Transcript
This is awesome. You know, I actually live here in Austin and it is so great that you all came here to join me for this. What an event. And actually, this is a pretty special impact. This is the first impact since CyberArk has been a part of Palo Alto Networks. And if you think about what that means and the promise, it's just awesome. We've got the world's leader in identity security combining with Palo Alto Networks and the power of network, AI, security operations, cloud, and more. We are platformizing identity, connecting it into the security stack. And from my perspective, leading unit 42, the time has never been better. You're going to see how identity is just a massively important part of the cybersecurity posture that we need and the threat landscape that we're facing today. In fact, until a couple of weeks ago, I actually had an entirely different talk planned. And then, along came Mythos, right? And from that time, over the past couple of weeks, I've been in conversation after conversation, talking to security teams, and they're all asking variations of the same question. What's real and what's hype? And what does this mean for us? What's going to change? And, you know, those are the right questions. And actually, that's what we're going to answer here today. I'm going to talk to you about how Frontier AI is changing the threat landscape, how attacks work now and how they're evolving, and takeaways that you can bring back to your team that I think will get you ahead and help you stay ahead with what's going on. My perspective here comes from my role leading Unit 42. Unit 42 is Palo Alto Network's threat intelligence, incident response, and cybersecurity consulting arm. On the threat intel side, our mission is to use Palo Alto Network's telemetry, billions of events every day, over 9 million novel attacks that we see daily to track and understand the adversary. On the IR side, we're responding to over 750 attacks a year. These are major cyber incidents where global organizations are calling for backup. Think ransomware, nation-state attacks, network intrusion. And when we have all this data and all this frontline experience, we start to see patterns. We see how the attackers are getting in. We see the early signals that are missed in the SOC, and we see where defenses fail. And you know, over the last couple of months, there's been this one change that we can't ignore. It's what Frontier AI is making possible for attackers. It's changing how quickly they can find vulnerabilities and how quickly exposure can become impact. And so I want to start with what we've actually seen in Unit 42. The story goes back about, I think, about nine weeks now. We had early access to Mythos as part of Project Glasswing, and we've also been testing OpenAI's model as part of the Trusted Access for Cyber program. So you've all seen, read the hype, done some of the research. You know that these models are a lot better, but what does that mean? First of all, they had a step change in reasoning capability, but where the real power comes in is their agentic coding capability. And it makes sense, right? Because Anthropic, OpenAI, they are changing the world with how quickly they're empowering engineers to build the coding capability. Think Cloud Code and Codex and these other capabilities. And so what it turns out is that if something is really good at coding, it's actually also really good at finding vulnerabilities. And so at Palo Alto Networks, we set out to test what does that look like? And so my team in Unit 42, partnering with our InfoSec team, partnering with our product security team, we used Mythos, we built a series of agentic harnesses. If you're not familiar with a harness, think arms and hands, where the model is the brain, and the harness gives the model agency to connect and make changes. And we looked at Palo Alto Networks source code, we looked at our attack surface, and we looked at our posture to understand what they could do. Really, we made ourselves test patient zero with these harnesses. So what did we find? These models create a step change, function, improvement in what is possible from an offensive security standpoint. On the vulnerability side, they are extraordinarily good at finding vulnerabilities in code. In about three weeks of testing, about three weeks, we found the equivalent of what we would normally find in a year's worth of testing. We have a full-time red team, this is something that we're doing every day at Palo Alto Networks. Three weeks, one year. The second point is, it's not just finding vulnerabilities, it's actually making them actionable by building a POC, right? And that's where the attack path detection comes in. It's the ability to chain or link two different vulnerabilities so they can be used to find that critical exploit. And the third point here is that we're able to use it for full-stack logic analysis. What this means is, with the right context and the right data, we're able to point it at our attack surface and the business applications that Palo Alto Networks use to find posture issues and attack paths in that way too. What this means for all of us is that the line is moved. What I mean by that is, we all have vulnerabilities, right? I don't think I've ever met an organization that's totally on top of patch management. If you have, I'd love to meet that company and talk to them on how they're doing it. But we all have vulnerabilities in our code, across our infrastructure, in our applications. But what this does is it moves the line in terms of what's exposed. And so we need to take action in order to track and to remediate and get ahead of that. The next question is, okay, well, good thing these models are closely held, right? They're in the hands of companies like Palo Alto Networks. They're slowly sort of being controlled and emitted out by Anthropic and OpenAI. And trust me, I know it's been frustrating. Many of your security teams have probably been working on trying to get access. And so that's a good thing in