Identity is becoming one of the defining
security battlegrounds of 2026, as attackers shift from breaking into networks to exploiting trust, credentials and automated workflows.
SC Media heard from multiple experts that
the “identity perimeter” is already obsolete, with AI-generated phishing and real-time impersonation erasing the old tells that security awareness programs relied on.
As enterprises adopt agentic AI, the challenge expands beyond humans: non-human identities, short-lived tokens, and MCP-connected agents are multiplying faster than most IAM programs can govern.
What follows is a wide range of identity insights on the year ahead.
Infostealers shaping identity
The infostealer economy has fully industrialized the attack chain, making initial compromise a low-cost commodity, says Ian Gray, Vice President of Intelligence at Flashpoint:
Multiple security incidents in 2025 tie back to credentials found in
infostealer logs. This reality has underscored the critical importance of digital trust — specifically, verifying who can access what resources. For 2026, identity is the perimeter to watch, and security teams must proactively hunt for
compromised credentials before they’re weaponized.
Passwordless technology adoption to accelerate
Passkey support is expanding across browsers, operating systems, identity platforms, and credential management tools, says Gary Orenstein, chief customer officer at Bitwarden:
As cross-device portability, credential exchange standards, and recovery options improve,
passkeys will become easier to use across personal and work environments. These ecosystem improvements will lead to: Organizations adopting passkeys where biometric sign-in fits naturally; Passwords remaining essential for shared access, recovery, and edge cases.
When does identity security stop being "someone else's problem" and become the CISO's top line item, asks Jason Rebohlz, Advisory CISO at Expel:
Identity has shifted from an employee productivity enabler to an attack amplifier. It’s no surprise that Expel found that 74% of the attacks they investigated in Q3 2025 were tied to compromised identities. The new adage that “attackers don’t hack in, they log in,” continues to gain traction. This attack concentration is a wake-up call. It’s the signal telling you it’s time to prioritize securing identity in your organization. This starts with implementing passwordless technologies, such as passkeys, and enhancing your post-login activity monitoring to quickly identify when attackers compromise an account.
Identity under siege from AI agents
There will be a rise of invisible authentication, says Peterson Gutierrez, interim CISO at Barracuda:
Identity is reaching its breaking point as users face fatigue around MFA, rotating credentials and app-specific logins. AI agents will add a new layer of complexity as these tools require user credentials to act on their behalf, often with security as an afterthought. This friction is undermining productivity and creating new vulnerabilities for attacks to exploit. The future of authentication lies in smarter, invisible systems that continuously verify users based on behavior, context and device trust while reducing the need for passwords or tokens. The industry needs to shift from proving who you are to proving you’re still you.
IIdentity-based attacks will dominate CISO investments, says Arvind Nithrakashyap, CTO and co-founder of Rubrik:
The scale of non-human identities in the AI era will become a critical vulnerability. Attackers continue exploiting the labyrinth of non-human credentials; however, in 2026, they’ll achieve full-system compromise. A recent survey revealed that 89% of organizations plan to hire professionals in the next 12 months specifically to manage identity security. Identity infrastructure will become more critical than the data infrastructure it protects.
There will be a global rise of AI-enabled deepfake crises, says Gary Barlet, Public Sector CTO at Illumio:
In 2026,
an AI-powered deepfake crisis will redefine digital trust. One fabricated event, magnified by machine learning, will disrupt markets, sway public opinion, and challenge institutions. Its fallout will force governments and enterprises to accelerate content authenticity standards, watermarking, and independent media verification tools. Misinformation defense will become a cornerstone of cybersecurity.
The ubiquity of automation has dramatically increased attack tempo, leaving many security teams behind the curve, says Josh Lefkowitz, CEO at Flashpoint:
While automation can replace repetitive tasks across the enterprise, organizations must not make the critical mistake of substituting human judgement for AI at the intelligence level. This is paramount because a critical threat in 2026 is agentic AI autonomy weaponized against soft targets — API integrations and identity systems. The only winning defense will be human-led and AI-scaled, prioritizing purposeful use to keep organizations ahead of this exponential risk.
