By Teri Takai – The big problem for many government agencies is that most of them still rely on declarative legacy roles, rubber-stamping certifications and manual processes to manage identities and roles — all of which expose them to continual and multiple access risks. External threat actors compromise identities to evade detection from existing defenses, while insiders work under the radar to access data for exfiltration.
To provide a robust defense and protect the identity-based perimeter, government agencies must consider new thinking and approaches.
The core issue is security leaders are not attacking the evolving security landscape through proactive planning and change management. Instead, they are stuck in a reactive mode.
It is not hard to understand why: the user profile is 24-7, global, instantaneous, and rich in consumer-driven IT. more> https://goo.gl/X59JUA