Identity Management Day Quotes from Industry Experts in 2025

“This Identity Management Day, let’s spotlight the evolving role of identity security in an increasingly digital and AI-driven world. With remote work, cloud adoption, and digital transformation accelerating, organizations face mounting challenges in managing access to sensitive data and systems.

“Emerging technologies like zero trust architecture, decentralized identity, passwordless authentication, and AI-driven security are reshaping identity management. In particular, Large Language Models (LLMs) and AI-powered automation are transforming how organizations make access decisions—analyzing vast amounts of data in real-time to detect anomalies, enforce least privilege, and streamline identity governance.

“By embracing cloud-based identity and access management (IAM) and leveraging AI for dynamic, context-aware access control, organizations can strengthen security, enhance efficiency, and maintain compliance—without adding friction to user experiences. Identity is the foundation of cybersecurity. By prioritizing AI-driven innovation and proactive security, we can build a resilient, adaptive digital future for all.”

Ofer Friedman, Chief Business Development Officer, AU10TIX

“Effective identity management requires effectiveness of the initial process that grants people access to organizations, services, and resources. If a bad actor successfully sneaks in, then from that point on, that person is trusted by any AIM platform. Nobody wants to let trojan horses in, even if they do not misbehave immediately. But not all identity verification services are born equal, even if, on the outside, they seem to be performing similar actions. In other words, effective identity management starts with making sure that the right people are verified and entitled to access. In 2025, an effective identity verification service must be built with paranoia. It’s no longer about Identity Verification; it is about Identity Risk.”

Greg Wetmore, Vice President of Product Development at Entrust

“In today’s landscape, cyber incidents are growing, often due to third-party access, and are disrupting both personal and organizational identities. A recent survey revealed that the most significant consequences of these attacks are the loss of sensitive data, regulatory fines, and severed vendor relationships. With nearly half of organizations experiencing such incidents in the past year and expectations for these threats to continue rising, effective identity management has never been more crucial.

“To safeguard both human and non-human identities, organizations must focus on strategic identity management. Solutions like biometrics and MFA can enhance security, but they must be implemented in a way that doesn’t disrupt operations or impede productivity. The journey to better identity management requires balancing security with seamless user experiences across all digital and human touchpoints.”

Darren Guccione, CEO and Co-Founder of Keeper Security

“As technology continues to advance and identity becomes more complex than ever, IT leaders must implement a multi-layered approach to security that addresses the most prevalent existing threats and combats the malicious cyber weapons of the future. Cyber-criminals are becoming increasingly sophisticated, leveraging AI to increase the volume and severity of their attacks. Recent research reveals that more than 50 percent of IT and security leaders have witnessed AI-powered attacks first-hand at their organization, and 36 percent have seen deepfake technology, spotlighting the precipitous rise of these technologically advanced threats.

“Identity Management Day is a timely reminder that although threats continue to evolve, following fundamental cybersecurity best practices remains the most effective method to stay protected against both existing and emerging attack vectors. With privileged accounts being a primary target for cyber-criminals, implementing a robust Privileged Access Management (PAM) solution is essential. Verizon’s Data Breach Investigations Report revealed that 80 percent of organizations that adopted PAM solutions reported a significant reduction in successful cyber-attacks related to credential theft and misuse, underscoring the criticality of deploying PAM solutions.”

Nick Kathmann, Chief Information Security Officer at LogicGate

“The concept of identity is at an inflection point where it will explode into multiple areas. Today, most people still consider identity to be synonymous with a credential or authorized person. That is quickly changing.

“Organizations are realizing the adherent danger in this assumption. According to the IBM data loss prevention report, 95 percent of malicious activity has a human element. We see this illustrated with the increase in compromised credentials, deepfakes, account takeovers, and internal malicious activity that is missed or, the opposite, a tidal wave of false positive alerts.

