Identity Management is Evolving

The Cyber Hut is singularly focused on the global identity and access management market. Whether you are procuring a passwordless MFA solution, analysing the market for identity proofing for future investment or seeking the latest authorization startup design patterns, The Cyber Hut will have an opinion. 

Some of the technology areas we cover include: 


MFA. OTP. OATH. WebAuthn. FIDO. UAF. U2F. Biometrics. Push. Pin. Passwordless.  PKI. Challenge/Response.  


PDP/PEP/PIP. OAuth2. OIDC. OPA. Identity Graphs.  Declarative Authorization. PBAC. RBAC. ABAC. 

id management

Provisioning. Connectors. Workflow. Data Synchronisation. Correlation.  

ID Governance

Access Request. Access Review.  Certification.  Identity Audit.  Compliance.  Reporting.  Analytics.

RISK & threat

Identity Threat Detection & Response. Risk Management. NIST CSF. OWASP. CIS Controls. 


APIs. Microservices. Security as Code. Runtime Application Self Protection. DevSecOps

data security

Privacy.  Vaulting.  Consent Management.  Application Level Encryption.  Data Integrity Services.


Smart cards. EMV. SIM. Identity for IoT.  Trusted Platform Module. Secure Elements. ID cards.

Emerging Markets

Identity Proofing. Cloud Based Identity Governance & Administration. Business Entity Authentication. Identity Validation and Verification. Identity Wallets. Identity Graphing. Relationship Management. Consent Lifecycle Management. Consumer Identity. Identity for the IoT. Account Takeover Protection. Fraud Mitigation & Management. Identity for Hybrid Cloud. Identity Orchestration. Distributed Authorization. 

B2C – Consumer, Customer and Citizen Identity.

Leveraging external identity to build communities, trust and revenue.


Leveraging an online digital presence in order to build a community that will ultimately help generate revenue.

Privacy Preserving

Capturing and processing personal identifiable information in a privacy preserving way – that supports compliance for the likes of GDPR and CCPA.

responsive design

Delivering a responsive service design that empowers usability, happiness and stickier customer relations.

secure By Default

The use of risk reduction tools, fraud counter-strategy, MFA, context and adaptive access to keep emerging threats at bay.

B2E – Employee, Contractor and Partner Identity.

Leveraging internal identity to improve productivity, data sharing and collaboration.


Develop an identity infrastructure to help improve employee productivity through faster on-boarding and improved access to resources.

Flexible and adaptive

A composable and agile identity infrastructure will provide opportunities to grow, respond to business needs and remove data silos.

identity centric

Empower a broader security approach like zero trust by putting an identity centric model in place for adaptive and contextual security.


The use central policy coupled with distributed enforcement for authentication, authorization and data protection, improves collaboration.

The Role of Identity Economics

Identity Security design, implementation and controls are applicable to many ecosystems and verticals in both the private and public sector.  We analyse using a range of economic models and concepts to understand why identity based security fails, why certain startups receive funding or why organisations don’t invest in critical controls.

Some examples of our more focused research areas include:

Who is funding emerging security and identity startups, when and why?

If passwords are so bad, why are organisations not switching to passwordless?

is identity data resilience and recovery more important than protection?

what role does identity play in the end to end security for aviation and autonomous transport?

how to apply iam controls to critical infrastructure and non-information assets?

what is the market for information and cyber warfare defence and counter measures?

The Cyber Hut’s IAM Economics project can help model, measure and communicate the value from existing and future identity investments.

Identity and Access Management can help power four key pillars of business activity. We help develop that value.

-> Security Improvement via Risk Reduction

-> Compliance Improvement

-> Cost Reduction via Improved Employee Productivity

-> Revenue Increase via Improved Customer Engagement