Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The digital landscape continues to undergo dramatic transformations. Long gone are the days when software, servers and infrastructure were monolithic and centralized. Today, organizations operate in a distributed and modular world, where machine identities are everywhere and environments are in various states of flux. AI and agentic AI are already starting to expand the volume and complexity of machine identities.

In this episode of the Security Matters podcast, host David Puner sits down with Lior Yaari, CEO and co-founder of Grip Security, for a discussion that covers the concept of identity debt and its implications for modern cybersecurity. Lior shares insights from his experience in Israel’s elite Unit 8200 and explains why identity is now the new security perimeter.

Protecting a large enterprise is like playing goalkeeper in a soccer match. A CISO’s job is to keep the net clean while multiple attackers close in from various angles, aiming to score. No matter how many shots the goalie blocks, a single goal can win the game for the opposition.

Quantum computing isn’t just coming—it’s barreling toward us, flipping the rules of cybersecurity like a table in a bad action movie fight scene. And it begs the question every CISO and IT security professional should be asking right now: Are we ready for the quantum leap? While this groundbreaking technology promises extraordinary advancements, from AI breakthroughs to disease modeling, a darker shadow lurks beneath its potential.

Imagine receiving an urgent email from your bank that looks perfectly legitimate. It warns you of a suspicious transaction and prompts you to verify your identity. You hesitate but click, and suddenly, your credentials are compromised. This scenario, crafted by AI-powered fraud-as-a-service, is happening now.

Kubernetes powers modern application deployments, yet safeguarding its secrets remains a formidable challenge. In a 2024 report, IBM estimated that 16% of data breaches stemmed from compromised credentials, resulting in significant financial losses. The recent attack involving a stolen API key at the U.S. Treasury Department highlights the vulnerability of even well-protected systems.

An attacker doesn’t need your password anymore. They don’t even need to break your MFA. They just need to get ahold of your session. And once they have it, they are you. Organizations have focused on securing access for two decades, initially relying on passwords. When passwords proved weak and insufficient, multi-factor authentication (MFA) emerged as the new standard. It was a substantial improvement, adding an extra layer of security to verify users.

AI is the best thing that’s ever happened to cybercriminals. It allows them to weaponize trust and launch identity-based attacks with staggering scale and sophistication. I’m talking about mutating polymorphic malware, prolonged ransomware sneak attacks that lead to double-extortion and deepfakes that defraud victims every few minutes.

In this episode of the Security Matters podcast, host David Puner is joined by Lavi Lazarovitz, Vice President of Cyber Research at CyberArk Labs, to explore the transformative impact of AI agents on cybersecurity and automation. They discuss real-world scenarios where AI agents monitor security logs, flag anomalies, and automate responses, highlighting both the opportunities and risks associated with these advanced technologies.

The importance of machine identity security has reached a critical juncture in 2025. With machine identities now far outnumbering human ones, securing these digital credentials has become a top cybersecurity priority for enterprises.