You may be wondering why I’ve chosen to specifically focus on "insider" breaches. The answer is simple, virtually every breach of any consequence has been the result of abuse, misuse, or hijacking of legitimate user credentials. More often than not the credential in question is an administrative login such as root (aka Superuser), database administrator, system administrator, or any of the myriad of admin accounts that proliferate every business system that processes and stores sensitive data. Let me start by providing you with some background. In order for an employee to complete work on their company’s network, they must have…
[Continue Reading]