Pinpointing threats that are already on the inside will require a new type of authentication, where privileged identities are verified continuously, rather than at a single point of time.