Webinar Recap: The Future of IAM: How Netskope Uses Lumos to Automate Access Governance

Identity security is evolving: fast. In this recent webinar, Lumos CEO Andrej Safundzic sat down with Rehman Khan, Chief Information Security Architect at Netskope, to discuss how Netskope is leveraging Lumos to automate access governance with agentic AI. Together, they covered how identity teams can transition from static, manual processes to intelligent, scalable automation.

Here’s what was covered:

• Why Traditional IAM Is Falling Short
• The Role of Agentic AI in Modern Identity Security
• Rethinking Role Mining and Policy Automation
• Real Business Impact of Automation
• The Future of Zero Trust and Identity Governance

Why Traditional IAM Is Falling Short

Rehman explained that while identity tools have evolved in some areas, like IDPs and web access management, other core functions have stagnated.

“On the IAM tools space, innovation is the big missing link. Provisioning, IGA, access request management – growth has been very slow.”

The challenge? Most organizations are juggling a patchwork of tools for provisioning, directories, and access management. This creates inefficiencies and leaves security gaps. Rehman stressed the importance of shifting to platform-based solutions that unify automated discovery, remediation, and policy enforcement.

The Role of Agentic AI in Modern Identity Security

Andrej highlighted the power of agentic AI: AI that doesn’t just analyze data but engages in context-rich, interactive workflows.

“Agentic AI learns with you. You give it context, it responds, and you refine – like collaborating with a consultant rather than using a black box.”

Rehman shared that at Netskope, Lumos’ Albus AI has been instrumental in simplifying access analysis and accelerating policy recommendations, while still keeping humans in the loop for high-risk scenarios.

Rethinking Role Mining and Policy Automation

Role mining is traditionally slow, manual, and heavily reliant on spreadsheets. Netskope flipped that script with automation.

“Instead of someone going with spreadsheets to app owners and figuring out if access is appropriate, we now have a machine doing that work,” said Rehman. “That visibility and automated recommendations have been game changers.”

The approach allows Netskope to analyze assignment data, usage data, and business context to build scalable, accurate access policies; enabling faster onboarding and more secure, right-sized access.

Real Business Impact of Automation

Automation has delivered measurable improvements for Netskope:

• Enhanced security: Reduced over-privilege risks with just-in-time access.
• Operational efficiency: Significant drop in IT tickets by automating repetitive requests.
• Improved user experience: Slack integrations make access requests and status checks seamless.

“Nearly 80% of breaches stem from excessive access,” Rehman noted. “Being able to tighten our risk posture while improving the user experience has been huge.”

The Future of Zero Trust and Identity Governance

Looking forward, Netskope envisions deeper integration between its Zero Trust architecture and Lumos’ identity governance platform.

“We want to generate real-time risk signals – where the user is, what they’re accessing – and feed that context into access policies,” said Rehman. “That dynamic adjustment is the future.”

By combining Netskope’s visibility at the device, identity, and network layers with Lumos’ policy automation, organizations can achieve smarter, more adaptive security.

Key Takeaways

• Manual IAM processes are too slow and error-prone for today’s environments.
• Agentic AI provides the context and adaptability needed for modern identity security.
• Automated role mining and policy management drive both security and efficiency.
• Integrating Zero Trust and identity governance creates a powerful, risk-aware ecosystem.

Want to see the full conversation? Watch the on-demand webinar or book a demo with Lumos to learn how agentic AI can transform your identity security strategy.