Privileged insiders represent one of the key targets for attackers. The Cyber Security industry has been developing solutions aimed at reducing the cyber risk associated with these insiders. Simplistically, the cyber risk equates to the probability that a certain impact will occur, and with insiders the impact is high, so the approach is to lower the probability of an incident occurring. We are now living in extraordinary times, where through necessity, there are now insiders engaging with critical computer systems from outside the enterprise. These users are now operating through systems, networks and environments that may be beyond typical cyber controls and therefore may be less secure. Quite simply the probability of an incident is now higher. This risk does not end with insiders, as all employees may be accessing systems remotely, and customers are also more susceptible to campaigns initiated by attackers. IBM has seen evidence of campaigns underway that target these insiders as well as your clients:
In order to remediate current risks, it’s clear that a CISO has a new lens to place on the new risk that presents itself. This remediation might be greater visibility through detection, introducing stronger authentication processing in gateway systems, or tighter controls on crown jewels data. With the rate of change underway, they may need to rely on extension of tools that they have or bring in new more agile solutions. Whatever the approach, the key is that the choices made today must be strategic, as it’s likely that when these extraordinary times return to normal an expectation set may be difficult to wind back.
Join me on 28-April as I take you through the some of the best practices around IT readiness and how to stay cyber resilient during these testing times.
Feel free to register for this highly interactive 'Help Hour' session: https://ibm.co/2VEE54i
