Identity crisis: the threat of malicious credential abuse

The security risks posed by malicious credential abuse is fast becoming every chief information security officer’s worst nightmare.

Image: Bakhtiar Zein/Shutterstock.com

IT security should be a simple concept—it’s essentially about being able to prove you are who you say you are. The "you" in this context might be an individual logging into a network or service, a device interacting with an application programming interface (API), one network talking to another, or a host of other potential scenarios. The corresponding proof of identity could be a certificate, a Secure Socket Shell (SSH) key—this is a special network protocol leveraging public-key cryptography, which enables authorised users to remotely access a computer or other devices—or a confirmation code, facial or fingerprint recognition, and not forgetting the enduring favourite, the increasingly outdated and yet seemingly un-killable pass

Want to read more? Register with a few details to continue reading this article or log in.

For thoughtful journalism, expert insights on corporate governance and an extensive library of reports, guides and tools to help boards and directors navigate the complexities of their roles, subscribe to Board Agenda

AI, cyber crime, cybersecurity, data breaches, data security, Kamal Bechkoum, Technology, technology risk