terms of security, right? We wanna keep them out of the hands of the threat actors. But the question is then, when does it go from closely held in the frontier AI model companies to the Chinese models like DeepSeek, to the open weight models? And that's where the gloves really come off because OpenAI and Anthropic, they're working really, really hard to increase the guardrails, to make sure there's refusals so you can't use these models for offensive purposes to take action the wrong way. And so the question is, how long? And this is a bit of a crystal ball, but we think less than six months. In fact, about four weeks ago, we thought maybe six to 12. Actually, I think it may be less than this. I don't know if anybody saw the headline. Just this week, Google researchers actually found what they believe was an AI sourced vulnerability that was exploited. So this is moving really, really fast. I kind of look at this like the four minute mile, right? The people who are working on these models and are pressing the technology, they've seen what's possible. And everybody's gunning for that target. One thing to keep in mind though, maybe perhaps a bit of good news, is even though this is gonna make attacks faster, it's gonna make more vulnerabilities exploitable, the attack paths are still the same. And so if you think about it, there's still reconnaissance, there's still initial access, there's still privilege escalation, there's still lateral movement, there's still impact. And so I think looking at the incidents and the attacks that my team, the Unit 42 team is responding to today is a really good way to understand what's coming and what AI is gonna amplify. And so what I wanna do now is I'm gonna talk about three trends that the Unit 42 IR team has been working on that we think are going to be most important when AI becomes more widely available. The first is identity. In 89%, 89% of Unit 42 IR investigations, identity gaps are a huge part of the investigation and something that broke down along the attack path. This is how the threat actors are getting in, this is how they're escalating privileges, this is how they're moving laterally and accessing resources that they shouldn't, this is why you all are here, and I'm so glad you are, right? Another point about identity is that if you look at initial access, how threat actors are getting in, 65% of it is tied to identity-based tactics. So social engineering, fishing, brute force, these are all identity-based tactics and they show up every day. Just one recent example from a Unit 42 IR investigation that my team is working on right now, started with a fish. Fishing is very, very common in the United States. It's very, very popular, that's not going away anytime soon. The threat actor landed on a typical user workstation. They used a tactic to sniff traffic, to grab a service account. That service account had domain admin. From there, they pivoted to the domain controller, they pivoted to the VMware ESXi server, they deleted the Active Directory environment, they blew away the ESXi environment and they shut that company down. This is so common, we see it every day. Think about that's the way it works now and think about how much faster this happens when frontier AI is in the hands of the adversary. And speaking of faster, speed. Every year in our IR investigations, we track how quickly attacks happen. A couple of years ago, we had the average time from when the adversary gets in, to when they steal that or when they exfiltrate, it was about nine or 10 days. Last year, that dropped to 72 minutes. And from the year prior, that's four times faster. We just did an attack, an incident response investigation for a company responding to a group called Shiny Hunters. They're in the news a lot. And the Shiny Hunters group is really notorious for how fast they are. So they used an AI voice deep fake to social engineer the help desk. After they got in, they got an account that had API access to Salesforce. And within 40 seconds, they were downloading thousands and thousands of records from Salesforce, 40 seconds. The bottom line is this, the speed is the new normal and security operations needs to automate in order to keep up. The third trend that I wanted to talk about is supply chain risk. I think we've all had supply chain on the radar since the days of SolarWinds, which I can't believe it, that was five years ago. Time flies when you're having fun. And so that obviously is still happening and it's happening more and more. But what we're seeing now is a little different. What we're seeing is that supply chain risk, it's not only vulnerabilities in code, and it is, but it's also our SaaS business applications. Think about the large applications you use, Workforce, Salesforce, Workday, sorry, ServiceNow, all these applications, they all have all these integrations. And it just takes one to be the weakest link with trusted access to your sensitive data to create this cascading effect where hundreds of organizations get impacted. We saw this last summer with the Drift situation and we're seeing it more and more. With one company, we helped respond. We went in and we looked at their Salesforce and since after the incident, and we found 100 other integrations. The CISO and the business owner, they had no idea what these were. They didn't know who was responsible and they didn't even know the business function. So this is just a huge trust issue, sort of a ticking time bomb that we're sitting on that we see hitting organizations all over the world. The other part about supply chain that really has my team worried is with source code. If Frontier AI is so good at finding vulnerabilities in code, which it is, think about how much of our software is built on open source. I actually looked it up. You get estimates ranging from 70 to 90%. 