It’s evident that the insider threat can be difficult to catch because employees have legitimate access to the network. Plus, BYOD and the cloud have made the traditional network perimeter obsolete, meaning that it is more difficult for IT teams to track where company data is going and who is using it.
What is often overlooked is that many of these breaches originate from a cyber-attack or data leak achieved by exploiting a single, unsecured privileged account. Large organisations typically have thousands of privileged accounts that are often left unmanaged. Malicious insiders, former employees, cyber-criminals and even state-sponsored attackers can exploit these unmanaged privileged accounts. Through these, they can then anonymously access and extract an organisation’s most valued data. Read more..