Identiverse 2025: Community rallies around common threats and issues

The identity security community is set to descend onto Las Vegas this week for the annual Identiverse 2025 security conference.

Attendees will spend four days discussing the latest developments in the information security and identity management landscapes, including key issues and developments that will shape the way organizations manage identity and handle user information and credentials.

This year's conference will see attendees and speakers mull over a number of issues related not only to credential management, but to the handling of other data, including session tokens and security keys that extend beyond the simple user name and password.

Set to run June 3 through June 6 at the Mandalay Bay Resort, Identiverse is the premier annual conference for the Identity Access Management community. The conference is owned and produced by CyberRisk Alliance and brings together over 3,000 identity, cybersecurity and privacy professionals.

The show will also feature some 70-plus hours of sessions and masterclasses.

AI set to take center stage at Identiverse

As with most aspects of the information security landscape these days, identity management stands to be hugely influenced by the emergence and ongoing development of artificial intelligence technologies.

Among the topics broached on the identity front when it comes to AI are the role generated agents will play when it comes to managing user identities and handling them across multiple platforms and services.

Deepfake fraud is an area where AI and identity management have crossed paths. Experts worry that threat actors are going to be able to make use of the growing crop of open-source and freeware AI tools to defraud services both automated and in-person to evade authentication services.

Identity management providers will now have to consider the possibility that their authentication methods could be gamed by methods such as deepfake or AI automation tools in order to evade detection and falsely gain access to services.

This will not just be limited to something as simple as an account takeover. AI fraud with identity management can be part of a much larger fraud operation. When it comes to processes such as onboarding remote workers, identity fraud will be the first step towards much larger workplace data breaches, as was seen with the recent rash of data heists at the hands of North Korean hackers who had posed as outsourced IT staff at a number of Western organizations.

AI will definitely be weighing first and foremost on the agenda for Identiverse keynote speakers Andre Durand, CEO of Ping Identity, and Michael Coates, former CISO of Twitter and Mozilla.

Panels featuring CISOs from Visa, Google, Capital One, and AWS will offer firsthand insights into today’s most pressing IAM challenges.

There is also the backlash against AI when it comes to identity management. The wave of hype around the technology has led to some companies faking their AI technologies and admitting to creating false identities that were supposedly AI generated but were, in fact, the work of plain old humans.

Surely Identiverse attendees will be talking about not only the role of AI agents in identity management, but also the role us fleshbags will play and when the distinction between machine and human can and should be made.

Identity: kind of a big deal right now

Not to toot our own horn when it comes to Identiverse, but the 2025 edition of the conference comes at a time when the management of identity is more important than ever.

The handling and management of identity was the hot topic of the RSA 2025 conference in San Francisco last month. Security industry professionals are making identity management a central point of conversation when assessing their overall security picture and posture going forward.

Some experts even went so far as to suggest that governments will need to rethink the way they assess identity management and assessment going forward, as new technologies and methods of evasion emerge.

This could, in turn, open a market for new identity authentication and management tools and methods as new vendors and technologies enter the market and present themselves to organizations.

New administration, new problems

Finally, there is the looming uncertainly caused by the Trump administration.

While new administrations will generally bring new regulations and government policies, Trump in particular has been shown to be a wild card. Add in the further chaos from the Elon Musk-backed "Department of Government Efficiency" and you have a recipe for utter chaos.

Organizations are set to wrangle with a number of new government initiatives and acts, including The Digital Operations Resilience Act (DORA), Cyber Resilience Act (CRA), and NIS2 regulations. Sessions at the conference will break down not only the implications for organizations operating in the U.S., but also those working with individuals in the EU and requiring compliance with foreign regulations.

For full coverage of Identiverse 2025 stay tuned to SC Media for exclusive streaming interviews and braking news.