← InsightsResearchSecurityAPR 2026 · 9 MIN

Identity Risk: The New Security Perimeter

Why stale users, orphaned admins, and toxic permissions are a bigger attack vector than unpatched CVEs.

Ravi Subramanian
Security · Research
In this piece

The argument at a glance.

Why stale users, orphaned admins, and toxic permissions are a bigger attack vector than unpatched CVEs.

01The identity risk surface
02What to do now

Identity is the new perimeter. Stale users, orphaned admins, missing MFA, risky service accounts, and toxic permission combinations represent the most exploitable attack surface in cloud-first enterprises.

The identity risk surface

  • Orphaned admin accounts in IdPs that were never deprovisioned.
  • Service accounts with no owner and broad permissions.
  • Toxic permission combinations that create privilege escalation paths.
  • Missing MFA on privileged identities across SaaS and cloud.

What to do now

Connect your IdP, cloud, and SaaS systems into a unified identity graph. Score identities by risk. Automate access reviews. Clean up stale access. The fastest wins in security come from identity hygiene — not more vulnerability scanners.

Keep reading

More from the lab.

All insights
ReportMAY 2026

The State of Data Governance 2026

How leading enterprises are moving from passive catalogs to active governance control planes — and the architecture patterns behind it.

BriefingAPR 2026

Why Privacy Operations Need a System of Record

Privacy programs are still running on spreadsheets and tickets. Here's what an operational privacy platform looks like.

PulseMAR 2026

From Compliance Theater to Evidence-Based Governance

Why screenshots, spreadsheets, and Slack threads are not evidence — and what replaces them.