< ciso
brief />
Tag Banner

All news with #identity security tag

168 articles · page 6 of 9

Scaling AWS Managed Microsoft AD: Monitoring and Options

🔍 This post explains how to scale AWS Managed Microsoft AD by choosing between scale-up (edition upgrade to Enterprise) and scale-out (adding domain controller instances), and shows how to use Amazon CloudWatch dashboards to monitor directory health. It highlights key metrics—CPU, memory, disk, I/O, network, and DNS—recommended thresholds, and alerting guidance to inform scale decisions. The guidance recommends preferring reversible scale-out for capacity issues and reserving scale-up for Enterprise-only features such as multi-Region replication and large object counts.
read more →

Top CISO Priorities for 2026: AI, Identity, Resilience

🔐 Taylor Lehmann outlines five CISO priorities for 2026, urging leaders to align compliance work with broader operational resilience rather than treating regulation as the only objective. He emphasizes securing the AI supply chain with end-to-end provenance and tools such as SLSA and SBOM, and strengthening identity management for humans and agents. Lehmann also calls for defenses that operate at machine speed and for improved AI governance through context, advanced testing, and red teaming.
read more →

Public Sector Cyber Outlook 2026: Identity and AI Trust

🔒 AI integration has shifted public-sector cybersecurity in 2026, forcing agencies to adopt AI-native detection and autonomous response, continuous identity verification, and secure-by-design AI deployments. Nation-state actors now automate intrusion, deception, and tailored malware, expanding risk to IT, OT and research environments. Agencies must consolidate platforms, accelerate post-quantum planning, and govern AI at mission scale.
read more →

Four priorities for AI-powered identity and network access

🔐 Microsoft recommends four priorities for identity and network access in 2026: deploy fast, adaptive AI protection; manage and govern AI agents as first-class identities; unify identity and network controls into an Access Fabric; and strengthen identity foundations with phishing-resistant credentials and high-assurance recovery. The post cites Microsoft Entra capabilities and studies showing faster, more accurate admin workflows, and emphasizes applying Zero Trust to agents, networks, and devices.
read more →

Hidden Risks of Orphan Accounts in Enterprise Identity

🔒 Orphan accounts — abandoned human, service, and AI‑agent identities — create persistent, unseen access across applications, platforms, assets, and cloud consoles. These dormant accounts often evade traditional IAM and IGA tools due to integration gaps, unclear ownership, and proliferation of non‑human identities. Continuous identity audit using application telemetry and a unified audit trail can detect, flag, and automatically remediate or decommission orphaned accounts. Orchid positions its Identity Audit as connective evidence to inform IAM decisions.
read more →

Why Security's Future Depends on Identity, Not Perimeter

🔒 Modern security must treat identity as the perimeter rather than the network. As remote work and cloud adoption dissolved traditional edges, attackers increasingly target credentials — a trend underscored by reports from Verizon, Microsoft and Okta — making identity the primary attack surface. Organizations must adopt Zero Trust identity controls such as MFA, SSO, RBAC, PAM, device trust and continuous, adaptive monitoring, and treat identity lifecycle and privilege management as core infrastructure.
read more →

Seven Priority Cybersecurity Projects for CISOs in 2026

🔒 As CISOs prepare for 2026, seven pragmatic projects can strengthen defenses against evolving threats. Priorities include transforming identity and access to cover human and non-human agents and reinforcing email security. Organizations should leverage AI for vulnerability discovery and security automation, enforce enterprise AI governance, adopt a zero-trust-by-default posture, and unify data governance to reduce shadow data and compliance gaps.
read more →

Southeast Asia CISOs' Top 2026 Predictions: AI, Identity

🔒 In conversations with Southeast Asia CISOs, leaders forecast 2026 as a year when AI and cloud become prime attack surfaces, forcing a shift from perimeter defenses to identity- and resilience-centered strategies. They emphasize hardening cloud and AI infrastructure, treating identity as the active perimeter, instrumenting browsers and agents for forensic clarity, and operationalizing resilience both as capability and — in some financial institutions — as a product. Supply‑chain fragility, agentic AI autonomy, session hijacking, and IT‑OT convergence are highlighted as priority risks demanding continuous verification, scoped agent controls, and stronger vendor governance.
read more →

Time to Require Identity Verification for Internet Users

🔐 Australia's 2026 law banning under-16s from social media has reignited debate over whether internet services should require identity verification. Tony Anscombe argues that distinguishing verified and unverified users could reduce abuse, targeted fraud and underage exposure while letting people filter unwanted content. He warns verification methods (biometrics, government ID) carry privacy and data-retention risks and that bans may drive minors to circumvent restrictions, so a balanced regulatory approach is needed.
read more →

CrowdStrike to Buy SGNL for $740M to Add Real-Time Identity

🔐 CrowdStrike will acquire identity security startup SGNL for $740 million to add real-time, risk-aware authorization that grants or revokes access based on current signals rather than static permissions. The deal, expected to close in CrowdStrike’s fiscal Q1 ending April 30, will be paid mostly in cash with some stock subject to vesting. SGNL’s technology layers with existing identity systems from Okta, Microsoft, and AWS, evaluating contextual signals — user behavior, device posture, and threat intelligence — to enforce continuous authorization and address rising machine-identity and AI-agent risks.
read more →