AI coding agents will amplify identity misconfigurations, says Ido Shlomo, CTO and co-founder of Token Security:
Coding agents will accelerate development, but also generate identity misconfigurations at scale. Hard-coded credentials, mis-scoped tokens, over-privileged service accounts, and flawed entitlement mappings will propagate through IaC and DevOps pipelines, creating systemic identity debt.
MCP is not secure, says Nancy Wang, SVP and head of engineering and AI at 1Password:
MCP is one of the most important standards in AI right now, but it’s not a security standard. It was designed for interoperability, not containment. Today, any agent that
speaks MCP can plug into your company’s systems, fetch data, and perform actions. That flexibility is powerful, but it also assumes a level of trust that doesn’t exist in enterprise environments. The issue isn’t Anthropic’s implementation, it’s the absence of security primitives in the protocol itself. There’s no built-in identity, no least-privilege enforcement, no audit trail. Once an agent connects, it’s effectively operating with the same access as the user who configured it. That might be fine for local experiments, but at enterprise scale, it’s a liability.
As MCP becomes the lingua franca of agentic AI, it will need a trust layer: a way to verify which agents exist, who they represent, and what they’re allowed to do. Without that, MCP could become the next attack surface for AI supply chain compromise. The right next step isn’t to abandon MCP, it’s to secure it. The ecosystem needs credential brokering, runtime policy enforcement, and verifiable auditability. Those are the ingredients that will turn MCP from a developer playground into an enterprise backbone.
IAM will be rebuilt for non-human identities (NHIs), Itamar Apelblat, CEO and co-founder of Token Security:
IAM stacks built for people cannot keep up with ephemeral agents, short-lived tokens, and dynamic workflows. As local MCP servers proliferate, exposed secrets will increase unless identity systems are redesigned with NHI as the default, not an afterthought.
AI-generated phishing and "smishing"
Rise of phishing-resistant authentication will rise, says David Cottingham, president of rf IDEAS:
Some organizations may feel they’ve “checked the box” on training when it comes to phishing but AI-generated messages are now nearly indistinguishable from legitimate communications, making traditional red-flag spotting (like typos or odd phrasing) obsolete. As a result, phishing may be getting less attention, even as it becomes more dangerous. The solution lies in reducing reliance on human judgment alone and implementing phishing-resistant authentication methods like FIDO2 and smart card-based access.
Collaboration platforms will become the new SMS phishing, driving a surge in real-time identity attacks, says Rhys Downing, threat researcher at Ontinue:
In the coming year, we will likely see collaboration tools like Microsoft Teams become the ‘new smishing.’ Features such as Microsoft’s upcoming Chat with Anyone open the door to direct, unsolicited contact that mirrors SMS phishing, but now inside the enterprise’s most trusted communication channels.
Attackers can purchase a Teams license, spin up a tenant, and send an invitation straight to a user’s inbox and chat window. Once the victim joins, the threat actor can impersonate IT staff or colleagues, deliver malicious files, or socially engineer the user in real time. Since external chat invitations may bypass — or quietly weaken — existing external communication restrictions, many organizations won’t realize how exposed they are until attackers are already inside the chat interface.
Identity-based attacks will evolve beyond credential phishing into real-time impersonation inside collaboration apps, driving higher rates of malware delivery, unauthorized access, and employee compromise. Collaboration platforms are on track to become the next major identity threat vector, one businesses must urgently prepare for.
Identity and global politics
Identity will flare geopolitical tensions, says Jordan Burris, head of public sector at Socure:
In 2026, a cross-border identity conflict will become a geopolitical flashpoint. Every country is pursuing its own vision of national digital identity, but there’s no shared framework for trusting one another’s systems. Instead of interoperability, we’re heading toward an environment where countries increasingly refuse to accept foreign digital credentials in favor of their own. That fragmentation turns identity itself into a geopolitical tool. We’re already seeing it today, but it will accelerate sharply around next year’s election cycle, where identity misuse and influence operations become a major driver of foreign interference. This reflects a broader breakdown in global cooperation around digital identity.”
