The threat of an attack on the business from insiders is real and substantial, and the impact can be devastating, going beyond just financial damage. Surveys have shown that as many as 30% of the electronic crimes affecting organizations are perpetrated by a trusted user. But enterprises constantly underestimate or ignore the danger. Most insider attacks can be prevented through a layered, defense-in-depth strategy that blends policies, procedures, and technical controls. This session will describe the elements of a comprehensive and holistic approach to identity and access management that can greatly help in mitigating these risks.
