Edited by Apryl Motley, CAE – Communications & Technical Writing Consultant
As part of our ongoing commitment to providing you with additional opportunities to benefit from the insights and expertise of InCommon Catalysts, we are continuing their quarterly Q&A column, Catalyst to Catalyst, which we feature in our e-newsletter InCommon News.
Think of Catalyst to Catalyst as a quarterly, virtual advice panel providing perspectives on key identity and access management (IAM) topics for the InCommon community. In this installment, two catalysts discuss the potential impact AI may make in IAM. This is our second column for 2025.
AI is already making an impact in the development of technical solutions. We see it being used more and more to review and generate code. There are a multitude of different services filling this niche. It’s also being used to help debug technical problems and to review complex system logs to help pinpoint problems.
Aside from being used as a development tool, AI also plays a large role as an IAM security threat. Bad actors are able to create more and more convincing targeted phishing campaigns. Different security measures may become easier to compromise with the help of AI. It requires everyone in IAM to take a deeper look at their security measures and spend extra time detecting potential security breaches.
—Jim Beard, IAM and Grouper Engineer, Unicon; jbeard@unicon.net
I’ve observed AI transform IAM from manual, policy-driven processes into more dynamic, adaptive services. I want to highlight several AI-powered IAM capabilities reshaping the IAM landscape. These capabilities are increasingly relevant to the higher education community and include:
AI-driven role mining and entitlement recommendations: Machine learning analyzes historical access assignments, peer group memberships, and usage logs to recommend roles or specific entitlements for new users.
Risk-prioritized certification campaigns: Rather than forcing managers to review every account, AI prioritizes accounts or entitlements based on last-access date, unusual activity, and peer risk profiles. High-risk items surface at the top of certification lists, allowing reviewers to focus time where it matters most.
Continuous monitoring of post-authentication activity: AI builds a baseline of normal user behavior (login times, applications accessed, data operations). Deviations, such as accessing sensitive files at 2 a.m. from a new device in another country, trigger alerts, or automated containment actions (e.g., session termination, step-up authentication).
AI-powered self-service for common IAM tasks: Natural-language chatbots integrate with IAM platforms to handle password resets, access requests, and entitlement queries thus automating routine tasks that would otherwise require manual help desk intervention.
AI-enhanced correlation of threat feeds with identity data: By pulling in threat intelligence feeds (compromised-credential lists, IP blacklists) and correlating with identity activity, AI can mark certain authentication attempts as high risk. For instance, if a login attempt matches a recently leaked credential, it’s flagged immediately.
—Giselle Martinez, Senior IAM Consultant, Moran Technology; martinez@morantechnology.com