{"id":6626,"date":"2026-01-20T10:15:00","date_gmt":"2026-01-20T10:15:00","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=6626"},"modified":"2026-01-20T10:15:00","modified_gmt":"2026-01-20T10:15:00","slug":"why-the-future-of-security-starts-with-who-not-where","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=6626","title":{"rendered":"Why the future of security starts with who, not where"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>For a long time, cybersecurity was pretty straightforward: Guard the edges, and everything inside should be fine. Firewalls, DMZs, VPNs \u2014 these were the go-to tools. Back then, it worked. Apps lived in data centers, and everyone showed up at the office. But that world disappeared before most companies even noticed.<\/p>\n<p>Remote work, cloud adoption and distributed applications slowly dissolved the network edge. And attackers took advantage of that gap long before defenders adapted. Verizon\u2019s annual <a href=\"https:\/\/www.verizon.com\/business\/resources\/reports\/dbir\/\">Data Breach Investigations Report<\/a> repeatedly shows that a large portion \u2014 often over 80% \u2014 of modern breaches involve compromised credentials, not network flaws.<\/p>\n<p>That number says a lot. It tells us the perimeter didn\u2019t just shift \u2014 it collapsed around identity.<\/p>\n<h2 class=\"wp-block-heading\"><a><\/a>The old perimeter: Strong walls, weak assumptions<\/h2>\n<p>Traditional security assumed one thing: \u201cIf someone is inside the network, they can be trusted.\u201d<\/p>\n<p>That assumption worked when offices were closed environments and systems lived behind a single controlled gateway. But as Microsoft highlights in its <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/security-insider\/threat-landscape\/microsoft-digital-defense-report-2024\">Digital Defense Report<\/a>, attackers have moved almost entirely toward identity-based attacks because stealing credentials offers far more access than exploiting firewalls.<\/p>\n<p>In other words, attackers stopped trying to break in. They simply started logging in.<\/p>\n<h2 class=\"wp-block-heading\"><a><\/a>Cloud + remote work = No perimeter<\/h2>\n<p>Now, with remote work and the cloud, there\u2019s no real perimeter left. People connect from home Wi-Fi, personal laptops, airports, coffee shops \u2014 you name it. At the same time, company data and workloads are scattered across AWS, Azure, Google Cloud and various SaaS platforms. The old rules just don\u2019t fit anymore.<\/p>\n<p>There is no single \u201cinside\u201d anymore. There is only identity \u2014 the user behind the request.<\/p>\n<p>This is why modern security frameworks, including NIST\u2019s <a href=\"https:\/\/csrc.nist.gov\/pubs\/sp\/800\/207\/final\">Zero Trust Architecture guidelines (SP 800-207)<\/a>, emphasise identity as the primary control point rather than the network.<\/p>\n<h2 class=\"wp-block-heading\"><a><\/a>Identity is now the primary attack surface<\/h2>\n<p>Identity brings convenience, but it also brings complexity \u2014 and complexity attracts attackers.<\/p>\n<p>People reuse passwords.<\/p>\n<p>MFA fatigue attacks work far too often.<\/p>\n<p>Privileged accounts get over-granted. Contractors keep access long after their projects end.<\/p>\n<p>Service accounts multiply with no owner.<\/p>\n<p>Okta\u2019s recent <a href=\"https:\/\/www.okta.com\/the-state-of-secure-identity-report\/\">State of Identity Security report<\/a> points out that identity misuse has become one of the fastest-growing attack vectors in enterprises.<\/p>\n<p>Identity is no longer just a log-in step. It\u2019s now the attacker\u2019s first target.<\/p>\n<h1 class=\"wp-block-heading\"><a><\/a>Zero trust made identity the first door to lock<\/h1>\n<p>Zero trust isn\u2019t about paranoia. It\u2019s about verification. Never trust, always verify only works if identity sits at the center of every access decision.<\/p>\n<p>That\u2019s why CISA\u2019s <a href=\"https:\/\/www.cisa.gov\/zero-trust-maturity-model\">zero trust maturity model<\/a> outlines identity as the foundation on which all other zero trust pillars rest \u2014 including network segmentation, data security, device posture and automation.<\/p>\n<p>A strong identity-based perimeter includes:<\/p>\n<p>MFA everywhere<\/p>\n<p>SSO to reduce password fatigue<\/p>\n<p>Role-based access controls<\/p>\n<p>Privileged Access Management<\/p>\n<p>Device trust tied to user identity<\/p>\n<p>Continuous monitoring of user behaviour<\/p>\n<p>Adaptive, risk-based access policies<\/p>\n<p>This isn\u2019t the future \u2014 this is what\u2019s expected today.<\/p>\n<h2 class=\"wp-block-heading\"><a><\/a>Identity done right requires real discipline<\/h2>\n<p>When identity becomes the perimeter, it can\u2019t be an afterthought. It needs to be treated like core infrastructure. That means:<\/p>\n<p><strong>Identity has to be engineered, not patched together.<\/strong> Lifecycle processes must be streamlined \u2014 joiners, movers and leavers must be tightly controlled.<\/p>\n<p><strong>Privilege needs to be what people earn, not what they start with.<\/strong> Excess-access is still one of the top contributors to breaches.<\/p>\n<p><strong>Authentication methods need to evolve yearly.<\/strong> Static MFA policies won\u2019t survive dynamic threats.<\/p>\n<p><strong>Monitoring must follow behavior, not networks.<\/strong> Suspicious activity often hides in user patterns, not traffic flows.<\/p>\n<p><strong>Identity ownership must be shared across security, IT and the business.<\/strong> Identity doesn\u2019t succeed unless everyone is accountable.<\/p>\n<p>Gartner has been emphasising this shift for years, calling identity \u201cthe new security perimeter\u201d in multiple research publications aimed at CISOs and enterprise architects<\/p>\n<h2 class=\"wp-block-heading\"><a><\/a>Where we\u2019re heading next<\/h2>\n<p>Identity is already at the centre of modern cybersecurity, but its role is only going to grow stronger. Over the next few years:<\/p>\n<p>Passwords will fade out in favour of passkeys and biometrics.<\/p>\n<p>Machine identities will become as critical as human identities.<\/p>\n<p>Access decisions will adapt in real time based on behaviour.<\/p>\n<p>Identity platforms will become the central nervous system of enterprise security.<\/p>\n<p>Zero Trust will mature from architecture diagrams into everyday practice.<\/p>\n<p>Organizations that invest in strong identity foundations won\u2019t just improve security \u2014 they\u2019ll improve operations, compliance, resilience and trust. Because when identity is solid, everything else becomes clearer: who can access what, who is responsible for what and where risk actually lives.<\/p>\n<p>The companies that struggle will be the ones trying to secure a world that no longer exists \u2014 a perimeter that disappeared years ago.<\/p>\n<p>Identity isn\u2019t just the new perimeter.<\/p>\n<p>It\u2019s the new beginning.<\/p>\n<p>Everything starts here now.<\/p>\n<p><strong>This article is published as part of the Foundry Expert Contributor Network.<br \/><\/strong><a href=\"https:\/\/www.csoonline.com\/expert-contributor-network\/\"><strong>Want to join?<\/strong><\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>For a long time, cybersecurity was pretty straightforward: Guard the edges, and everything inside should be fine. Firewalls, DMZs, VPNs \u2014 these were the go-to tools. Back then, it worked. Apps lived in data centers, and everyone showed up at the office. But that world disappeared before most companies even noticed. Remote work, cloud adoption [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":6627,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-6626","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/6626"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6626"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/6626\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/6627"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6626"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6626"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6626"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}