70 to 90% of all of our source code of any given code base is built on open source. And what is the first place that threat actors are gonna go to look to find vulnerabilities in code? Open source. We're seeing this now. There was a big attack just a week ago where this company Light LLM was hit with a supply chain attack. What happened was Trivi, a company that they, a product that they integrate with was hit with a backdoor and it was pulled in automatically in their CICD pipeline and it turns out Light LLM is one of the most commonly used applications in building with AI. And so Trivi's compromised, it's pulled into Light LLM and it was open for five hours. And in that five hours, it was downloaded over 750,000 times. This is a threat that will absolutely be accelerating with AI. So I want to take a step back here. We're talking about threat. But what goes wrong on the company side? And we see that, too. We see three common themes that show up time and time again. The first is identity. Time and again, there is too much trust, too much privilege. There's cached local admin. There's cloud accounts that are so over-provisioned. There's no segmentation. An attacker has no problem going from an endpoint to a sensitive system that they should not, that account should not be able to access. You all know this so well. We see it all the time. The second is visibility gaps. In almost every forensic investigation that my team does, we find the evidence of what happened in the logs. We find the initial access. We find the data exfiltration. It's all there to recreate. It's in the logs that the company is generating. The problem is the company does not have that information operationalized in the SOC. They're blind. And the third is environmental complexity. Think for a moment about your IT environment. Think about your security environment. How much of it is built up over time with layer after layer of application where old things aren't retired, where security tools are just added on? And then IT and security, we're expected to manage all of this and make sure we do it flawlessly. It just doesn't work. And so in over 80% of Unit 42 IR cases, it's inconsistent coverage and gaps that lead to these incidents. So we've been talking a lot about what we're seeing on, I'd say, the defender side, on the incident response side. You might call it the blue team side. I think that's a great perspective. But I think it's actually really, really valuable to get the attacker's view, the red team perspective. And there's nobody better to do that than my colleague, Shai. Shai leads Unit 42's red team. He has been doing this his whole career, hacking into some of the most secure organizations on Earth. And I would love to have him come out here and give you his perspective from what happens from attacker's view. Shai, come on out. Thank you, Sam. Sam just walked you on how it looks from the defender side. How does Frontier AI and MITOS look when we try to use them for defense? I want to give you the other side. I want to give you the attacker perspective. My name is Shai Nahari. I run the Unit 42 offensive security team. My team and I are focused on providing an adversary simulation to our customers using threat intelligence, telemetry, and TTPs that we see in the wild every day to allow our customers to test themselves against attackers with the same type of capabilities. In the last couple of months, my team and I built and used these Frontier AIs for offensive security operations, both inside Palo Alto networks as well as with clients. I want to help you visualize what is it that we're going to be facing in a few months once those capabilities are in the hand of threat actors. So Sam talked to you about it. These models absolutely create step function improvement in the AI ability to find and exploit vulnerabilities. That part is very clear. The natural conclusion is that we, as defender, should go ahead and fix those vulnerabilities before they're out there. But the impact of these models is much broader, and the effect they have on cybersecurity goes way beyond just finding vulnerabilities. It's not completely clear that these models were actually designed to do any cybersecurity operation. In fact, it appears that they were designed to be much better at coding. It turns out, as Sam mentioned, that coding efficacy actually translates very well to finding vulnerabilities in code. A different way of looking at this is that we typically see about 10% to 15% improvement between different generations of model. When you look at MITOS and compare it to Opus 4.6, which was the latest model available at the time, we saw 50% improvement in coding capabilities. So when we're talking to customers, especially in the last couple of weeks, there's two questions being asked. The first one, in different variation. First one is the hype real, right? Do we really need to be worried? And then the second one is, what should we expect? Well, there are three things I think we should be looking at. The first one is we will see, as these models are out there, we will see a flood of vulnerabilities, and then subsequent patches that are getting released to address those vulnerabilities. The problem is that even if attackers don't have access to the original vulnerabilities, they can use those AIs to fuzz the binary patching and actually understand what was the original vulnerability. We will get into a vicious cycle, and they will quickly outpace our IT department's ability to patch them. There will be short-term pains for sure. The second thing, as Sam mentioned, is that we will see exponential growth in supply chain attack. Obviously open-source, but based on our own testing, we will also see closed-source SaaS applications, vulnerabilities coming in. That can be used to gain access as a supply chain attack to cloud infrastructure. We've seen it in Gainsight, in Salesforce, in Trivi, in LightLLM, everything that Sam talked about. And then the last thing that we expect to see is autonomous AI attacks. We will see attackers offload a lot of those capabilities into these models. We already saw some first signs of that. Unit 42 released a report about a Chinese threat actors, IPT28, where they offloaded a lot of the