Resources

/

Podcasts

/

Secure IT

RSA 2025: Identity Is the New Threat Vector

Episode 18   Published May 29, 2025 11 minute watch

Secure IT

The Secure IT Podcast, hosted by Automox CISO Jason Kikta, is your one-stop shop for all things IT and cybersecurity. Jason knows good security comes from good IT. Step into a CISO’s shoes and trek through the world of technology and cyber defense to stay ahead of potential threats. Each episode is packed with the latest trends, tips, and expert advice.

Jason Kikta is the CTO of Automox

Host

Jason Kikta

RECENT EPISODES

Best-In-Class Remote Control

CISA's BOD 26-04 Directive Explained

[Nothing Weaponized, Everything Exposed]

[AI Hits the Hat Trick], Ep. 32

View all episodes

Available wherever you get your podcasts

Youtube

Apple Podcasts

Spotify

Overcast

Pocket Casts

Amazon Music

Castro

Goodpods

Castbox

Podcast Addict

Player FM

Deezer

Summary

Identity has replaced malware as the centerpiece of cloud attacks. At RSA 2025, Automox CISO Jason Kikta finally saw the industry catch up to it. Attackers now move through compromised user identities, IDPs, and service accounts to escalate privilege and run their operations. Kikta calls the conference's new focus on identity encouraging and roughly five years overdue. He also tracks a shift among younger vendors. They are narrowing their attention to the core systems and choke points where an attacker could do real damage to the business. They spend less effort cataloging every possible risk.

Takeaways

  1. Cloud-era intrusions now revolve around identity. Initial access, lateral movement, and privilege escalation all run through identity. The mechanisms are user identities, IDPs, and service accounts. That replaces the old chain of a phishing dropper followed by a beacon and a RAT. Kikta says identity has become the centerpiece of attacker tooling and technique.

  2. RSA 2025 put heavier emphasis on identity, which Kikta calls encouraging and about five years overdue. Identity is where prevention, detection, and response most often matter in cloud environments.

  3. Cybersecurity remains much heavier on finding problems than on fixing them. Kikta has flagged this detection-over-remediation imbalance across the past few RSA conferences.

  4. Two risk methodologies are competing. One catalogs every possible weakness. The other is threat-informed and prioritizes the core technologies and choke points where an attacker could cause meaningful business damage.

  5. The major security conferences are trending toward homogenization, with RSA and Black Hat increasingly merging. Kikta says that makes each individual show less valuable.

Topics

Vulnerability Remediation

See for yourself how policy-driven IT Automation saves time and eliminates risk.

Dive deeper into this topic

CISA's BOD 26-04 Directive Explained

Podcast

CISA BOD 26-04 sets a 3-day patch deadline for federal agencies. Here's what changed, why it will reach your organization, and what to do before it does
The Three-Day Clock: What CISA's New Patching...

CISA BOD 26-04 sets a 3-day patch deadline for federal agencies....

Dirty Frag: What You Need to Know and How to...

Dirty Frag is an unpatched Linux LPE chain affecting esp4, esp6,...

The Math of Modern Attacks

Podcast