Security Weekly
Full episode and show notes

Authenticated, But Not Verified: The Workforce Identity Gap – Aaron Painter – RSAC26 #6

Impersonation attacks are accelerating across the workforce, targeting critical moments like onboarding, account recovery, and high-risk actions where identity is often assumed rather than verified. As attackers exploit gaps in how and when identity checks occur, traditional approaches are struggling to keep up. This conversation explores what’s driving this shift and what it takes to close the workforce identity gap with a more continuous, risk-aware approach to verification. This segment is sponsored by Nametag. Visit https://securityweekly.com/nametagrsac to learn more about them!

This episode is sponsored by
Full Segment Notes

Impersonation attacks are accelerating across the workforce, targeting critical moments like onboarding, account recovery, and high-risk actions where identity is often assumed rather than verified. As attackers exploit gaps in how and when identity checks occur, traditional approaches are struggling to keep up. This conversation explores what’s driving this shift and what it takes to close the workforce identity gap with a more continuous, risk-aware approach to verification.

This segment is sponsored by Nametag. Visit https://securityweekly.com/nametagrsac to learn more about them!

Key Moments
  • 0:00 - – Intro: RSAC 2026 & Identity Security Challenges
  • 0:17 - – What “Nametag” Does: Verifying the Human Behind the Identity
  • 0:40 - – Rise of AI Impersonation Attacks in Enterprises
  • 01:40 - – Fake Employees & Insider Threats Explained
  • 02:03 - – The Biggest Security Gap: Onboarding & Account Recovery
  • 03:34 - – Why MFA & Passkeys Still Have Weak Points
  • 03:58 - – Manual Identity Verification: Risks & Inefficiencies
  • 04:55 - – Automating Identity Verification to Reduce Human Error
  • 05:35 - – Impersonation-as-a-Service: New Cybercrime Model
  • 06:20 - – Social Engineering Tactics That Fool Help Desks
  • 07:33 - – Agentic AI Risks: Who Is Responsible for Actions?
  • 08:08 - – Human Accountability in AI-Driven Workflows
  • 08:49 - – Why Passkeys Alone Don’t Prove Human Identity
  • 09:31 - – Zero Trust Limitations in the Age of AI
  • 10:53 - – Deepfakes & Voice Cloning: The New Authentication Threat
  • 11:18 - – Securing Identity Lifecycle: Onboarding to Recovery
  • 11:43 - – Practical Steps to Prevent Identity-Based Attacks
  • 12:33 - – Risk vs Cost: In-Person Verification vs Remote Hiring
  • 12:57 - – Awareness Gaps & Real-World Breach Examples
  • 13:52 - – Why Video Calls Can’t Be Trusted Anymore
  • 14:59 - – The Future of Identity: Human Verification + Security Tech
  • 15:16 - – Final Thoughts: Solving Identity Security Together
Guest
CEO at Nametag
https://getnametag.com/

Aaron Painter is the CEO of Nametag Inc., the world’s first identity verification platform built to protect accounts from impersonators and AI-driven deepfakes. Aaron has nearly 20 years of global experience in security leadership, including senior roles at Microsoft across four continents. He is the author of the best-selling book LOYAL, a Fellow at the Royal Society of Arts, and a frequent commentator on cybersecurity and leadership.

Show More

Stay in the Know, No Smoke and Mirrors – Join Our Newsletter

Get expert insights and technical breakdowns straight to your inbox.
Join Now

Related Segments

Related Content

You can skip this ad in 5 seconds