Jamie Norton on securing government and finance systems

🔐 Jamie Norton, CISO at ASIC and vice chair of ISACA, describes persistent cyber challenges across government and financial sectors. He points to legacy systems, weak foundational hygiene, and the need to align people, process and technology while warning that rapid advances in AI will change roles and tooling. Norton emphasizes executive accountability, mentorship, training and a mission-driven culture to retain talent, and champions the mantra Do the basics brilliantly.
read more →

Microsoft Enforces MFA for Microsoft 365 Admin Center Access

🔐 Microsoft will require MFA for all users signing into the Microsoft 365 admin center and will block accounts that do not have MFA enabled starting February 9, 2026. The enforcement covers portal.office.com/adminportal/home, admin.cloud.microsoft, and admin.microsoft.com and follows an initial rollout that began in February 2025. Administrators are urged to enable MFA using Microsoft's setup wizard or official documentation to avoid service interruptions; Microsoft notes that MFA significantly reduces the risk of account compromise.
read more →

CrowdStrike to Acquire SGNL to Expand Identity Security

🔒 CrowdStrike announced an agreement to acquire SGNL to enhance identity-first security across its Falcon platform. The acquisition will integrate SGNL into Falcon Next-Gen Identity Security, providing continuous, context-aware authorization for human, non-human, and AI agent identities. SGNL’s runtime enforcement layer will ingest Falcon risk signals and centralize telemetry to enable just-in-time access, replacing standing privileges with dynamic, risk-aware permissions to reduce the identity attack surface.
read more →

Identity Dark Matter: Unseen Risks in Modern IAM Infra

🔍 Identity has fragmented across SaaS, on‑prem, IaaS, PaaS and unmanaged apps, creating an invisible mass of ungoverned accounts and non‑human identities the author calls identity dark matter. Traditional IAM and IGA address only the nearly managed half of this universe, while APIs, bots, service accounts and agent‑AI remain unobserved and ungoverned. Orchid Security recommends shifting from configuration‑based controls to Identity Observability: collect telemetry from every application, unify audit trails, and extend governance across managed, unmanaged, and agent‑AI identities to achieve measurable visibility and faster response.
read more →

Agentic AI: An Identity Problem CISOs Must Solve Now

🔐Agentic AI introduces a new class of identity that behaves with humanlike intent yet scales and persists like machines. Traditional IAM and PAM were designed for employees and predictable workloads; AI agents are decentralized, easy to create, cross‑platform, and often granted broad privileges, creating serious blind spots. CISOs should apply lifecycle management: assign clear ownership tied to the identity provider, define explicit measurable purpose and scope, enforce least privilege, maintain continuous visibility to detect privilege drift, and automate revocation when agents go idle.
read more →

CISO Resolutions for 2026: AI, Resilience, and Trust

🔒 As AI hype settles, CISOs are refocusing 2026 priorities on resilience, rapid detection, and measurable outcomes. They favor engineering-driven architecture for cloud stability, AI-enabled orchestration to cut dwell time, and broad identity and privilege governance for human and non-human accounts. Visibility and SaaS discovery will curb shadow AI use, while security baked into agentic AI and post-quantum preparedness (cryptographic inventories and vendor roadmaps) become essential. Turning security into a visible trust signal and linking spend to ROI rounds out the agenda.
read more →

Federated Identity Management: Balancing Security and UX

🔐 Federated Identity Management (FIM) enables a single authentication to span multiple applications or organizations, letting users sign in once and reuse identity assertions across services. It improves user experience and resilience while introducing architectural complexity, potential vendor lock-in, and additional service costs. Implementations commonly rely on cloud identity providers such as Google, Microsoft, or Okta and use protocols like SAML, OAuth 2.0, and OpenID Connect.
read more →

Why Passwordless Deployments Fail in Complex Enterprises

🔒 Many enterprise CISOs continue to struggle to abandon passwords despite decades of effort and mounting security risks. RSA’s ID IQ Report 2026, based on a survey of 2,000 security professionals, finds that 90% of respondents report problems with passwordless deployments. Technical complexity across hybrid environments, legacy systems, OT/IoT devices, and inconsistent platform support creates gaps that often force organizations to retain insecure fallbacks. Experts recommend sequencing rollouts to secure privileged users first, using reverse proxies or VPN-enforced SSO for legacy apps, and ensuring end-to-end phishing-resistant enrollment and recovery.
read more →

Agentic AI Forces a New Identity and Authentication Crisis

🔒 Many enterprises are racing to deploy autonomous agentic AI without establishing robust identity and authentication controls, creating an identity crisis for CISOs. Experts warn that fewer than 5–10% of organizations assign formal agent identities (for example via PKI) before wider release, leaving deployments vulnerable to hijacking and prompt-injection. Because agents routinely communicate with one another, a compromised agent can cascade malicious instructions across legitimate agents before revocation, and current vendor solutions and kill switches are incomplete or absent.
read more →

AWS Wickr Admin APIs Reach General Availability Today

🔒 AWS Wickr now provides a suite of admin APIs that let administrators programmatically manage secure communication networks at scale. The APIs automate critical workflows — including user lifecycle management, network creation and deletion, retention and federation policy pushes, and security group placement based on directory attributes — and integrate with identity systems, policy frameworks, and automation pipelines. They are available today in all supported AWS regions, including AWS GovCloud (US-West), via AWS SDKs, the AWS CLI, or direct REST calls.
read more →