Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Remember when open meant visible? When a bug in open-source code left breadcrumbs you could audit? When you could trace commits, contributors, timestamps, even heated 2:13 a.m. debates on tabs versus spaces? That kind of openness created confidence in the code and made it possible to hold contributors accountable when issues arose. Today, as AI changes how code is created and shared, those familiar markers of trust and transparency are becoming harder to find.

Every organization operates on a foundation of identity. Whether it’s a person logging into an app, an API connecting to a service, or a container spinning up in the cloud, every interaction begins with authentication. But here’s the shift most organizations are only starting to catch up to: machines now outnumber people by more than 80 to 1. These workloads and devices all depend on digital certificates to prove who they are. Those certificates are their identities.

Modernization rarely begins without a catalyst. For organizations managing machine identities, the CA/B Forum mandate is driving a wave of change—transforming compliance pressure into momentum for lasting modernization. For more than a decade, organizations have recognized that their machine identity operations are fragile. Manual renewals, siloed ownership, and spreadsheet-driven workflows were never built for the speed and scale of modern digital business.

When I first joined CyberArk, it wasn’t just about the company or the technology, but a belief. A belief that identity security is the foundation of cybersecurity. Identity security is the unifying thread that ties together risk management, resilience, and trust in an era where identity—human, AI, and machine—has become the true perimeter of the enterprise. Every day, I see how this conviction plays out across industries and organizations.

In this episode of Security Matters, host David Puner welcomes back David Higgins, senior director in CyberArk’s Field Technology Office, for a timely conversation about the evolving cyber threat landscape. Higgins explains why today’s attackers aren’t breaking in—they’re logging in—using stolen credentials, AI-powered social engineering, and deepfakes to bypass traditional defenses and exploit trust.

In today’s threat landscape, the identity attack surface is expanding at an unprecedented rate. Recent high-profile breaches have demonstrated how cybercriminals exploit any type of identity or account to gain an initial foothold within the corporate environment. Organizations with hybrid, multi-cloud infrastructures or those navigating mergers, acquisitions, and broader digital business transformations are especially vulnerable to misconfigured identity systems and poor identity hygiene.

Why we’re bringing Zero Standing Privileges to M365, and why it matters. In the past decade, we collectively agreed that standing access to infrastructure is a security failure. No credible security team allows permanent root access on production servers or standing SSH keys for cloud instances. We built vaults, we implemented session recording, and we moved to Just-in-Time (JIT) access for infrastructure.