Cybersecurity/ GRC Lead | CISSP | ISO 27001, 27701, SOC 2 Audits | Business Development | ISC2 Exam Developer | Veteran
1 Insider ⚡= $678,000 💸 💸 Today, we see the real impact of insider threats in cybersecurity, with an ex-employee causing a $678,000 loss after hacking his former company's servers. This case sheds light on the dangers insiders pose. Did you know 15-20% of all attacks come from within organizations? To mitigate such risks, companies can take crucial steps: - Revoke system access promptly upon employee termination. - Implement RBAC and least-privilege to limit access. - Regularly review access rights. - Protect against credential misuse with strong passwords and two-factor authentication. - Establish an incident response plan and practice it. - Create a positive work environment to reduce disgruntlement and insider risks. While no solution is fool proof, adopting a layered approach involving technical controls, processes, and a security-aware culture is vital. Neglecting these measures can have devastating consequences. #Cybersecurity #Insiderthreat
Absolutely true! We used to have a security team training, where they used to teach a unique way of creating strong passwords which were easy to remember. Just like a signature. It made sure there was no misuse of my credentials. I still use that method 😊
Cybersecurity/ GRC Lead | CISSP | ISO 27001, 27701, SOC 2 Audits | Business Development | ISC2 Exam Developer | Veteran
3wSumant Malhotra I use passphrases which make passwords easy to recall eg Rl2r10km@6AM (Raj loves to run 10km at 6AM). Moreover were now moving onto a passkeys architecture which reduces the need to recall passwords. Will write a post some day.