In this episode of the Talos Threat Perspective, we explore how identity is being used to gain, extend, and maintain access inside environments. Drawing on insights from the 2025 Talos Year in Review , we break down how attackers are: · Targeting identity systems and MFA workflows · Establishing persistent, high-trust access · Using internal phishing to move laterally · Could potentially exploit over-permissioned AI agents and identity-linked access · Blending into normal user behaviour This episode focuses on how identity enables attackers to scale their operations, and what that means for defenders trying to detect and contain them. Read the 2025 Cisco Talos Year in Review Download now