Identity is the new perimeter…..
Ahead of this month’s meeting, based on our members feedback, we will be addressing one of the current top priorities within the community (and beyond): Identity.
In 2025, “who has access to what” isn’t just a technical question - it’s your entire threat surface. Whether it’s human users, machine identities, third-party vendors, or rogue service accounts, Identity is the new perimeter, and it’s under constant siege.
Let’s dive into what’s moving in the identity space right now!
Recent Attack: Stolen Tokens, Silent Movement
A recent high-profile breach involved attackers hijacking OAuth tokens tied to a third-party developer integration. No passwords were cracked. No alerts triggered. The attacker sat undetected for weeks, escalating privileges via misconfigured roles and over-permissioned service accounts.
Lesson?
If you’re not auditing token scope and non-human identities, you’re leaving the door wide open.
Identity in 2025: What You Need to Know
Machine identities now outnumber human identities 45:1 in the average enterprise (Gartner, 2025).
64% of organizations say identity-related misconfigurations are their #1 attack vector (CyberArk, 2024).
85% of cloud breaches involved either credential theft, token abuse, or lateral movement via identity exploitation (Verizon DBIR, 2024).
Identity is no longer a backend IAM concern - it’s the battleground.
Emerging Developments Worth Watching
Identity Threat Detection & Response (ITDR)
The new kid on the acronym block. ITDR tools help detect anomalies in identity behaviours - like unusual logins, permission spikes, or identity role creep. It’s EDR… but for users and service accounts.
Just-in-Time Access
More orgs are shifting to JIT access models, where users are granted privileges only when needed and only for as long as needed. It’s cutting down on standing privileges and privilege abuse.
AI-Powered Identity Analytics
AI is helping map behavioural baselines for identity activity, especially in federated environments where users are moving across SaaS, IaaS, and hybrid networks.
From the Community
Here’s how some of our peers are approaching identity in 2025:
Running quarterly access reviews of service accounts just like user accounts
Implementing continuous authentication based on context and behaviour
Tagging every machine identity with owner, expiration, and purpose - no more ghost accounts
If you’re doing something smart around identity, drop us a line - we’d love to feature you anonymously or by name in an upcoming issue.
Don’t forget our upcoming Meeting!
We’ll be discussing identity challenges across industries, and what practical controls are actually working (and which ones aren’t).
You should have already received the invite!
Final Thought
Passwords are dying. Roles are multiplying. Tokens are leaking. And identities - human and machine - are your most valuable and vulnerable assets.
In a world of too much access and too little visibility, the cyber leaders who win are the ones who treat identity like infrastructure - built, monitored, and evolved with intention.
Please don’t forget to join our Linkedin Group (if you haven’t already):
Stronger together.
See you in a few weeks!
Alex
The Defender Dialogues Team 😉
