COMMENTARY: The world’s leading cybersecurity companies, white hat hackers, and security leaders gathered at Black Hat 2025 last week in Las Vegas to discuss the industry’s most pressing cybersecurity trends and technologies: and Identity security and access management were at the heart of many conversations and program sessions.And rightfully so.Credential abuse remains a leading initial attack vector and non-human identities (NHIs) such as AI agents, service accounts, tokens, access keys and API keys are proliferating in the enterprise, expanding the attack surface.[SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]During the conference sessions, we heard from security researchers and engineers about numerous identity and access management vulnerabilities and risks. Briefings explored how attackers exploit security flaws to escalate privileges on endpoints with remote access products installed; the dangers of misconfigurations that lead to privilege escalation; and the ease of conducting password-spraying attacks when security best practices are neglected.The big takeaway? Staying ahead of malicious actors requires strengthening identity security, limiting privileged access and preparing teams to respond. Organizations must move beyond perimeter defense and focus on securing what attackers are really after – identities and access. The most damaging breaches often stem from weak credential management and excessive access privileges.Every credential, whether linked to a person, application or system process, must be strong and unique, securely stored, regularly rotated and limited to the minimum access required. It’s become essential to have real-time monitoring of privileged activity, combined with AI-powered threat detection and mitigation to detect and contain credential compromise, misuse, or overly broad access before it escalates.Organizations that prioritize securing all identities, human and non-human alike, and adopt zero-trust access controls built on least-privilege principles are far better positioned to defend their infrastructure and data.Sessions and conversations at Black Hat reinforced what we’ve known for many years: The need for strong, modern identity security has never been greater. But legacy products can’t keep up – as machine identities outnumber human users by an estimated 40,000 to 1 and threat actors become increasingly sophisticated.Now’s the time to implement an AI-enabled PAM platform capable of securing and managing access across every layer of infrastructure. That’s how organizations can stay better equipped to meet the challenges of tomorrow, starting today.Darren Guccione, co-founder and CEO, Keeper SecuritySC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
What we heard on the show floor
Our team regularly partners with third-party researchers to gain insights from global IT and security leaders on the future of cybersecurity defense. With the elite group gathered at Black Hat, we saw a prime opportunity to source real-world insights from today’s cybersecurity leaders and practitioners. We surveyed 110 attendees about their top concerns and challenges related to identity security, and their feedback provided a snapshot of the current landscape. we learned that AI creates opportunities and poses threats:- Top threats include advanced phishing schemes and social engineering: The majority of respondents cited advanced phishing schemes and social engineering (44.5%) and deepfake attacks using AI (40.9%) as the most dangerous identity-based threats expected to emerge in the next 12 to 18 months.
- AI and passwordless will transform identity and access security: Respondents identified AI-driven identity validation and authentication (57.3%) and passwordless authentication solutions (38.2%) as the most transformative technologies over the next three to five years. Passwordless authentication was a prominent topic on stage as well, with academicians and security researchers highlighting the hidden risks of account recovery in a passwordless future – underscoring the importance of choosing a password manager that supports passkeys.
- Cybersecurity pros lack confidence in their ability to handle AI threats: Only 16.4% of respondents said they are fully confident their organization is prepared to handle AI-generated identity and access threats like deepfakes and AI-powered phishing. This reveals an alarming gap that cybercriminals will and can exploit.
- Identity-based attacks are expected to cause the next major breach: When asked what’s expected to cause the next major breach, respondents offered the following concerns:
- Identity-based attacks such as phishing and credential stuffing (18.2%).
- Lack of adequate privileged access controls (16.4%).
- Vulnerabilities in unpatched legacy systems (15.5%).
- Too many organizations don't enforce MFA: Lack of proper MFA enforcement was identified by 40% of respondents as the single biggest mistake organizations make when securing privileged access. This echoes recent breaches involving big tech companies, in which attackers exploited the absence of MFA, highlighting its importance as a fundamental security measure.
- Teams need to deploy PAM: According to 32.7% of respondents, not using a privileged access management (PAM) tool is the most significant oversight in protecting privileged access. This aligns with findings from Keeper’s recent Insight Report, which revealed that 53% of organizations that implemented PAM reported improved protection of sensitive data.
