Continuous ZeroTrust as a Way To Know Your User

Organisations perceive their users through data. In the world of fewer and fewer opportunities for physical contact, identity verification is going all remote. All online service providers need to model the risks related to user impersonation and user manipulation attacks.
In this talk, we will dig through the classical methods of Knowing Your User through the static data:
Authentication
Coupling the session with the device
Checking the network environment
Next, I will present manipulation methods related to data spoofing to express the business impact. Usual scenarios are primarily associated with rewards in the form of money for the attackers.
Time-series data analysis and the impact on the business and customer experience will be presented to show the way forward in the adaptive risk management context.
Finally, food for thought related to the standardisation of behavioural biometrics that is getting more and more attention as one of the defence methods will be shared to show that we need Zero Trust and a way to verify if and how the vendor products are working.

Static data can be easily spoofed. Dynamic data analysis (mainly in a time series manner) is the way to go.
Data resilience related to side-channel time series data analysis.
Zero Trust is also about not trusting your data sources and all the environment related to it.
Behavioural biometrics strives for standardisation.