“I predict two changes we’ll see before the Identity Management Day 2026. First, the nuance of the term identity will become widely used. For example, machine-to-machine identity management, workload identities, and person-based identity are all terms used in some DevOps or SOCs that will become more widely understood and used. Second, instead of focusing on protecting ‘identities,’ aka credentials, highly accurate person-based credentials will be used to identify malicious activity in real-time with an understanding of context that hasn’t been possible until now. It is the difference between there is something to investigate with Jack’s account, or, Jane is using Jack’s credentials to access financial systems that she isn’t approved to view.”

Marta Dern, Senior Product Marketing Manager at Oasis Security

“Don’t overlook your newest identity risk, Artificial Intelligence (AI) agents. At first glance, AI agents might seem like just another tool, handling IT support, optimizing cloud costs, answering customer questions, and even making decisions. But unlike human employees, AI agents don’t think or reason. They act based on algorithms and data, not intent or intuition.

“They don’t log in with usernames and passwords. They authenticate using API keys, managed identities, and machine-to-machine protocols. Unless explicitly programmed to follow your security policies, they often don’t. Left unchecked, AI agents can create new identities, generate access credentials, and grant themselves privileged permissions without alerting anyone. Over time, this leads to identity sprawl and uncontrolled access to critical systems.

“This Identity Management Day is a reminder that identity is more than human. AI agents are non-human identities, and they need to be secured with the same rigor. That means real-time visibility, automated lifecycle management, and guardrails that prevent privilege abuse.”

Will LaSala, Field CTO at OneSpan

“Identity Management Day is a reminder that the conversation around identity has changed fundamentally. For decades, traditional identity governance has been primarily focused on driving operational efficiencies through identity lifecycle management, which addresses the joiner-mover-leaver model. However, amid rapid digitalization, this approach has started to fall short, as reality dictates its own terms—with access risks continuously emerging in the myriads of business applications as user roles change throughout their careers.

“Our highest-risk, regulated business processes are no longer effectively controlled. Traditional identity frameworks simply can’t keep up with today’s dynamic risk landscape. Potential negative consequences of overlooking these identity-related risks include excessive access, data breaches, compliance failures, and corporate fraud.

“Identity security for high-risk applications must now focus on compliant provisioning and continuous controls monitoring. It’s not just about ensuring the right people have the right access at the right time—it’s about proactively preventing internal fraud, audit failures, and reputational damage while responding to risks in real-time. While automating audits saves time and money, securing identity access today must go well beyond compliance.”

Patrick Harding, Chief Product Architect, Ping Identity

“Identity Management Day takes on a whole new meaning this year as individuals and organizations find themselves not only responsible for managing human identities but also increasingly tasked with overseeing AI, as it assumes agentic roles on behalf of humans. The impact AI will have on identity is far greater than we anticipate. For that reason, it’s important for businesses and individuals to ensure their security practices keep pace with the rapid evolution of technologies like AI.

“Leaning into approaches like zero trust architectures and decentralized identity models is that much more critical in a digital-first world. As AI attacks target centralized repositories of personal data and look to mimic trusted users, it’s imperative to ensure data isn’t gathered in one vulnerable location and every user is verified, regardless of who they are or claim to be. As the way we work changes, it’s critical we secure our workforce, build customer trust, and deliver the seamless and secure digital experiences individuals deserve.”

Roy Akerman, Head of Cloud and Identity Security at Silverfort

“Advanced AI and deepfake technology make visibility key to defending against identity-based threats. Organizations must move beyond traditional identity controls, such as multi-factor authentication (MFA), and adopt a unified, end-to-end identity security approach. Extending security controls across an organization’s entire identity infrastructure will give security teams the visibility needed to detect unauthorized access attempts and the tools necessary to stop a breach before an attacker can spread laterally.

“Protecting identities must be a priority every day, not just on Identity Management Day. As threat actors innovate with AI and deepfakes become the norm, organizations must take proactive steps to reevaluate their identity security strategies and dedicate the time and resources necessary to protect every identity—in the cloud or on-premises, human or machine—because in today’s evolving threat landscape, identity security is the make or break.”

Mark Wojtasiak, VP Product Research & Strategy at Vectra AI