Take these steps to regain resilience
The world going into lockdown in 2020 threw a stark spotlight on the importance of identity.
“Identity and access management” became one of the most widely discussed topics in tech, and security leaders everywhere were scrambling to maintain business as usual in a time that was anything but.
Six years later, and we’re still in the same place. Identity is still the primary control plane for cloud, SaaS and remote access, but attackers are faster, automation is everywhere and response windows keep shrinking.
That’s the theme of a recent webinar from Computing with Sophos CISO Ross McKerchar: What security teams must do when identity is the front door and time is the enemy.
What’s the hold up?
Ross argues many organisations are still adjusting from a perimeter-first mindset to a world where there’s no single firewall to hide behind. In practice, “just do MFA” isn’t a strategy – especially at scale, where policy complexity and everyday change create what he calls “configuration rot.”
“You might be secure at a point in time, but two months later somebody has made a change and they may not understand its implications.”
The result is brittle control: one misstep in access policy can become a single point of failure.
Ross explores what security leaders can do to regain resilience: simplify and standardise where possible, continuously validate identity controls, and assume drift will happen unless you measure and remediate it.
It’s also a reminder that identity security is an operating model spanning people, workloads and the tooling teams depend on day to day – not a one-off project.
How can defenders embrace AI without risk?
The webinar tackles the uncomfortable question of AI: attackers will use it to scale faster, so defenders can’t afford to sit it out. McKerchar’s view is that security teams need to be “risk-on” with controlled AI adoption, both to build speed and to understand how to secure emerging agentic tools before the business races ahead without guardrails.
“I actually think security should be the most risk-on team in the organisation,” Ross said. “Who better to tame a really dangerous technology than a security professional who is paranoid by default?”
What about machine identity?
Finally, the discussion turned to machine identity and secrets management, a timeley area as AI agents are granted system-level access. The core challenge: how to enable capability without handing over the keys?
Ross warns that if an agent’s credentials are abused or exfiltrated, the “blast radius” can expand from a single-session problem to something far more serious.
“It’s kind of like the difference between a single user identity compromise versus a domain compromise,” he said.
“I don’t have the answers, but we as a security community need to figure out how to deal with it – because the world’s not going to stop for us.”
Watch now to learn:
- Why identity remains the primary attack surface, and why complexity and drift undermine controls
- How to pressure-test policies and configurations so one change doesn’t become a breach
- Where AI can help security teams move faster, and what risks to anticipate
- What “machine identity” means in practice as agents, secrets and privileges proliferate
The webinar is available on demand for security leaders who need practical guidance for defending modern identity environments when time – and attackers’ automation – are working against you.
Click Here For The Original Source
