A Year of Evolution in Identity Security The year 2025 will not be a revolutionary one, it will be evolutionary, with developments coming into effect that were necessitated by events and happenings in 2024, and solutions to address these events reaching maturity levels that allow an appropriate, comprehensive response. With threats like ransomware certain to continue, identity resilience is going to become more important in the year ahead and, as such, identity will become the critical component of security. This shift in emphasis started to take place in 2024, but there will be a greater focus on it among business leaders in the year ahead as they start to understand that identity is one of the biggest threats to any organization as it is a key vector for attackers. Based on this there will be six key trends that we will see evolving in 2025: 1. Machine identity management will become the cornerstone of identity and access management (IAM), requiring governance, automation and cloud infrastructure entitlement management (CIEM) tools. Machine identities are not new. They’ve been around ever since people have been accessing information and data, but we have realized that these identities can be easily compromised because they are not governed properly with sufficient controls and, in some instances, security teams do not even know what identities exist or where they are. As such identity, observability, discovery and awareness are going to be vital focus areas for security teams in 2025 as they set out to find all the shadows in the organization and discover where all the different types of accounts are hiding, so they can manage and govern them properly. This will be a cornerstone of identity conversations this year. 2. Identity threat detection and response (ITDR) will emerge as a critical layer in the IAM stack to combat identity-centric attacks. With the increase in ransomware attacks, identity resilience is a vital component in combating identity-centric attacks and protecting an organization and its data. However, if companies do not know what identities exist or where they are, they cannot protect them. As such observability, awareness and visibility of all identities within an organization will be critical in driving better identity resilience. To achieve this, By Martin Vilaboy CYBER PATROL By David Morimann 20 CHANNELVISION | JANUARY - FEBRUARY 2025
RkJQdWJsaXNoZXIy NTg4Njc=