IAM and Gen AI stole the show!
Even though this was my first time at the Gartner Security and Risk Management (SRM) Summit, I got swept away with the AI sessions instead of attending many of the IAM (identity and access management) sessions like I had planned. Unlike IAM-specific events, broader security conferences like Black Hat, Defcon, and RSAC draw a diverse audience… and the SRM Summit was no exception.
The AI content went beyond the typical IAM questions exposed just how foundational some of the challenges still are. That said, there were some amazing presentations on the IAM side, too, so here’s a quick roundup of what I saw, both in the sessions and the expo hall.
The phenomenal pace of AI development and, subsequently, AI adoption has led CISOs and security organizations in general to sometimes drop everything and figure out its security. The emergence of MCP as a standard to connect enterprise tools and resources to AI has made it extremely powerful (see this previous post to learn more). Just saying “no” leads to even more danger through the growth of “Shadow AI”, where employees simply use it privately (and possibly unsafely). It’s no surprise, then, that the Gartner SRM conference had many sessions focused on securing Gen AI.
The sessions by Gartner VP analyst Dennis Xu were very informative in this regard. Some key points: There are new risks that only arise when using or building AI. And there are existing risks that are amplified by the use of AI, either as a consumer or as an app builder. For example, excessive access permissions are an existing risk. AI amplifies it because AI agents may unscrupulously use all available data, whereas employees would use judgment in choosing what data to use in which context. An example of a new risk is something like “prompt injection”, whereby data fed to the AI system acts as instructions to the AI instead of just data that is used to set the context for the prompt the user asks the AI system. In one of the talks, Dennis Xu surveyed existing available vendor products that help secure various aspects of AI. He warned that buyers should favor short-term contracts since the ecosystem is evolving rapidly.
A few vendor presentations also provided an interesting perspective on how security vendors (that typically don’t have an identity heritage) view AI security. Much of the focus is on scanning and inventorying AI usage within your enterprise, LLM pedigree (by scanning Hugging Face), red-teaming AI apps, and other CNAPP-style protections. The identity and access security portion was either missing or a footnote at best; this is not surprising because the presenting companies’ heritage was not in IAM. I believe what these products are doing is important and really useful, but it is not sufficient until you address the identity and access portion of it.
IAM had a prominent “Spotlight Track” at SRM with 26 sessions, many led by vendors.
In Akif Khan’s session, the prevalence of deepfake-driven social engineering was striking. In a survey he shared, 28% of organizations reported at least one deepfake-related attack on employees. I’ve always believed the deepfake issue is, at its core, about channel trust… something that current platforms don’t reliably provide. Just like TLS (transport layer security) certificates authenticate websites, we need equivalent safeguards for video and voice communication. In the absence of these, Akif’s recommended layered approach seems like a practical interim solution.
IAM has had a history of being an administrative function, something that didn’t quite excite CISOs who were busy fighting network security battles with well-heeled and motivated adversaries. With much of the action moving to the cloud, the network security aspects are largely the domain of the platform providers. Application and access security are the CISO’s domain now because most hackers don’t break in; they log in (as Zachary Smith said in his talk, but I’m pretty sure my colleague Erik Gustavson came up with that line). A key takeaway from Zachary Smith’s talk was that IAM and security teams must collaborate to formulate an identity-first security strategy. The importance of doing this is clear from identity compromise being the number one attack vector leveraged in cybersecurity breaches in the Verizon DBIR for 5 years in a row!
Akif Khan’s “Outlook for IAM” talk included an interesting thought that IAM practitioners sometimes suffer from the “Peter Pan” syndrome. We need to grow up and take ownership of the security implications of our work.
He repeated a theme from Zachary Smith’s talk that distributed IAM teams should collaborate with other teams to make sure there are no gaps in the security coverage offered as a whole.
As always, Gartner keynotes delivered. The opening talk cleverly used the Gartner Hype Cycle to make the case for channeling hype into meaningful, outcome-driven business metrics. It was a helpful reminder: buzz can be a powerful motivator—if it’s directed with intention. And while not directly tied to security, several guest keynotes offered practical leadership lessons that I’ll be taking back with me.
Overall, the SRM conference reinforced a few key points: AI security is still taking shape, IAM is more strategic than ever, and bridging those two worlds is where the future lies.
Want more of the latest identity-first security topics and trends delivered to your inbox? Helpful and insightful content, no fluff.