A naukri.com initiative
VentureBeat
2M
23
Identity management in 2025: 4 ways security teams can address gaps and risks
- Adversaries, including nation-states, state-funded attackers and cybercrime gangs, continue to sharpen their tradecraft using generative AI, machine learning (ML) and a growing AI arsenal to launch increasingly sophisticated identity attacks.
- The overwhelming majority of businesses, 90%, have experienced at least one identity-related intrusion and breach attempt in the last twelve months.
- Identity-based attacks are surging this year, with a 160% rise in attempts to collect credentials via cloud instance metadata APIs and a 583% spike in Kerberoasting attacks.
- Every adversary knows that the quicker they can take control of AD, the faster they control an entire company.
- Recent research on authentication trends finds that 73% of users reuse passwords across multiple accounts, and password sharing is rampant across enterprises today.
- The Telesign Trust Index shows that when it comes to getting cyber hygiene right, there is valid cause for concern.
- Security teams and the leaders supporting them need to start with the assumption that their companies have already been breached or are about to be.
- Every security team needs to assume an identity-driven breach has happened or is about to if they’re going to be ready for the challenges of 2025.
- More security teams and their leaders need to take vendors to task and hold them accountable for their platforms and apps supporting MFA and advanced authentication techniques.
- The following are practical steps any security leader can take to protect identities across their business.
Read Full Article
1 Like
For uninterrupted reading, download the app