Five Critical Insights from the State of Trust Summit

The State of Trust Summit delivered powerful insights into the challenges and opportunities shaping the future of digital trust. Myself, security experts, and identity enthusiasts came together to explore how businesses can safeguard digital interactions, combat emerging threats, and ensure trust at every level of engagement. While there were many memorable moments, the following were my top takeaways.

Trust is eroding across every layer of digital interactions. Research shows declining trust across infrastructure, data, applications, devices, and identity. Beth Sanner’s keynote, Trust in an Age of Geopolitical Upheaval, highlighted how misplaced trust has led to devastating consequences in intelligence operations and how those lessons apply to today’s cybersecurity landscape. The lesson? Trust must always be verified, never assumed.

The Trust Pyramid

At the summit, I introduced the Trust Pyramid, a framework that identifies the layers of our digital ecosystem, and the critical threats to each:

• Infrastructure: The unseen backbone of digital interactions. Generally well-secured, but quantum threats loom.

• Data: The foundation of decision-making. Attackers target this layer after penetrating IAM systems.

• Applications: A primary attack surface, nearly 50% of breaches stem from application vulnerabilities.

• Devices: Endpoints are highly susceptible to malware and zero-day vulnerabilities.

• Identity: The weakest and most targeted layer, identity is the origin of most security incidents. It’s also the perimeter around the pyramid.

Beth’s keynote further unscored the urgency in addressing the threats across the trust pyramid by stressing that cybercriminals and nation-states exploit weak security measures. We both stressed that it’s imperative to verify every digital interaction.

AI is revolutionizing identity security but is also being weaponized by attackers. AI-powered deepfakes, misinformation campaigns, and automated cyberattacks are evolving faster than traditional security measures.

Beth detailed real-world cases where AI-generated fraud deceived government agencies and financial institutions. This raised the urgent need for advanced AI-driven defenses. Further, many of the breakout sessions highlighted the many threats and opportunities related to AI, especially considering adversarial bots, AI agents, and how they intersect with identity.

What Needs to Happen

• Live Verified Identity: Deepfakes require defenses such as real-time liveness detection and biometric verification.

• Intelligent Authentication: AI must be leveraged to fight AI—real-time anomaly detection can prevent sophisticated fraud attempts.

• Human + AI Defense: Security teams must integrate AI-driven detection with human intelligence to combat evolving cyber threats.

Businesses that do not adopt these approaches risk falling behind in an era where identity fraud is advancing rapidly.

The old security mantra, “Trust, but verify,” is outdated. Today, you can’t trust anything. The keynotes and several breakout sessions emphasized the need for organizations to stop assuming trust and instead verify every user, device, and system interaction.

How to Build a Trust Future

• Identity-Centric Security: Identity is now the new perimeter, and it must be protected at all costs.

• Continuous Verification: One-time authentication isn’t enough—continuous authentication and risk-based decision-making are crucial.

• Third-Party Trust: Trust must be actively managed, not assumed.

Implied trust is no longer suitable—explicit, verified trust is an essential approach for safeguarding digital interactions.

The traditional digital identity model is evolving – the future of IAM is both adaptive and decentralized. A key challenge is the rise of AI agents managing digital interactions.

Trends Shaping Identity Security

• Adaptive Identity: Authentication must be context-aware and dynamically adjust based on user behavior and risk signals.

• Decentralized Identity: Self-sovereign identity and verifiable credentials will increase security and empower users while reducing reliance on centralized systems.

• AI Agents: Automated agents are helpful and growing exponentially, but should be treated differently than human users and adversarial bots. Identity governance will be necessary to verify the trustworthiness and access of automated agents.

Organizations that fail to modernize their identity strategies will fall behind. The future of identity is adaptive, decentralized, and AI-agent driven.

Balancing security and user experience is critical. Organizations that prioritize security at the expense of usability risk alienating their customers, employees, and partners.

Strategies for Secure and Seamless Identity Experiences

• Progressive Profiling: Gradually collecting user data to improve security without adding friction.

• Adaptive Access: AI-driven authentication dynamically adjusts based on user behavior and risk levels.

• Passwordless Authentication: Biometrics, passkeys, and MFA reduce friction while strengthening security.

• Trust in B2B Relationships: Managing third-party access at scale requires federated identity models and AI-driven monitoring.

The organizations that master the balance between security and user experience will lead in the digital identity space.

Peter Barker’s closing keynote reinforced that trust must be actively built into every digital interaction, not just assumed. He summarized the event and outlined two real-world customer stories about how Ping can help organizations with the shifting paradigm of trust. He noted, “Trust is the invisible foundation of our digital world. Without it, every interaction becomes a risk.”

Overall, the State of Trust Summit made one thing clear: trust isn’t assumed—it’s verified. The event was engaging, full of critical insights, and a timely discussion for identity leaders.