Identity crisis: the threat of malicious credential abuse
The security risks posed by malicious credential abuse is fast becoming every chief information security officer’s worst nightmare.

Image: Bakhtiar Zein/Shutterstock.com
IT security should be a simple concept—it’s essentially about being able to prove you are who you say you are.
The "you" in this context might be an individual logging into a network or service, a device interacting with an application programming interface (API), one network talking to another, or a host of other potential scenarios.
The corresponding proof of identity could be a certificate, a Secure Socket Shell (SSH) key—this is a special network protocol leveraging public-key cryptography, which enables authorised users to remotely access a computer or other devices—or a confirmation code, facial or fingerprint recognition, and not forgetting the enduring favourite, the increasingly outdated and yet seemingly un-killable pass