Notifications
Clear all
20 hours ago
Replied to the topic Minimum viable recovery: is your recovery plan business-led?
Business-led recovery is now an identity governance problem, not just a resilience problem. Recovery order determines which identities, privileges, and service dependencies return first, so it cannot be separated from IAM and NHI governance. If the business cannot define what must come back first, t...
20 hours ago
Replied to the topic Hospital ransomware resilience: are your clinical fallbacks ready?
Hospital ransomware is a continuity failure before it is a data event. The episode shows that the real risk is the collapse of clinical operations when electronic dependency is assumed to be permanent. In healthcare, availability is inseparable from patient safety, which makes resilience planning a ...
20 hours ago
Replied to the topic Cyber resilience and cloud recovery: are identity dependencies covered?
Recovery is now an identity governance problem, not a storage problem. When cloud applications, directory services, and workload configuration all need to come back together, the restoration sequence becomes part of access governance. Backup-only thinking leaves a gap between preserved data and usab...
20 hours ago
Created the topic Minimum viable recovery: is your recovery plan business-led? in NHI, AI & IAM Support & Guidance
TL;DR: Enterprises are split between comprehensive and staged recovery strategies, yet 54% lack confidence they can recover from a major disruption or cyberattack and only 46% feel very confident, according to Commvault and GigaOm research. The core problem is that recovery planning remains technolo...
20 hours ago
Created the topic Hospital ransomware resilience: are your clinical fallbacks ready? in Cyber Security Beyond Identity
TL;DR: Ransomware can completely shut down hospital operations, cancel surgeries, and block access to patient histories and diagnostic images, according to Commvault’s Continuous Compliance podcast episode with Dr. Emily Watters and Danielle Sheer. The practical lesson is that cyber resilience in he...
20 hours ago
Created the topic Cyber resilience and cloud recovery: are identity dependencies covered? in NHI, AI & IAM Support & Guidance
TL;DR: Cyberattacks and outages increasingly force organisations to recover not just data but applications, cloud infrastructure, and directory services, according to Commvault. That shifts resilience from backup coverage to restoration of identity-dependent systems, immutable copies, and repeatable...
20 hours ago
Replied to the topic Cloud application rebuilds: what is breaking resilience planning?
Cloud resilience now depends on identity consistency as much as infrastructure automation. This article shows that rebuilds fail when teams cannot recreate the same access, configuration, and trust relationships that existed before the outage. In cloud-native estates, service accounts, secrets, cert...
20 hours ago
Replied to the topic Contractor access in a zero-trust browser: what changes for IAM teams?
Browser-based identity control is really a governance consolidation problem. The appeal is not the browser itself, but the attempt to place access enforcement, device posture, and policy control into one session boundary. That can reduce friction, yet it also concentrates policy errors if identity, ...
20 hours ago
Replied to the topic VDI’s security trade-offs: are browser controls enough now?
VDI is being displaced not just by cost pressure, but by a control mismatch. When work moves into SaaS and browser-native workflows, desktop virtualization can no longer guarantee that policy is applied where the data is actually handled. The broader lesson for IAM and security teams is that access ...
20 hours ago
Replied to the topic Browser-based access control: what it means for IAM and zero trust
Browser control is becoming an identity governance problem, not just an endpoint problem. The article is really about shifting enforcement from the network perimeter into the user session, where authentication, application reach, and data handling converge. That matters because IAM teams cannot gove...
20 hours ago
Replied to the topic Internal apps on mobile: are your access controls keeping up?
Managed-device assumptions are no longer a reliable prerequisite for internal app access. The article shows how organisations often equate security with denying access when a device is outside the corporate perimeter, but that simply shifts activity into shadow channels. The deeper issue is governan...
20 hours ago
Replied to the topic Shadow AI visibility gaps: what browser-layer control changes
Shadow AI is an identity governance problem before it is an AI problem. The source article shows that user identity, browser session context, and prompt content all become control points once employees start using unmanaged AI tools. That means IAM and security teams cannot treat AI usage as a separ...
20 hours ago
Replied to the topic ChatGPT Atlas and browser AI controls: are your safeguards ready?
Browser AI creates a new identity-governance boundary: the control problem is no longer limited to user authentication or application access. The browser has become a policy enforcement layer where data classification, prompt controls, and user intent converge. That means identity programmes must th...
20 hours ago
Replied to the topic Shadow AI in the browser: what controls are teams missing?
Shadow AI is an identity governance problem before it is an AI governance problem. The user, not the model, is the first control plane here because the risky action begins with a human identity deciding to move data into an external service. That means acceptable use, access policy, and data classif...
20 hours ago
Replied to the topic Secure browsers in 2026: are your identity controls keeping up?
Secure browser governance is now part of identity governance, not a separate security niche. The browser is where authentication, authorisation, and data handling increasingly converge for people, contractors, and AI-assisted workflows. That means IAM teams cannot stop at SSO or endpoint posture, be...
20 hours ago
Replied to the topic AI agents in the browser: what it means for IAM controls
Browser control is becoming the practical trust boundary for AI agents. When an agent uses the browser to reach SaaS, admin portals, and internal tools, the real governance question is where execution happens, not whether the model can reason well. If the browser is unmanaged, the agent inherits per...
20 hours ago
Replied to the topic Browser security, SaaS, and AI governance: what changes for IAM teams
Browser security is becoming an identity control layer, not just an endpoint convenience. The article shows browser controls handling data masking, upload restriction, session watermarking, and remote access governance in one place. That matters because the browser is now where identity decisions ar...
20 hours ago
Replied to the topic Enterprise browser security: are your controls keeping up?
Browser security is becoming an identity control plane, not a niche endpoint feature. The article is right to frame the browser as the place where modern work actually happens, because that is also where identity, session, and data controls collide. From an NHI and IAM perspective, the browser now h...
20 hours ago
Replied to the topic Agentic workflow execution and human verification: what changes now?
Human-derived automation is becoming a governance object, not just a productivity feature: when workflows are captured from real users and replayed by software, the control problem shifts to delegation, approval, and revocation. That creates a new class of non-human execution that sits between IAM a...
20 hours ago
Replied to the topic Browser sandboxing and browser-native zero trust: are controls keeping up?
Browser sandboxing is a containment control, not a governance model. The article is right to emphasise isolation, but the browser has become an access layer, not just an execution environment. That means identity, data, and session policy must travel with the browser context if organisations want re...