White Papers

The UAE Information Assurance Regulation and Your Identity Infrastructure

The UAE Information Assurance Regulation and Your Identity Infrastructure

Quick response and effective recovery from cyber incidents is at the heart of the United Arab Emirates Information Assurance Regulation. Learn why compliance depends on prioritizing Active Directory security, recovery, and resilience.

RIIO-2 and Your Identity Infrastructure

RIIO-2 and Your Identity Infrastructure

In the face of a complex cyber threat landscape, the RIIO-2 Cyber Resilience Guidelines aim to provide the controls UK energy utilities need to establish security resilience for their networks. Learn why identity security is central to compliance with these requirements.

Building cyber resilience

Building cyber resilience

Cybersecurity is about defense. Cyber resilience is about survival. Learn why the distinction is critical—and what it takes to build a resilience mindset into your incident response and recovery plan.

Active Directory Recovery: Pivotal to Business Resiliency Planning

Active Directory Recovery: Pivotal to Business Resiliency Planning

Active Directory is the linchpin of enterprise authentication and control. When it fails, so do business operations. Discover how highly regulated organizations can overcome AD recovery challenges, automate the recovery process, and maintain regulatory compliance.

NIS2 and Your Identity Infrastructure

NIS2 and Your Identity Infrastructure

Compliance with the EU’s NIS2 directive requires a focus on securing identity systems, which have become a key battleground for cyber defenders and attackers.

ECC-2 and Your Identity Infrastructure

ECC-2 and Your Identity Infrastructure

Saudi Arabia’s ECC-2 controls provide comprehensive, standards-driven cybersecurity practices for public and private organizations. Much of their guidance applies particularly to identity systems—the source of access and authentication across most critical business systems.

Five Eyes Alliance Identity Security Requirements: What Federal Agencies Need to Know

Five Eyes Alliance Identity Security Requirements: What Federal Agencies Need to Know

Cybersecurity agencies from the Five Eyes alliance, including the Cybersecurity Infrastructure and Security Agencies (CISA) and the National Security Agency (NSA), have urged organizations to strengthen security controls for Active Directory (AD), a prime target for cyber attackers. In “Detecting and Mitigating Active Directory Compromises,” the agencies highlighted more than…

Why Active Directory’s 25-Year Legacy Is a Security Issue

Why Active Directory’s 25-Year Legacy Is a Security Issue

  • Semperis
  • May 28, 2025

Active Directory, the central directory service and core of the on-prem identity infrastructure in Microsoft environments, recently turned 25 years old. The service's staying power is undeniable. Unfortunately, so is its status as a primary cyberattack target. Michael Novinson (Information Security Media) met with Semperis' CEO Mickey Bresman to talk…

Cyber-NADO: Preparing for the Storm — A Guide to Incident Response Tabletop Exercises

Cyber-NADO: Preparing for the Storm — A Guide to Incident Response Tabletop Exercises

Cyber threats strike like an unpredictable storm—fast, relentless, and destructive. Cyber-nado: Preparing for the storm is a practical guide designed to help organizations prepare for the chaos of a cyber incident through Incident Response Tabletop Exercises (TTX). This eBook walks security leaders, IT teams, and executives through the essentials of…

DORA and Your Identity Infrastructure

DORA and Your Identity Infrastructure

Understanding the implications of the Digital Operational Resilience Act (DORA) is crucial, both to meet regulatory demands and to safeguard your identity infrastructure. This white paper provides comprehensive insights into DORA's requirements and practical strategies to enhance your compliance—and your organization's resilience. What's inside: Emerging threat landscape: Explore the latest…