At Identity Week America 2025, we spoke with Susan Koski, Chief Information Security Officer at PNC Bank, following her keynote. When asked about aligning identity, cybersecurity, and fraud protection, she explained that both workforce and customer identities are managed under the information security organisation, ensuring cohesion across these domains. On internal threats and privileged access, Koski emphasised the importance of continuously evaluating who has access, using analytics to detect anomalies, and implementing just-in-time access. She highlighted that governance frameworks can help introduce the “right friction” while supporting modern approaches like password-less authentication. She noted that apps already provide 24/7 customer control over transactions, authentication, and biometrics, making security seamless and empowering users. She underscored the importance of meeting customers where they are and continuously enhancing the experience.
Susan Koski, PNC Bank on managing customer identities and just-in-time privileged access
