For years, identity has been primarily an IT function—focused on provisioning, access reviews, and compliance checkboxes. Now, identity has become the first line of defense in a Zero Trust strategy, it’s forcing a shift in how organizations think about ownership, accountability, and control.  CISOs are responsible for breach outcomes, so should they own the identity risk surface as well?

In this roundtable, we’ll explore the evolution of identity from back-office governance to a true security control layer. We’ll dig into key questions: Who owns identity today in your organization? Should it report to the CISO? And how does that structure affect your ability to reduce risk, streamline operations, and enforce least privilege at scale?

We’ll also discuss how leading security teams are moving beyond static entitlements and role sprawl—toward dynamic access controls that are consistent, contextual, and continuous. By eliminating standing access and leveraging real-time business context, these organizations are reducing breach impact and the operational burden of access reviews, entitlements, and manual oversight.

Join fellow CISOs for a strategic conversation about how identity is reshaping the security landscape—and what it takes to structure your team, tools, and priorities for what comes next.