Identity at the Center Identity at the Center #51 - Insider Threat with Phil from Preempt
Jul 6, 2020
Phil Meneses, an identity security professional at Preempt, dives into the pressing issue of insider threats. He sheds light on the surprising statistics, revealing that 10% of users are labeled high-risk, and discusses the dangers of outdated protocols like NTLM and Kerberos. The conversation covers the need for proactive identity risk management, focusing on monitoring behaviors, maintaining password hygiene, and the vital role of identity in detecting and preventing breaches. Tune in for insights on automating alerts and identifying shadow admins!
AI Snips
Chapters
Transcript
Episode notes
Insider Threats Are A Major Risk
- Insider threats account for a large portion of breaches and deserve as much attention as external attacks.
- The old 'hard perimeter, soft interior' model is outdated and risky.
Combine Signals To Contain Risk
- Identify risky users and combine user, endpoint, and behavior data to find risks.
- Trigger conditional controls like MFA or block access when behavior is suspicious.
A Surprising Share Of Users Are High Risk
- Ten percent of all users in their dataset were classified as high risk across user types.
- Weak passwords and poor password policies are major contributors to that risk.