Individuals with elevated access to critical assets – intellectual property, customer data, or HR records, for example – pose a significantly higher risk than those with more limited access.
IBM Security X-Force research shows 40% of insider-provoked incidents involved an employee with this type of privileged access to sensitive company assets. In a significant swath of the incidents X-Force studied, insiders also abused administrative access, defined as elevated access to IT systems within the network.
Read the research to learn best practices for preventing costly and damaging insider attacks related to access levels, including:
- Adhering to principles of least privilege and deploying a privileged access management (PAM) solution built around a zero-trust model
- Building a multilayered, defense-in-depth strategy, including a security information and event management (SIEM) solution
- Taking a balanced approach to managing the independence and governance of security and administrative teams
- Conducting ongoing security awareness training for employees, as well as role-based training for employees with privileged access
Learn more about IBM X-Force Threat Intelligence.