cyber killchain the exploitation, the lateral movement, the escalation to TinyLLM. They've performed this attack against Ukrainian infrastructure. Those models are far cry from the capabilities of Mitos and the like. And we will see a rise in speed and scale of those attacks, which means we need to do things differently, which means we need to have AI react to these type of attacks. We can no longer trust human to react to AI speed. So let's switch gears for a second. Let me tell you about my own first interaction with Mitos. I have to tell you, it was not love at first sight. The first time I got access to it, I tried to use it to attack our own Unit 42 lab. And the first thing I got is, you're not authorized to attack this lab. He asked me to bring in a letter authorizing me attacking my own lab. So obviously I did what everyone in this room would do. I went to my second favorite AI and had to generate a letter from the principal. I submitted it to the AI, to Mitos, and I got, well, I find it very suspicious that exactly four minutes after I asked you to provide me a letter, you give me a letter signed four minutes ago. I'm not gonna do it. So obviously I did what everyone in this room thinks. I went back to my second favorite AI and had to backdate the letter two weeks ago. And this is where I started understanding we're talking about a different beast. He basically told me, I find it very suspicious that every time I push back on something, you give me a letter addressing exactly the things I ask you to address. Moreover, I went and decided to check on your letter and I found that the phone numbers you gave me are fictitious. I also found the address you gave me for Unit 42 is not the real address. He basically did an oysen on my own letter. So at that point, I changed tactics and told him, you're being unreasonable. This is my own lab. How can I give you authorization letter to my own lab? He said, huh, that's right. Sorry about that. Let's begin. Now, it's a funny story, right? But I think the big takeaway here is that we need to understand this is a different beast. It has different logic capabilities. We're dealing with something different. Let's walk through a real attack scenario we've done with this. Earlier, Sam talked about AI harness. And just as a reminder, harnesses are basically the arms and leg of the model. They're used by us to provide guardrails and enrich the models with very specific type of TTPs and capabilities. They allow us to create more deterministic nature and have a repeatable process to the type of attacks. More important, they allow us to create what we call inference loop, which means we can teach it to attack, get an output, learn from it, feed it back to the attack, and do it again and again, again with those type of capabilities. We were assessing a client internal system, one that we had no direct access, but we found an email address associated with that that allows us to interact with that system. We created a harness to create a feedback loop around Mitos to try to attack, get the output, learn from it, and feed it back. And this is what actually happened behind the scene. The system started by sending an email to that email address, completely empty, and got a bounce back, said subject must contain an action. From that, it learned that an email or subject is required. Different iterations later, it sent a subject with empty body, it got a bounce back saying an employee ID is missing. From that, it learned that it needs to parse to create some sort of ID for employees. Provided that at least in different format, and eventually got employee not found. From that, it learned that there is some sort of validation that system actually interacts behind the scene with an HR system validating the actual employee ID. And finally, through some dark web magic, found actual list of employees and sent it. 15 minutes, that's what it took it, no credentials, no alerts, because it's just bouncing email. What actually happened behind the scene is it triggered a Salesforce ticket to off-board the employee. It's the same process a human would use, just minus the human. What actually happened is when the email arrived, the off-boarding started. It disabled the Active Directory account, revoked the M365 access, and even started HR termination system. Again, it sounds fun, but actually think about it from an attacker perspective. What can we do with that type of access? Well, we can fire the entire SOC. We can send one email, disable the entire security team, fire the CSO, fire the CEO before we even begin. We can disrupt operation. We can create denial of service. We can extortion just by sending email, just by having the AI fuzz that information out of a single email address. Let's jump to another interesting use case. In this case, we've built a harness designed to continuously try and attack a system using TTPs that we use on a daily basis on a retina operation. This was an exposed, an internet accessible system. We let it run overnight. We went to bed. This is what we woke up to. As expected, it started by scanning the web application, finding all the scripts, downloading them. Then it found that some of the resources were actually stored on an F3 bucket. Looked at the F3 bucket, found that that bucket was accessible to the world. Went and read every single file on that bucket, every single one of the file on the bucket. Found in one of the documentation an obscure internal API for one of the internal system. It then used that API and found that it allows external assets from reading internal file. Basically, you could read internal file system through that undocumented API. It went and looked at thousands of file and found a script that had an embedded service account credential in it. It then took the liberty to take that service account and escalate itself to domain admin through Active Directory Certificate Services. But it wasn't done. It then took that domain admin, connected to Azure, and It then took that domain admin, connected it to