(TR03) (ID Forum) IAM 2025: Orchestrating Humans, Machines & AI in the age of compliance

2026, Identity and Access Management (IAM) is undergoing a profound transformation under the combined effects of artificial intelligence and the rise of non-human identities. As DORA and NIS2 regulations impose stricter access traceability, third-party supervision, and continuous compliance, identity management must adapt and become more flexible. AI and “agentic” approaches automate anomaly detection, identity lifecycle management, and the dynamic adjustment of access rights based on behavior. Organizations are adopting contextual and predictive models (ABAC/RBAC) capable of anticipating risks. However, the proliferation of non-human identities (bots, APIs, workloads, AI agents) also creates new blind spots: dormant accounts, excessive privileges, and fragmented governance. How can massive automation be reconciled with transparency in access decisions? Can AI truly predict access risks before they occur? Will DORA and NIS2 transform IAM into a compliance tool—or into a driver of operational resilience? This session aims to discuss best choices and practices in identity management within this evolving context.