A staggering amount of cybercrime is committed through credential theft followed by privilege escalation. The fact is, most user IDs aren’t very hard to intuit and passwords aren’t far behind. As a result, even if malicious actors had to brute force user credentials, they would find relatively easy exploits. But the fact is, phishing is an even easier—and more effective—way for threat actors to obtain legitimate credentials and use them to pivot through the network until they find the juicy data they want to steal, modify, or corrupt. Many companies let identity management lapse because task lists are long and managing user credentials isn’t the most interesting part of a security practitioner’s job. That said, identity is a critical security control that must be at the top of security’s priority list. Identity and access management doesn’t have to be onerous, though, and during MISTI’s Identity and Access Management eSummit, you will hear from practitioners how to keep your IDAM on track with just a little attention and effort.