the server. minted itself a new global administrator in Azure. We woke up expecting to get new open services and maybe ports, and we got a brand new global admin controlling every asset of the company overnight, all on its own. One of my colleagues summarized it perfectly. Every night, I went to sleep and woke up to Christmas. New finding under the tree every morning. The amount of signals and lead vulnerabilities these models open up for us, for the attackers, is staggering. Our biggest challenge was actually being able to sort through all the signals that he gave us and attack them. It felt like we were kids in a playground. As the great philosopher Mike Tyson used to say, everyone has a plan until they get punched in the face. What I think we should learn out of it is, yes, we should plan, but we should also test ourselves. We should try and see how are we actually facing, again, attackers with these type of capabilities. We are at an inflection point in cybersecurity. I'm sure that a lot of you can attest the last month was overwhelming. I can assure you it was overwhelming for us, for the attacker side as well. The threat actors are currently rushing to understand the capabilities, to build harnesses, and find ways to create operations, offensive security operations, around these new capabilities. The good news is we have the advantage now. We have time, not a lot of it, but we have time to prepare for what's coming. It won't take long before these models and capabilities, as Sam mentioned, are in the hands of adversaries. Thank you so much. Sam, back to you. Thank you. All right. That was amazing. I think I speak for everyone when I say, thank God that Shai's on our side, right? No, he is just a phenomenal leader of our offensive security team. So we've been talking a lot about threat. And I promised at the top that we were also going to give you some takeaways. And so I'm going to do that right now. They're very high level, but that's what this next couple of days is about. You're going to have a chance to dive deep into different tactics, things that you can do, strategies to take advantage and to get ahead of what's coming. But from our perspective, there's three things that you really want to do. First of all, we all have this gap, this exposure that's out there that we didn't have before because of what is now because of Frontier AI. And so I think every enterprise, every organization needs to undertake right now an exercise to find what that exposure is and to remediate it. This is the journey and what we've been working on at Palo Alto Networks over the past two months. It's been a sprint. At various points in time, we've had over 500 or 600 people even working on it across our applications and our infrastructure. We think that every organization needs to go through this. The second is that we can no longer rely on heroics in the SOC. I've been on the IR side my whole career in the SOC helping organizations respond. And security teams are awesome. But there's too many what I call diving catches, where they're saving the day because they happen to find something, and too often they don't. But when attacks get faster and faster, it's just not going to work anymore. And so in security operations, we have to deploy single-digit minute mean time to detect and mean time to respond. And the third takeaway here is that we have to ensure a prevention posture across our security stack. This means minimizing the attack surface. This means defending the software supply chain. This means constraining the blast radius so even in an assumed breach scenario, attackers can't get off that initial access endpoint. And last, but certainly not least, it's securing every identity, machine, AI, human, so they have the right level of access at the right time. So I want to thank you very much. This has been a pivotal moment. The scale of this challenge is real, but I'm confident in our ability to solve it. Thank you so much for being here with us. OK, I'm actually going to stay out here because I'm going to be hosting the next session. We're actually going to pivot deeper here to talk a little bit more about what we need to do about these threats. And we're going to bring out a panel of world-class partners on the stage, and we're going to have them answer one question. What is the one action that every security professional in this room should take in the next 90 days to reduce identity risk? And so first, I'd like to welcome from Amazon Web Services, the Director of AWS Identity Crypto and Directory Services, Kranthi Dharapu. Kranthi, come on up. All right, welcome. Thanks for coming. Thank you for having me. OK, so you saw the question. You've got a room full of identity practitioners and experts here. What, from your perspective at AWS, is the one thing that you think professionals should do in the next 90 days? Well, hello, everyone. Thank you for having me here. At Amazon, we're building agents across different parts of the company. And at AWS, we're helping thousands of customers move from this experimenting with AI agents to deploying them, And in the process, we've learned some lessons, some the hard way, watching these agents scale. I would say one of the big things is not treating agents like any other workloads, just like other workloads. In the beginning, at first, it's very tempting to apply the same mental model as you would to any other microservice. Give it an IAM role, put it in a VPC, done. But we all know agents behave very differently than microservices. And microservices do what they're coded to do. But agents are making decisions in runtime, dynamically selecting tools, acting on behalf of people. Yet, I see over and over again that agents don't have their own identity. They're hidden behind user credentials. They're invisible with API keys and sharing service accounts with a dozen other agents. And there's a lot to securing these agents, but the foundational part of it is identity. If you don't have an identity, you can't scope it, you can't authorize