Regulatory risks are driving identity and access management (IAM) investments. The regulatory climate is getting more intense, with the real impact of the General Data Protection Regulation (GDPR) still unknown. Another key driver is digital business. As organizations become more digital, they’re exposed to more and new threats and risks. Privacy, security and risk management are all moving up the list of priorities. Overall, the scope of IAM is increasing as consumer IAM and fraud prevention fall under the purview of traditional IAM programs. Cloud, mobile, social and the Internet of Things are still having an impact as well.