#409 - Q1 2026 Identity Threat Report Roundup

Jeff and Jim review seven major IAM and cybersecurity industry reports from Q1 2026, covering releases from Check Point, Recorded Future, Sophos, Palo Alto Unit 42, IBM X-Force, Darktrace, and Hypr. They pull high-level findings and hot takes from each, identifying recurring themes: AI accelerating attack speed to as little as 72 minutes from breach to data exfiltration, identity infrastructure as the primary attack surface, machine identities as a growing and undermanaged risk, MFA gaps enabling credential abuse, and the near-impossibility of blocking every intrusion attempt. The episode also covers third-party and supply chain risk, deepfake attacks reaching 87% of surveyed organizations, stalled passkey adoption in the enterprise, and what zero standing privilege looks like in practice. They close with a lighter discussion on dark mode versus light mode and a hypothetical podcast reboot.

Reports:

Check Point Cyber Security Report 2026 — https://www.checkpoint.com/security-report/

Recorded Future 2026 State of Security Report — https://www.recordedfuture.com/research/state-of-security

Sophos Active Adversary Report 2026 — https://www.sophos.com/en-us/blog/2026-sophos-active-adversary-report

Palo Alto Networks Unit 42 Global Incident Response Report 2026 — https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report

IBM X-Force Threat Intelligence Index 2026 — https://www.ibm.com/reports/threat-intelligence

Darktrace Annual Threat Report 2026 — https://www.darktrace.com/resources/annual-threat-report-2026

HYPR 2026 State of Passwordless Identity Assurance Report — https://www.hypr.com/report

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at http://idacpodcast.com

TIMESTAMPS

0:00 - Intro and weather chat

3:00 - Conference updates: EIC Berlin and Identiverse

7:30 - Q1 2026 IAM report roundup overview

8:30 - Check Point Cybersecurity Report 2026

13:00 - Recorded Future State of Security 2026

17:00 - Sophos Active Adversary Report 2026

21:00 - Palo Alto Unit 42 Global Incident Response Report

23:00 - IBM X-Force Threat Intelligence Index 2026

28:00 - Darktrace Annual Threat Report 2026

29:30 - Common themes across reports

37:00 - Hypr State of Passwordless Identity Assurance 2026

44:30 - Overall takeaways: AI speed, machine identity, third-party risk

48:00 - Light mode vs. dark mode and podcast reboot hypothetical

57:00 - Wrap-up

KEYWORDS

IAM, identity and access management, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, cybersecurity, Q1 2026, Check Point, Recorded Future, Sophos, Palo Alto, Unit 42, IBM X-Force, Darktrace, Hypr, machine identity, NHI, MFA, passkeys, zero trust, zero standing privilege, AI threats, deepfakes, credential theft, phishing, ransomware, supply chain risk, ITDR, passwordless, EIC, Identiverse