Accountability usually sits with identity, security, and application owners together. Identity teams own the assurance method, security teams own detection and response, and application teams own session controls and access policies. If any of those layers is weak, the attacker can inherit the trusted session.
Why This Matters for Security Teams
An AiTM attack is not just a phishing problem. It is a session theft problem that can bypass MFA, SSO, and even strong password hygiene by placing the attacker in the middle of a legitimate login flow. That makes accountability broader than a single team. Identity owners, security operations, and application owners all influence whether the trusted session can be intercepted, reused, or kept alive long enough to matter.
The operational lesson is that assurance is only as strong as the weakest layer in the authentication and session chain. NHI Management Group has repeatedly shown that identity compromise is often an ecosystem failure, not a single control failure, as reflected in The 52 NHI breaches Report. For teams mapping attacker tradecraft, CISA cyber threat advisories remain useful for tracking current intrusion patterns, while the Anthropic report on AI-orchestrated cyber espionage shows how rapidly adversaries adapt tooling once they have valid access. In practice, many security teams encounter the accountability gap only after a live session has already been hijacked and abused.
How It Works in Practice
Accountability for AiTM compromise is usually distributed because the attack chain crosses multiple control planes. Identity teams are responsible for how users prove who they are. Security teams are responsible for detecting impossible travel, token replay, suspicious session reuse, and anomalous browser or device fingerprints. Application owners are responsible for whether sessions are bound tightly enough to survive a proxy-based interception attempt.
In practical terms, the right ownership model should be explicit:
- Identity teams own phishing-resistant authentication, conditional access policy, and step-up requirements for high-risk actions.
- Security teams own telemetry, alerting, and response playbooks for token theft, session replay, and suspicious consent grants.
- Application teams own session lifetime, token binding where supported, and controls that reduce trust in long-lived authenticated states.
This is where current guidance suggests combining identity assurance with session hardening. Standards such as the MITRE ATLAS adversarial AI threat matrix are useful for understanding adversary behaviours, but they do not replace operational ownership. NHI Management Group’s OWASP NHI Top 10 also reinforces that once a trusted identity or token is stolen, the attacker often moves laterally through legitimate channels rather than through obvious malware. The governance question is therefore not “who owned the login page,” but “who owned the assurance, the session, and the blast radius together.” These controls tend to break down when legacy applications cannot bind sessions to device or context because the attacker can simply reuse the trusted token elsewhere.
Common Variations and Edge Cases
Tighter session controls often increase friction for users and support teams, so organisations have to balance resistance to interception against operational usability. That tradeoff is especially visible in legacy SSO environments, partner portals, and applications that cannot support device binding or short-lived tokens. Best practice is evolving, but there is no universal standard for every stack yet.
Shared accountability becomes even more important in edge cases:
- For federated identity, the IdP may be strong while the relying application still accepts a stolen session cookie.
- For privileged users, the security team may detect compromise quickly, but application owners still need revocation and re-authentication logic.
- For regulated environments, audit teams may require evidence of control ownership across identity, security, and application governance.
When teams ask who is accountable, the most useful answer is often that identity owns authentication quality, security owns detection and response, and the application owner owns session trust boundaries. That framing aligns with NHI guidance in Ultimate Guide to NHIs — Why NHI Security Matters Now and the risk patterns highlighted in DeepSeek breach. In practice, accountability becomes a gap only when teams assume MFA ends the problem instead of asking who can still inherit the authenticated session.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST CSF 2.0 | PR.AA-01 | Identity assurance is central to preventing session hijack after AiTM. |
| OWASP Non-Human Identity Top 10 | NHI-01 | Session theft and compromised identity material are core NHI risks. |
| NIST AI RMF | Accountability for compromised sessions requires governance across people and systems. |
Assign clear ownership for authentication, detection, and recovery controls across the session chain.
