PREDI C TI VE I NTEL L I GE NC E
It is critical organisations take a truly
people-centric approach to cybersecurity to
reduce their attack surface.
Privilege
Privilege measures all the potentially
valuable things people have access to,
such as data, financial authority, key
relationships and more. Measuring this
aspect of risk is key because it reflects
the potential payoff for attackers – and
harm to organisations if compromised.
Users with access to critical systems
or proprietary intellectual property, for
instance, might need extra protection,
even if they aren’t especially vulnerable
or aren’t yet on attackers’ radar.
The user’s position in the org chart is
naturally a factor in scoring privilege, but
it shouldn’t be the only one.
www.intelligentciso.com
|
Issue 12
For attackers, a valuable target can be
anyone who serves as a means to their
end. That’s why your executives and
other VIPs may not be the biggest targets
in your organisation. According to our
research, individual contributors and
lower-level managers account for more
than two-thirds of highly targeted threats. with effective, hands-on cybersecurity
awareness training based on active, real-
world attack techniques. It also means
stopping the whole spectrum of threats
– ideally, before they reach the inbox. And
it means monitoring and managing their
network privilege to prevent unsanctioned
access to sensitive information.
Mitigating end-user risks:
A blueprint for
people-centric protection Today’s cyberattacks are unrelenting,
come in many forms and are always
changing. It is critical organisations
take a truly people-centric approach
to cybersecurity to reduce their
attack surface. In the current cloud-
enabled, mobile, digitally transformed
workplace, the antiquated one-size-fits-
all cyberdefences of the past simply no
longer work. u
Protecting against all the factors that
play into user risk requires a multi-
pronged approach.
It means reducing your users’ vulnerability
by making them more aware of the risk
35