As artificial intelligence reshapes enterprise risk, identity is fast becoming the most critical line of defense. Cybercrime already costs the Asia-Pacific region an estimated US$1 trillion annually, and experts warn that AI-powered deception is accelerating faster than traditional fraud controls can keep up.
In an interview with iTNews Asia, Johan Fatenberg, Director at Ping Identity, stressed that identity must now serve as a strategic control point in the AI era. He argues that organizations must “fight fire with fire” by using AI-powered tools to detect deepfakes. This analyzes anomalies in user behavior, and counters increasingly sophisticated fraud attempts.
Recent high-profile cases underscore the urgency. In Hong Kong, a finance officer was tricked into wiring US$25 million using a deepfake CFO, while in Singapore, a finance director narrowly avoided a US$499,000 loss in a similar scam. Nearly 48% of IT leaders admit to lacking confidence in detecting deepfakes, with two in five expecting AI-driven identity fraud attempts to escalate in the next 12 months.
Key strategies highlighted include:
- Identity Threat Detection and Response (ITDR): Reinforcing zero-trust principles with continuous anomaly monitoring.
- Decentralized Identity (DCI): Reducing reliance on centralized data stores by using verifiable, device-stored credentials.
- Risk-Adaptive Workflows: Dynamically adjusting access controls based on real-time behavior and risk profiles.
- AI Agent Governance: Establishing unique identifiers, permissions, and lifecycle management for autonomous AI systems.
Fatenberg emphasizes that traditional identity frameworks designed for humans are not sufficient for AI agents, which require purpose-built governance. Enterprises must adopt “verify everything” mindsets, balancing user experience with strict access controls. Organizations that prioritize AI-aware identity management will be best positioned to safeguard trust, security, and long-term competitiveness.
Source:
