Identity crisis: the threat of malicious credential abuse
The security risks posed by malicious credential abuse is fast becoming every chief information security officer’s worst nightmare.
Image: Bakhtiar Zein/Shutterstock.com
IT security should be a simple concept—it’s essentially about being able to prove you are who you say you are.
The "you" in this context might be an individual logging into a network or service, a device interacting with an application programming interface (API), one network talking to another, or a host of other potential scenarios.
The corresponding proof of identity could be a certificate, a Secure Socket Shell (SSH) key—this is a special network protocol leveraging public-key cryptography, which enables authorised users to remotely access a computer or other devices—or a confirmation code, facial or fingerprint recognition,
For thoughtful journalism, expert insights on corporate governance and an extensive library of reports, guides and tools to help boards and directors navigate the complexities of their roles, subscribe to Board Agenda
Related Stories
-
Financial services CEOs ‘lack technology expertise’
Research reveals that the proportion of chief executives in the FTSE with a technology background has risen 27%—except in financial services.
-
Digital revolution: how business can address the impact
The digital and technology revolution is a force for good in society, but we must all address the impending impact and any unintended consequences it may cause.
-
Non-Financial Reporting Directive: embracing the challenge
Boards must understand the importance of sustainability and long-term value to their businesses, and that means taking non-financial reporting requirements more seriously.
