This IDC Market Note discusses Microsoft Azure Active Directory services. When measuring identity projects with a fun meter, the needle doesn't rise that high for most organizations. These are big efforts and investments for larger (older) organizations: those running 2nd Platform IT environments where identity "isn't broke yet." But in reality, it really is broke and here's why: environments hanging on to older communications, encryption, and authentication protocols are exposed to security flaws that no vendor is ever going to address with new investments. DX projects built upon a soft foundation are riskier.
Phishing is already the leading cybersecurity attack technique because it's so cheap and effective. It exploits identity weaknesses that exist because aging systems were never designed to defend against sophisticated cybersecurity malware. Companies (e.g., tech examples provided) that have implemented better identity practices have seen phishing and reverse proxy man-in-the-middle attacks almost disappear.
A proliferation of networks, devices, and applications needed to support daily business share one common element — the user. Microsoft has said, "Identity is the control plane. It's critical to establish who the user is as the core of trust for other transactions. If we aren't sure who the user is, no other system access control or security matters." IDC concurs.