Modern cyber attacks increasingly target identity rather than infrastructure. This session will explore three key areas where identity and cybersecurity practices intersect and where gaps can significantly increase organisational risk.

1. Identity as the Primary Attack Surface

Phishing and token theft remain the most common entry points for attackers. As organisations adopt cloud services and modern authentication, adversaries are increasingly targeting user sessions, authentication tokens, and identity providers rather than traditional network vulnerabilities.

2. Fragmented Identity Management Increases Risk

Applications that operate outside central identity platforms, particularly those without Single Sign-On (SSO) or automated provisioning (SCIM) introduce unmanaged credentials, inconsistent authentication controls, and orphaned accounts. These environments create operational overhead while expanding the identity attack surface.

3. Weak Access Governance Exposes Sensitive Data

Even when authentication is secure, poorly governed access can expose critical data. Overly permissive access settings, such as collaboration platforms configured for broad access, combined with limited auditing or review processes, can significantly amplify the impact of an identity compromise.

Session Outcome

This session will bring together perspectives from the Identity and Cybersecurity Communities of Practice to highlight how these risks emerge across modern environments and to identify practical actions organisations can take.

Participants will explore how closer collaboration between identity and cyber teams can help to:

• Reduce identity-based attack vectors
• Improve governance over access to sensitive data
• Minimise unmanaged credentials and shadow identity systems
• Strengthen organisational resilience to phishing-driven identity compromise