Introduction 

“Identity Security” has established itself as a term. It stands for approaches that understand “identity” as a major element of cybersecurity initiatives. “Identity” is about the digital identities, their lifecycle and authentication, but also the access they have and the authorization of access. When analyzing known cyber-attacks, attackers commonly try to gain access to highly privileged accounts, which give them access to sensitive information or further systems in the attack chain. Research by KuppingerCole Analysts on one hand indicates that there is a wide range of attacks organizations are concerned of. However, most of these attacks are fully or partially related to digital identities and their access. Be it advanced attacks on critical infrastructures as a type of targeted, persistent attacks, be it malicious insiders, be it software supply chain attacks: All these attacks rely on attackers gaining access to privileged identities and, through these, gaining access to critical resources.

Identity-related threats thus are a major challenge for organizations. They require adequate responses. Unfortunately, the common approaches within IAM are primarily targeting on only a few aspects: 

1. Managing the lifecycle of users, their accounts in target systems and applications, and their entitlements. 
2. Reviewing the (static) entitlements in recertification processes. 
3. Mitigating risk during authentication by strong, multi-factor authentication, including analyzing the context risk.
4. Specific measures for restricting and securing privileged access.