Nov 3, 2021
86 Views
0 0

Most companies dealing with employee misuse of business apps: report

Written by

With millions of workers operating from remote locations due to the continued COVID-19 pandemic, IT security leaders have been unable to get a clear view of what employees are doing across applications. 
“Enterprise security teams tend to focus much of their application security efforts on preventing unauthorized access to applications by [validating] users before access is granted via multifactor authentication and single sign-on, and limiting user permissions within applications,” Gil Rapaport, GM of access management at CyberArk. “However, some legitimate users, such as executives, application owners and administrators, may receive additional elevated privileges allowing them to perform highly sensitive tasks.”
For example, a business leader who has information about pending deals in the sales pipeline may be able to obtain confidential data beyond what is necessary for their role in the company, Rapaport said. A firewall administrator could temporarily edit security rules that inadvertently (or deliberately) expose the company to outside threats. 
Responding to security incidents like these can take up a lot of time at security operations centers. More than half of respondents investigate security incidents or potential compliance violations at least once per week. 
Insider risk has become an increasingly serious topic of discussion among corporate security researchers, CISOs and security policy leaders. One area of concern has been the high rate of employee turnover and workers leaving the workplace altogether, commonly known as The Great Resignation
Millions of workers in the U.S. have either switched jobs to higher paying employers or completely exited the corporate workplace. Many are taking early retirement due to health concerns, disputes over corporate or government vaccine mandates, or for general burnout. 
If the vulnerability remains unpatched, it's a ripe target for malicious actors to escalate privileges and the perfect ingredient for an exploit kit.
As more states legalize recreational use, employers in the public and private sector may need to change how they hire for cybersecurity.
Subscribe to Cybersecurity Dive for top news, trends & analysis
If the vulnerability remains unpatched, it's a ripe target for malicious actors to escalate privileges and the perfect ingredient for an exploit kit.
As more states legalize recreational use, employers in the public and private sector may need to change how they hire for cybersecurity.
Get the free daily newsletter read by industry experts
The free newsletter covering the top industry headlines

source

Article Categories:
Cybersecurity News

Comments are closed.