Light Dark
October 24, 2016 By Nick Oropall 2 min read
Identity & Access

Stay Out of the Headlines With Identity Governance and Intelligence

It seems not a day goes by without another news story about a major security breach. Incidents that garner significant media attention include cyberattacks from overseas fraudsters, hacktivist groups and domestic actors. These breaches paint an alluring picture of good versus evil, like a spy movie or something similar to what we would see on television.

Insider threats — which, according to IBM’s “2016 Cyber Security Intelligence Index,” are responsible for 60 percent of all security incidents — are just as problematic but often take a back seat in terms of mainstream media attention. After all, the visual of a criminal in a hooded sweatshirt hammering away at a keyboard is far more intriguing than that of a contractor who was accidentally given too much access.

A Matter of National Security

Keeping the bad guys out is critical, but we’ve recently seen countless examples of good guys — insiders — exploiting access to sensitive materials, intentionally or inadvertently. Authorities arrested a contractor for the National Security Agency (NSA) in August for stealing classified government information, for example. The information was considered top secret, meaning that it could, if disclosed, “cause exceptionally grave damage to the national security,” CNN reported.

Investigators haven’t yet determined the contractor’s motivation for stealing the documents, but we can all agree that even an accidental leak can be disastrous. It’s critical for security leaders to understand what each user has access to. They should grant employees levels of access sufficient to perform their jobs — nothing more.

Ensuring Proper Access

An effective identity governance and intelligence solution provides users with proper access from the start to the end of the user life cycle. It also ensures that all access is approved and recertified throughout the life cycle until properly deprovisioned.

The ability to identify potential risky access and risky users is paramount. An identity governance and intelligence solution that can analyze all user access and help to prioritize risk is a step in the right direction toward preventing insider threat attacks.

Download the white paper: How to design an IAM program

 

 |  |  |  | 
Nick Oropall
WW Market Segment Manager, IBM Security Identity Governance and Administration

More from Identity & Access
April 16, 2024

Obtaining security clearance: Hurdles and requirements

3 min read - As security moves closer to the top of the operational priority list for private and public organizations, needing to obtain a security clearance for jobs is more commonplace. Security clearance is a prerequisite for a wide range of roles, especially those related to national security and defense.Obtaining that clearance, however, is far from simple. The process often involves scrutinizing one’s background, financial history and even personal character. Let’s briefly explore some of the hurdles, expectations and requirements of obtaining a…

March 5, 2024

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

February 21, 2024

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature