Andras Cser
VP, Principal Analyst
Author Insights
Blog
Identiverse 2026 Recap: Identity Security For Agentic AI Dominates
Last week’s Identiverse conference in Las Vegas left no doubt that the scope and importance of identity security is now magnified. Identiverse 2026 underscored the current transition in identity security as organizations grapple with an expanding universe of identities beyond humans. As Ping Identity CEO Andre Durand framed it in his opening keynote, the industry […]
Blog
Use The New Executive Order As A Canary For Enterprise PQC Migration And Procurement
On June 22, 2026, the White House issued a new executive order (EO), Securing the Nation Against Advanced Cryptographic Attacks. While it has direct implications for federal agencies, there are parts that are worth paying attention to for enterprise security and risk leaders. Here’s what’s worth your attention, whether or not you hold a federal […]
Hear more from Andras Cser
Upcoming Events
Security & Risk Forum
Upcoming Webinars
Check back soon for upcoming webinars.OnDemand Webinars
Check back soon for on-demand webinarsBlog
New Executive Order Makes PQC Migration A Multiyear Operational Program For Federal Security Leaders
For a private-sector CISO, a new US executive order (EO), Securing the Nation Against Advanced Cryptographic Attacks, is an additional signal and call to action. For federal security leaders, it’s an order with your name on it. The recap on what to do is short: Inventory your cryptography, name someone to run the migration, and […]
Blog
Anthropic’s Claude Rolls Out End-User Identity Verification
Anthropic is now requiring select users to successfully complete a physical government-issued ID document verification (PIDV) process “for a few use cases,” although those use cases are not currently specified. Anthropic is the data controller in the process and will be using identify verification (IDV) provider Persona Identities to conduct the IDV process. IDV prompts […]
Blog
Unified Financial Crime Management Is Not Just For Small And Regional Banks
Fraud management and anti-money laundering (AML) solutions share common traits and requirements: Both are about risk scoring of entities (names, phone numbers, email addresses, accounts) and routing and investigating alerts and cases to AI agents and human investigators. While smaller, regional financial institutions (FIs) and insurers have always been motivated to consolidate tools and resources […]
Blog
Think Hardware Security Modules Aren’t Exciting? Think Post-Quantum Migration!
Hardware security modules (HSMs) are a key foundational security component of public key infrastructure. HSMs hold the crown-jewel keys for encryption and digital signatures and perform encryption and decryption operations on protected data and payment information. While HSMs have been in use for decades, they now play an oversized role in migrating to post-quantum security […]
Blog
What We Saw At AWS re:Invent 2025
The goal of this year’s event was to position AWS as a newly transformed, AI-native cloud that’s ready right now. Here’s a closer look at the key announcements and developments.
Blog
UK Government Plans To Mandate Digital eID For All Legal UK Residents
The UK government plans to mandate an electronic digital identity scheme and credential to all legal residents and employees of the UK to prove immigration and employment eligibility status. Read our assessment of the benefits, challenges, and concerns.
Blog
Is Zero Trust Canceled? Revisiting DEF CON Research
Did AmberWolf’s talk at DEF CON 33 uncover any true fundamental flaws in Zero Trust? Although we think the research uncovered some significant issues, calling it a “total bust” is definitely overblown. Find out why.
Blog
Palo Alto Networks Enters The Identity Security Market With $25B Purchase Of CyberArk
The third-largest cybersecurity M&A deal in history makes sense in some respects, but the track record on mega security and identity tie-ups is incomplete and unproven.
Blog
Microsoft Retires Password Management In Authenticator
Microsoft’s move to gradually retire password management capabilities in its Authenticator application will have three immediate effects.
Blog
AWS re:Inforce 2025 — Heavy On User Experience Enhancements, Light On The GenAI Hype
This year's AWS re:Inforce event included a big announcement and revealed other security-related enhancements. Read our top takeaways.
Blog
President Trump Amends Previous Cybersecurity Executive Orders: Here Is What You Need To Know
President Trump recently issued an executive order on national cybersecurity that amended and struck several provisions in prior EOs related to cybersecurity. Here’s what security leaders need to know.
Blog
Worldcoin Orb Identity Verification Device Faces Headwinds In Mass Adoption
Last week, identity verification and authentication startup World (which was cofounded by OpenAI cofounder Sam Altman) announced that it is broadening operations of its Orb device in the US.
Blog
Tackling Cloud Security: US State And Local Government Edition
Learn some of the unique challenges that state and local governments face when it comes to cloud security and governance.
Blog
It’s Time To Start Planning Your Postquantum Migration
When will quantum computers will be able to break asymmetric cryptography and algorithms? And what steps should you take to prepare? Find out in this preview of a report on quantum security.
Blog
RSAC Conference 2025: Innovation Sandbox Turns 20
RSAC Conference 2025 featured the 20th annual Innovation Sandbox competition. Learn more about the entrants and results in this review of the event.
Blog
Tackling Cloud Security: US Federal Edition
Back in 2007, the first US federal CIO, Vivek Kundra, was appointed. Shortly after in December of 2010, he launched one of the world’s first “cloud-first” initiatives, making many US federal agencies such as the General Services Administration (GSA) some of the earlier innovators in this arena.
Blog
RSAC Conference 2025: Welcome To The Petting Zoo
From live goats and puppies to robot dogs and animal costumes, the RSAC Conference 2025 delivered some unexpected surprises. But it also delivered the usual insight into various trends in the security market today. Find out more in this RSAC review.
Blog
OpenAI Requires Identity Verification For Access To Its Latest Models
OpenAI announced that it will require organizations to complete an identity verification (IDV) process to verify their organization’s identity before being allowed to access the latest OpenAI models. Identity verification will likely require developers to digitally verify themselves using government-issued photo ID from permitted countries and prove their affiliation with their organization. Forrester expects that […]
More posts