Stay on top of the game by signing up for our daily and weekly newsletters to get the freshest updates and special insider insights on the world of AI. Here’s the scoop:
Generative AI is rocking the boat in the world of identity access management (IAM), amping up how well we can detect unusual behavior, making our alerts more on point, and making admin jobs a whole lot smoother—all while keeping an eye out for the next wave of digital threats.
A whopping 98% of security pros are nodding their heads, agreeing that artificial intelligence (AI) and machine learning (ML) are key players in the battle against identity theft and hacks, and they’re standing behind AI as the champ in bringing together their various identity systems. Nearly two-thirds believe AI will be most valuable in nailing down quirky behavior that sticks out like a sore thumb. Additionally, more than half bet on AI to fine-tune alert accuracy, and just over 50% expect AI will make managing tasks a breeze.
According to the Identity Defined Security Alliance’s latest deep dive—2023 Trends in Securing Digital Identities—it’s clear that the security gurus have their work cut out for them, aiming to mesh a hodgepodge of identity setups from a bunch of different providers into one seamless, insightful data provider.
These pros are convinced—about 98% sure—that AI will beef up their defense against identity threats, with a significant chunk believing it will be top-notch at spotting and stopping suspicious activities.
Generative AI is also doing some heavy lifting, making it tougher for intruders due to insider knavery and “zombie” logins—those are credentials that should be dead to the world but aren’t. The front-runners in IAM are expected to get crafty with gen AI, rolling out clever decoys, tightening the screws on behavioral detection, upping their game in asset tracking, and fast-forwarding improvements on their wider threat detection platforms.
Every IAM vendor has gen AI in their sights, sprinting forward to drop new products that use AI’s knack for context to bring more smarts into the game. The heavyweights in this arena include the likes of AWS, CrowdStrike, and Google Cloud, among others.
The narrower we can make these attack surfaces, the more the market is likely to spread out. Gartner’s crystal ball says the worldwide IAM market’s going to swell from $16.1 billion in 2023 to a cool $24.9 billion by 2027. Overall, bucks spent in the broader security and risk management scene are expected to hit $186 billion in 2023 and balloon to $289 billion in 2027.
Cloud security’s set to skyrocket, with predictions showing a leap from $4.4 billion in 2022 to $12.8 billion in 2027. Application security isn’t too far behind, projected to grow to $9.6 billion by the same year. And all eyes are on zero-trust security software, which could grow from $27.4 billion to $60.7 billion by 2027.
Now, IAM vendors and their products need to really step up to the plate, using gen AI to outsmart and clobber more sophisticated, malware-free attacks, which are often paired with some cunning social engineering. According to a report by CrowdStrike, these slick, software-free intrusions take the cake for most sneak attacks, and they’re all about stealing legit credentials.
IAM was the belle of the ball, hopping from eighth to second in this year’s funding fervor, showing just how jittery the market is getting about keeping identities safe across complex tech environments. In a bunch of chats, folks from IAM firms and their CISO buddies were all ears about how gen AI could help tighten up security, focusing on the handshake between who you are and the devices you use.
As crucial as IAM is for a solid security posture, generative AI is just digging in its heels to beef up our defenses. Gartner’s guide for IAM program management is a good read on this.
And hey, CISOs are losing sleep over insider threats—those employees who’ve got the keys to the castle and can wander through the company’s digital corridors. Simply watching the network won’t catch a smart thief using stolen credentials or an inside job. Sometimes, the baddies know the lay of the land better than the IT folks.
Product chiefs from next-gen IAM systems are brainstorming solutions. They’re talking about auditing every single login detail – real-time – to check if someone’s still allowed in the door. There’s a mounting pile of confidential files and customer info left wide open because nobody ever got around to cutting off old, unused access.
Almost half the big companies suspect their ex-workers could still waltz in and peek at their files, as per a study by Ivanti. And it’s true; a scary number of top-tier pros—yes, even bosses