From: Low-Cards.com
Written By John H. Oldshue
Federal government IT professionals may be overconfident in their insider threat detection abilities, according to a recent study by Tripwire.
***
“Authorization creep is something many organizations fail to address,” said Travis Smith, senior security research engineer for Tripwire. “As employees change roles or are promoted, their roles and responsibilities change; as does their access to confidential information. Protecting confidential information is more than reviewing access denied attempts; employees may be abusing authorized access as well. Following these recommended controls and continuous monitoring over critical and/or confidential information is vital to reduce the likelihood or impact of insider threat.”
Leave a Reply