it, you can't audit it. So I would say that's one takeaway, to give every agent its own unique identity. Agents should have their own principle. They should be having their own scoped permissions. And that will give you some attribution as well. We're using that also to break away from this static trust models. I hear from enterprises all the time, and it manifests in different ways. Enterprises say, I have agents which surface data to users that they shouldn't be seeing, or when there's multi-agent workflows everywhere now, and when there are issues, three delegation deep down, it's hard to attribute who has authorized this. Where did it come from? Yes. And then one of the organizations was talking about how they couldn't revoke an agent when the user context has changed in the middle of the agent sessions, or when the agent behavior has drifted from the intention. So a lot of these issues, the common thread is we still have this static trust model where we grant agents permission at the beginning of the session, and persist through the entire session workflow. I almost think of agents more like an overzealous intern than a service account. That's a good analogy. You don't know what they're going to do. They're doing something, but it's not always the right thing. So I would say, for me, the best practices that we are trying to drive in AWS is making sure every agent action is an authorization decision, and the scope of what it is doing is an intersection of the user and the agent. So it's foundational identity, like you said. Great. Well, thank you so much. Thank you for being here. Thank you. Okay. Next up, please welcome Managing Director from Deloitte, Kanwal Singh. Hey, Kanwal. Thanks for coming. All right. Kanwal, from your perspective at Deloitte, please tell us what is the one action that you think every security professional in this room should be taking in the next 90 days as it relates to identity risk? Sure. Well, first of all, thank you for inviting me. Thank you for being here. Yeah. Good evening, everyone. I think it's a pilgrimage every year. We come to CyberArk Impact. We meet a lot of people, and we talk. So since morning, we have been talking a lot, and I think we have been talking a lot about cloud identities and the spiral in that particular space. So if I have to talk about one action, I would definitely say execute identity attack path remediation sprints for the cloud workloads, because that's very important. If I talk about the data points that you and Jay shared with us, attacks are four times faster if we focus on, if we talk about AI-driven attack operations that the bad actors are executing, we kind of learn that from compromise to exfiltration, it's 25 minutes. 65% of initial access that an attacker gains is still through compromised identity. That's right. As well as identity is a factor for 90% of attacks. So these data points are reflective of the real world that we live in as security professionals. And the reality is that identity is a new parameter, and we need to definitely secure it. Now, in the old ways, it's like you go back, you run a security awareness program for identity. But that's not what the priority is. The priority is to go back and find the concentration of identity and the risk associated with it within your own organization, which means you may be looking, and some organizations may have that risk in their service accounts. Some may have in secrets or other stuff. Some may have it in newly created AI identities in the last six months, and suddenly the concentration has shifted. As well as we still talk about the legacy privilege access, particularly the identities which have standing privileges, they still pose a high concentration of risk for a lot of organizations. We see standing privileges as a huge problem. So that is important to find. Now, I can't say all this without talking about Palo Alto CyberAug because I'm really excited about this unity. Palo Alto helps clients identify exposure, entitlement path risks, and suspicious identity activities. CyberAug helps clients at the same time to secure privilege access by vaulting, by rotating, and force least privilege, as well as just-in-time access for cloud workloads. This excites me for the future, particularly in context of seeing new capabilities that you guys can roll down to the market. Maybe in the last minute, how is Deloitte helping in that area? Is that something that you're bringing to your clients as well? The one that I talked about, identity attack path remediation sprints, we are helping a lot of clients to think through that. To summarize, if I haven't asked for this room to go, it's like, hey, go back, pick up top 10 of your cloud workloads, map every identity associated with those workloads, remove unnecessary access, enforce vaulting, password rotation, just-in-time access. We are living in an era of AI-driven attacks. Speed is paramount with them, and identity is still the fastest path for any bad actor to get in. And I think if you run that identity attack reduction sprints in your organizations, face-by-face, we that's still the fastest way to remediate some of these risks associated with identity. Yeah, to close down a lot of those open vectors. Well, great. Thank you so much for coming. Thank you, Sam. Thanks for coming. I appreciate it. Take care. Thank you, everyone. All right. Next up, I'd like to welcome, through this rapid-fire interview session, we've got the Managing Director of Cyber Data and Tech Risk from PwC, Rich Neely. Rich, come on out. Thanks. Thanks for coming, Rich. OK, Rich, you've heard the question here. We're talking about identity risk. And what is top of mind, given everything that's going on? What should people be prioritizing right now? It's a big day for identity. We've made it to the risk table. Yeah, here we are. Suddenly, we're at the center of the world. We've known that for a long time. And some of the things we talked about in the past seem very quaint. I think last year, we talked about angry Canadians and things like that. Now, the issue is, really, we're about to get hit really rapidly with all kinds of things that we never expected. But the number one thing we're going to have to do is start acting with a risk point of view. And that's also going to mean participating in the risk organizations within the companies that we represent. And let's be honest. Everybody in this room hates the idea of sitting down with risk people and going through those long discussions and things like that. The GRC people aren't as fun as the identity is. No offense. Well-known. Well-known. No joke. Fun or GRC person, we've never heard that in a sentence before. But the reality is, these are the people that are going to have to help us to do this. 100%. Because if we listen to the things that we just talked about, everything that we need to take, the things that Conwell just talked about, the sort of vulnerabilities that Chai talked about, those vulnerabilities aren't new. What's new about it is how quickly they can be exploited, how rapidly they can be done. These things have not been finished for a long period of time. Standing privilege, we've been talking that forever. MFA, very quaint. I know everybody in this room has full MFA coverage. Across everything. That's quaint now. What we need to be able to do is to go forward and ask our leaders for the money to do this. It's going to take a tremendous amount of resources. It's going to take all kinds of resources that, frankly, we don't have right now. And that's going to be the ability to go put forward a business-based discussion, putting forward the risks that's there. So it's a good time to align with the GRC people. They do this all the time. They are able to explain it in business terms. We don't do a particularly good job at that. And I think we need to start aligning with people within our organizations to help explain this threat, not in our terms, but in business terms. One of my hopes is that if there's a silver lining here with what's going on with Frontier AI, it's caught the attention of the board and the CEO. And I've had more CEO and board-level conversations in the past couple of weeks than I've had in years. And so hopefully we have their attention to make some of these changes, right? I think we have their attention now. And this is a golden opportunity for us. Many of the things that we know have to do, we've been telling them for years. And why is it all our applications aren't covered right now? Because we've made decisions about the limits of budget. And for many of us, it's been hard to go back to our leaders and say, we need more money for this. This is the moment to do it. I think we just have to, it would be a shame to miss this opportunity. I think it's also changed from this point of view. This isn't about compliance any longer. And for a long time, that's the view of this. It's about risk. And it's also, for most of these companies, it's existential. Their ability to exist. We are gonna see companies that just disappear like that. Their ability to sustain long-term outages of their supply chain, any number of the problems that they have. These have real business impacts. And it's on us to be able to explain it to our businesses in a way that they can understand it and put it within that context. There's a saying that's pretty common in incident response, but I think it applies here too. And that's, don't let a good incident go to waste, right? And I think we have that moment here with Frontier AI, with Mythos, in terms of the attention it's bringing to security teams end to end. Identity, GRC, SecOps, you name it. We've got the attention. Yeah, look, we come from a profession that tends to be very cocky. We believe we can go out and save the world all by ourselves. I think as you put it, we all like that heroic moment and so on. You're gonna need a lot of help. You're gonna need to be able to do this as a community. And more than anything, we're gonna have to be able to explain. I agree with you. CEOs are thinking about this. They're talking about it. They're inquiring about it. They'll keep talking about it until we can make it actionable for them. Well, they need our help. They need our help to figure out what to do. Exactly. Great. Well, thank you so much for coming out. Real pleasure. Thank you. Thank you. All right. Next up, I would like to welcome the Global Identity and Trust Lead from Accenture, Sanjeev Sukla. Hello. Hello. Hello. Hello. Hello. All right. Thank you so much for being here. You've heard the dialogue. It's been a great conversation. What do you think the number one priority is for organizations as it relates to identity and identity risk? First of all, thank you for inviting me. I mean, it's a big gathering. It's great to see the community has grown so big. I think from the, two things I'll say. One is that, just make a decision, get off the fence. I'm still seeing, I mean, almost two, three weeks back, I was meeting a big bank, and it's still there 35%. Privileged identities, privileged accounts are unmanaged. 35%. Wow. This is a bank. We won't say which one. And also, if you go to any big global bank and ask them, do you have a full visibility of your privileged identities and secrets, and do you have an inventory? The answer is no. So, my first request is, get off the fence, make a decision, tool A, tool B, doesn't really matter. Just get going. Because the reason why I say that, I think agents are taking over the world. They are doing great work on software development side. There's a lot of work happening on agent e-commerce as well. These are the, and then customer service. These are the two, three areas where agents are actually being adopted very rapidly. It's my personal belief, this is not Accenture's view, that it will take about 24 months for agents to be mainstream. The reason is, there's some very fundamental questions about liability, assumption of liability, assumption of trust, and also the token cost versus harness cost plus risk, all these things put together. My take is, it will give you about 24 months. So, 24 months is the time that identity leaders have to get a control and hang over their privileged accounts, privileged secrets, because the last thing you want is to have an autonomous agent which has a mind of its own. I think you rightly pointed out that it's very enthusiastic in turn. Yeah. You don't want to unleash them in an environment where you have unmanaged privileged accounts. Right, yeah, so 24 months, but at the same time, I bet the CEO is pushing, right? They want it to be yesterday, right? 