Former Gartner research VP, identity, and cybersecurity leader, Mr. Mahdi is an industry recognized pioneer. Co-Founder of the emerging Machine Identity Management market. David has helped large organizations tackle digital transformation projects that included digital identity, IoT security, and early stage blockchain efforts; guided organizations to build internal cryptography teams, such as the cryptography center of excellence; and consulted through IPOs, raising capital, and M&A, among many other contributions. A top performing analyst, his depth and breadth of coverage made him one of the most demanded industry analysts for clients around the globe. As a market maker, David was instrumental in creating markets and definitions for areas such as: Decentralized identity, Bring Your own identity (BYOI), passwordless authentication, Machine Identity management, and privacy enhanced computation. At Transmit Security, David's multifaceted role spans, security research, collaboration with industry analysts, R&D, as well as hosting CISO advisory sessions around the globe; the role of Chief identity officer keeps David busy!
With compromised identities being the top attack vector of choice, it’s about time we take a look at our IAM systems; they simply were not built for the scale and resilience needed to support modern digital business. Further, the threat landscape has evolved past traditional notions of data breaches and stolen credentials, revealing a much darker reality: identity is now the primary target. With vast amounts of PII in the wild, attackers are exploiting vulnerabilities in Customer Identity (CIAM) systems that were never designed to counter adversaries. Many digital businesses today rely on legacy CIAM that were built off of workforce solutions with emphasis on employee productivity. The previous productivity-centric mantra of IAM, IAM “joiner, mover and leaver”, needs to evolve to add “adversary”.
Complicating matters further, is the rise of GenAI enabled identity threats such as Deepfakes. Mitigating GenAI identity threats, requires a cyber-resilient foundation, ensuring business continuity. Legacy CIAM baggage has left us vulnerable to increasingly sophisticated identity attacks, as demonstrated by high-profile breaches like those of MGM Resorts.
As the market undergoes significant disruption, current CIAM leaders are scrambling to incorporate identity threat detection response systems, and fraud detection into their offerings—a reactive approach akin to applying a band-aid to a wound that needs surgery. Resilient cybersecurity is foundational, not an add-on, it must be integrated from the ground up, forming the bedrock of cyber-resilient digital trust. This presentation will delve into the AI-driven identity threat landscape forcing the evolution of legacy CIAM towards cyber-resilient identity security.
Roundtables hosted by:
GenAI offers the ability to automate, security and IAM by enabling IT leaders with the ability to streamline threat detection and response
But there is a dark side: did you know that nearly 6 months after the release of GenAI enabled ChatGPT, attackers released FraudGPT?
They now have the ability to quickly scale complex and targeted campaigns. With GenAI attacks, such as Deepfakes, the impact on how you create, validate and authenticate customer identities needs to adapt to an AI/ML world.
The notion of digital trust is at stake; technologies, and processes that we have relied on for decades, is all at risk. A new approach is needed.
In this session we will discuss attacker patterns and how they are leveraging GenAI. And with that insight, how you can prepare to leverage GenAI for better fraud detection, identity verification, and automated response to rapidly changing and complex threats.
This session will explore the critical role of Identity and Access Management (IAM) in the financial services industry as it faces increasing threats and evolving regulations. Panelists will discuss the rise of generative AI attacks, including deepfakes and AI-driven fraud schemes, and how these technologies are being exploited by cybercriminals and rogue actors. They will share insights into the latest trends in identity infrastructure and the measures being taken to protect against these sophisticated threats.
The conversation will also highlight proactive approaches to identity security, with a focus on how leading institutions are using fraud fusion centers to integrate IT, cybersecurity, and fraud prevention efforts. Panelists will address the impacts of rapidly changing regulations, such as privacy laws and anti-money laundering frameworks, on IAM strategies and compliance.
Additionally, the session will examine the resilience of identity systems in the face of outages and potential exploitation, especially as financial services increasingly move to cloud-based infrastructure. The panel will also provide practical advice on fostering cross-functional collaboration within large organizations to enhance security, manage risks, and ensure governance compliance.