.  The result is Identity Dark Matter: identity activity that sits outside the visibility of centralized IAM and

Bank Info Security 4 months, 2 weeks ago

Cybersecurity Leadership: Identity, Access, Complexity

CEOs and CISOs on Dealing With the ‘Work From Anywhere’ ChallengeIn this era of "work from anywhere," identity and access management solutions are challenged more than ever. What are the strategies and solutions recommended by top CEOs and CISOs in the cybersecurity sector? An expert panel weighs in.

Bank Info Security 5 months, 1 week ago

Rethinking Cybersecurity in a Platform World

How Consolidation Is Forcing CISOs and CIOs to Rethink Security ArchitectureFor more than a decade, enterprise security has relied on point solutions. Companies invested in separate tools - endpoint detection, firewalls, cloud security and IAM - each designed to address a specific threat or compliance requirement. But that approach is starting to break down.

Bank Info Security 5 months, 3 weeks ago

Rethinking Cybersecurity in a Platform World

How Consolidation Is Forcing CISOs and CIOs to Rethink Security ArchitectureFor more than a decade, enterprise security has relied on point solutions. Companies invested in separate tools - endpoint detection, firewalls, cloud security and IAM - each designed to address a specific threat or compliance requirement. But that approach is starting to break down.

Amazon's AWS GuardDuty security team is warning of an ongoing crypto-mining campaign that targets its Elastic Compute Cloud (EC2) and Elastic Container Service (ECS) using compromised credentials for Identity and Access Management (IAM). [...]

As enterprises refine their strategies for handling Non-Human Identities (NHIs), Robotic Process Automation (RPA) has become a powerful tool for streamlining operations and enhancing security. However, since RPA bots have varying levels of access to sensitive information, enterprises must be prepared to mitigate a variety of challenges. In large organizations, bots are starting to outnumber

Bank Info Security 7 months, 4 weeks ago

Bridging the Consumer Trust Gap in the Age of AI

Ping Identity and Ameris Bank on Stopping Fraud Without Alienating Legitimate UsersIn the latest "Proof of Concept," Rich Keith, director of product and solutions marketing at Ping Identity, and Todd Smith, senior vice president of customer IAM at Bank Ameris, joined ISMG editors to discuss how AI-based fraud is breaking trust models faster than many systems can adapt.

Identity security fabric (ISF) is a unified architectural framework that brings together disparate identity capabilities. Through ISF, identity governance and administration (IGA), access management (AM), privileged access management (PAM), and identity threat detection and response (ITDR) are all integrated into a single, cohesive control plane

Loading more headlines...