If you can build your Identity and Access Management program around ensuring proper and efficient end user access, keeping privileged access in check, and treating IAM as the organization’s perimeter defense, then you will get all the other details right along the way.
The problem is not with the employees or IT itself. It’s with the CEO and Board of Directors who are not aware of risks and the solutions that can minimize consequences in the cyber security space.
Malware always needs an angle to get you to click, and few things capture the spirit of the day like Pokémon Go.
Ponemon highlights a number of items that are absolutely excellent to focus on as a security program. However, nowhere on their list did they make room for truly preventative measures like securing privileged credentials.
Just like their malware bitten cousins, Linux hosts are often attacked because of poor privileged credential management. With so much of today’s IT infrastructure running on Linux, the need to win these security battles has never been more important.
It’s great that organizations are thinking about compliance. However, we need more emphasis on security. A security product will fail if it’s not implemented and maintained correctly. So every penny and minute that goes into choosing and maintaining the right product is worth it.
To call Lieberman Software’s online publication Identity Week a ‘blog’ doesn’t do it justice. Identity Week is a respected source of news and information about latest trends in the world of cyber security.
There are serious issues with treating IT security as a set of policies. They can all be captured in one thought – security is a battle, not a concept.
A distinction has to be made when it comes to how far perimeter security products go toward overall IT security. All they really do is keep out noise. In other words, perimeter security only prevents the low-skilled attacks looking for easy targets.
The notion of the CEO being involved in cyber security is essential. Often the implications and remedies to IT security issues cut across every aspect of an organization’s operations.