The humble password gets a hard time these days. It seems to be responsible for every hack, data breach or act of cyber espionage that we see reported.
In a report released this week insurance giant Allianz said increasing awareness of exposures and regulatory change would lead to “rapid growth” in cyber insurance.
This week former Morgan Stanley financial advisor Galen Marsh admitted stealing data from the banking giant. He downloaded a total of 730,000 records to his personal computer from 2011 - 2014.
Compliance says that we need to log everything within scope, we must then review the reports of the logs. Can we really be trusted to look at all of these reports, and if so can we really get anything constructive out of them?
An IT security professional recently asked me this question. As I began to research opinions and marketing messages it became more clear to me that many in the IT security industry are keen for us to separate the risks posed by a malicious outsider from the exposure created by privileged accounts on the inside of an organization.
