Every CSO needs to vigilantly guard against the growth and sophistication of external cyber-threats, but the biggest cyber-risk may be what is lurking within their own network. Negligent employees, malicious insiders, and compromised users and hosts often have the benefit of legitimate credentials to exploit weaknesses in traditional security infrastructure.
Traditional perimeter defenses give free rein to those credentials. But to determine if those “users” are part of an attack, enterprises really need to focus security on the behavior of who or what is using authorized credentials.