Security news aggregator

Latest coverage for Identity and Access Management

Identity and access management limits unauthorized access by controlling accounts and permissions; least privilege and MFA reduce breach impact.

9 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Identity and Access Management (IAM) is the set of processes and systems that create and manage digital identities, verify who or what is requesting access, and decide which resources it may use. It covers people, services, applications, and devices across their lifecycle, including account creation, role changes, and removal. Authentication establishes identity; authorization applies permissions.

IAM is a primary control against unauthorized access: stolen credentials, compromised service accounts, or excessive and abandoned permissions can expose systems and data or enable an attacker to move between them. Effective practice combines phishing-resistant multifactor authentication for sensitive access, least privilege through roles or attributes, prompt joiner–mover–leaver changes, and periodic access reviews. Centralized logs and alerts for unusual authentication or privilege changes support investigation, while carefully governed federation and machine identities prevent one compromised trust relationship from granting broad access.

Volume over time

Weekly headline count for the current query.

Showing 9 most recent headlines Filtered view
Bank Info Security 5 months, 1 week ago

Rethinking Cybersecurity in a Platform World

How Consolidation Is Forcing CISOs and CIOs to Rethink Security ArchitectureFor more than a decade, enterprise security has relied on point solutions. Companies invested in separate tools - endpoint detection, firewalls, cloud security and IAM - each designed to address a specific threat or compliance requirement. But that approach is starting to break down.

Bank Info Security 5 months, 3 weeks ago

Rethinking Cybersecurity in a Platform World

How Consolidation Is Forcing CISOs and CIOs to Rethink Security ArchitectureFor more than a decade, enterprise security has relied on point solutions. Companies invested in separate tools - endpoint detection, firewalls, cloud security and IAM - each designed to address a specific threat or compliance requirement. But that approach is starting to break down.

Bank Info Security 7 months, 4 weeks ago

Bridging the Consumer Trust Gap in the Age of AI

Ping Identity and Ameris Bank on Stopping Fraud Without Alienating Legitimate UsersIn the latest "Proof of Concept," Rich Keith, director of product and solutions marketing at Ping Identity, and Todd Smith, senior vice president of customer IAM at Bank Ameris, joined ISMG editors to discuss how AI-based fraud is breaking trust models faster than many systems can adapt.

Bank Info Security 11 months, 2 weeks ago

Identity Management Is Broken. Can a Digital Worker Fix It?

Benny Porat of Twine Security on Automating IAM With AI, Trusting Digital AgentsTraditional IAM tools fall short in today's complex identity landscape. Twine Security's AI agent "Alex" steps in - not just automating, but acting with business context to tackle IAM tasks. It's not more tools we need, but agents who know how to use them.

Gartner's Pete Redshaw on Why the CISO or CRO Should Take the LeadCybersecurity, IAM, fraud and compliance will converge across financial institutions in the next five to six years. This transformation will follow a phased path, beginning with data integration, followed by tool alignment and eventually team restructuring.

Bank Info Security 1 year, 5 months ago

Insider Fraud: Ignore It at Your Own Risk

British Museum IT Disruption Highlights Missteps in Identity and Access ManagementThe British Museum faced unexpected disruption when a former contractor trespassed into the museum and disabled its IT systems. This disruption highlights the risks posed by disgruntled employees and raises concerns about access rights after employment ends.

Bank Info Security 2 years, 5 months ago

On Point: Identity Fabric Is the Future of Cybersecurity

Improving Security by Integrating IAM Infrastructure, Applications and ServicesProtecting our identities is extremely important. An identity fabric is a robust identity control framework, but before you can roll one out, you need to understand all aspects of the IAM life cycle, assess all the areas of risk and make sure that remediation controls are in place.