Notifications
Clear all
Topic starter
04/06/2026 2:56 pm
TL;DR: For IAM and GRC teams, the chance to pressure-test governance priorities against real-world implementation experience will come when customers and select prospects gather for strategic insights, product roadmap updates, customer success stories, and peer networking at Pathlock Community London on 09/10/2026 at The Stafford London, according to Pathlock.
NHIMG editorial — here’s why we think this discussion matters
By the numbers:
- Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them.
Questions worth separating out
Q: How should IAM teams use customer events to assess governance maturity?
A: Treat customer events as control signals, not promotional noise.
Q: What should security teams look for in governance and compliance product roadmaps?
A: Look for evidence that the roadmap addresses control ownership, lifecycle enforcement, and exception handling rather than just reporting.
Practitioner guidance
- Map the roadmap to control ownership Use the strategic overview to identify which teams own access reviews, privileged access, entitlement cleanup, and exception approval.
- Pressure-test customer stories against your audit evidence For every success story you hear, ask whether the same outcome would be visible in your logs, certification records, and remediation tickets.
- Check lifecycle coverage beyond human accounts Review whether your joiner-mover-leaver process, recertification cadence, and offboarding steps explicitly cover service accounts, API keys, and privileged identities.
What to expect at the briefing
Pathlock's full event page covers the practical session detail this post intentionally leaves for the source:
- The exact agenda timing for each talk, including introductions, strategic overview, customer case study, Q&A, and dinner sequence.
- The named Pathlock executives and customer-facing speakers attending the London session, useful if you want to map topics to presenters.
- The in-person networking format, including wine tasting and dinner, which may matter if your objective is peer discussion rather than product briefing.
👉 Register for Pathlock Community London to hear the governance and roadmap discussion →
Pathlock Community London 2026: what IAM teams will hear?
Explore further
04/06/2026 3:06 pm
Customer events are governance signals, not just marketing events. When a vendor gathers customers around roadmap, success stories, and strategic direction, practitioners should treat that as a window into which identity problems are most commercially active. The discussion usually reflects where the market thinks control gaps still exist across PAM, access review, and lifecycle governance. The implication is to compare those themes against your own control backlog, not your product shortlist.
A few things that frame the scale:
- Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them, according to the Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which means many governance teams are still certifying what they cannot reliably see.
A question worth separating out:
Q: What does standing access reveal about identity governance risk?
A: Standing access shows that entitlement cleanup is not keeping pace with business change. It creates audit blind spots, weakens least privilege, and makes it harder to prove that access was removed when the original need ended. In practice, it is often a signal of weak ownership rather than a single technical misconfiguration.
👉 Read our full editorial: Pathlock Community London 2026: governance insights and product roadmap
