The internet has never faced so much existential risk from people who want to harm companies and their users. While many organisations understand that there’s a link between identity and security, few fully grasp how foundational identity is to a modern security strategy. Organizations with gaps in their identity security are significantly more at risk of experiencing a compromise or breach. If attackers get control of the right identity, they can break into a network, move laterally once inside, facilitate fraud, and extract sensitive data. Not to mention they can compromise a brand’s reputation and customer loyalty overnight. With the traditional perimeter gone, people are the quickest way to sensitive data and resources. Identity management is about securing people as the most scalable defence we have (not our greatest weakness). There has been a proliferation of identity-based attacks, which have increasingly become more sophisticated and are designed deliberately to circumvent.