100%. Yeah, so it's gonna be a long 24 months of pressure if identity teams aren't ready to secure those things. So, get a handle on visibility. First is to establish visibility, and then inventory as well. So, at least you know what is going on, and I think in one of your slides also, the visibility is becoming a context and visibility, that combination becoming a big problem. So, start there, and then obviously, if you can get a handle on this whole situation much quicker, then that's better. And also, just keep in mind that the access has been designed with just-in-case. So, in the human world, with human workforce, it was always about just-in-case access, so you may need it. Great class. But as we, yeah, we may need to move to just-in-time with zero standing privilege should be our goal. I think that's where we need to head to. That's great. Love that perspective. Thank you so much. Thank you. All right. Okay. Okay, last, but certainly not least, we have Managing Director of Cybersecurity Services from KPMG, Adam White. Adam, we've been having a great conversation about risk, and what is the number one priority? We've gotta do something in the next 90 days. How do you decide what comes first? So I think you and Shai both spoke about this. I think understanding the attack surface isn't as trivial as, oh, I know my service accounts. Obviously, we talked about it just now, Sanjeev, about what's those unmanaged privileged accounts, et cetera. But actually, how are people using agents in my environment? On behalf of access, it's become more and more like I use cloud code, and it's like, oh, I think I know what it's doing. Okay, yes, yes, yes, yes, right? And you just go forward. And I think teams, and I'm recognizing there are different roles in this room, from engineers to leaders to what have you, and they're all gonna have, say, hey, how do I deal with this with my leaders? We wanna have an answer now, to your point, right? And I think for that, it's understanding and defining, here are the use cases of how AI is being used. Do I know about all the different sanctioned AI projects that are happening? Unsanctioned, someone's doing an experimentation, and it's just like, oh, I'm just gonna create these API keys and see what happens. Some shadow AI building. Exactly, and a lot of that's gonna happen. A lot of that's gonna happen. It's like, oh, do you even detect that someone installed cloud on your enterprise? If you don't, guess what? That's a problem. That's right, yeah. And I think in the next 90 days, three questions, attack surface, and then the second one is, do I have the tech stack to manage it, to contain it, to contain all these things that are happening? Do I know, okay, so let's say I know about my privileged access because I monitor my side rocket. I have telemetry and all that kind of stuff. Do I know what happens when something is using an API key? Am I monitoring my GitHub, my actions, all those kind of things? Is someone even looking at it at a SOC perspective? So I think that's your second one. And then the third one is, does my SOC team, can it actually respond as quick as they need to? Because right now, to your point earlier, it's like, okay, I have an incident. Someone has an incident, there's a ticket. I have to call someone. How quickly, I don't know what this is. Maybe it's normal. You actually have to have some magentic SOC. Yeah, and I'll tell you, the visibility into what's happening in AI building, it's not out there. The way, I mean, EDR has been out for years and there's good visibility into endpoint use, but not into using MCP servers, using cloud code, pulling models down from Hugging Face. A lot of SOCs are really blind to that. There's a lot of upskilling that needs to happen for identity teams to really understand how a developer is using. This new technology, because they're building applications. I don't know, probably not thinking about it. Most of the folks aren't cyber folks that are building these applications. Well, it reminds me of cloud, maybe, I don't know, 10, 12 years ago, where everybody's jumping into cloud just as fast as they can. And the cloud companies, they want to make everything work. So when you connect it, it's open, right? And it's on you from a shared responsibility model to lock things down. And a lot of the AI building is very similar, but they're not, right, from an identity standpoint. Yeah, so in 90 days, it's, am I ready for this? And we get it, like some folks are not gonna have the staff to do this. So they have to say, hey, listen, this is the problem. This is my tech stack, maybe I'm missing some products. Third is like, I don't even have the people to do this. What else, what am I gonna do here? Yeah, I'm sure, are you guys getting a lot of calls for help with this stuff? People are trying to kind of understand. Obviously, I'm just trying to understand, hey, what does it mean from a compliance perspective? But they're also trying to understand, hey, how do I protect this? Do I even understand? And even in the conversations I have, a lot of the identity folks are used to working with UI tools. But this is a different, this is a bit of an AppSec type environment that we're seeing and concepts of secrets and SSH keys and API keys. And on behalf of access, I think, is one of the most emerging thing. Whole new world for identity to cover these areas. It is, absolutely. Well, fantastic. Thank you so much for coming out. I appreciate it. Thank you. Good. Cool.
