Identity: A Focused Attack Vector In 2016
By Darran Rolls, CTO, SailPoint
Data breaches consumed headlines in 2015, proving that cybersecurity is more important now than ever before. With the threat landscape evolving and hackers constantly coming up with new ways to infiltrate systems, it’s increasingly difficult to decide where best to focus our limited threat prevention and detection resources.
However, as breaches continue in 2016, the human element will continue to be a major attack vector. It is therefore critical that we understand how and where people, processes and identity and access management (IAM) controls are vulnerable.
When speaking at a conference last year, Frank Abagnale, the inspiration for Catch Me If You Can and now a 39-year FBI veteran, said that “all” of the data breaches he’d investigated involved an insider and a weakness in IAM controls. He expanded on this claim, adding that there is “no master hacker. They’re waiting for doors to open because someone didn’t do something, or they did something they shouldn’t have.” Abagnale found that in most cases the insider threat was non-malicious, but over the course of investigating Target, TJ Maxx, Sony and nearly every other high-profile breach, he had yet to find an exception to his rule.
Please log in or register below to read the full article.
Get unlimited access to:
Enter your credentials below to log in. Not yet a member of VAR Insights? Subscribe today.