Identity, deception and compromised credentials

Stolen or compromised identities have been an attack vector for years, if not decades. Even now, organisations are failing to protect against compromised identity. Identity is one of security’s critical weak spots. But why is this?  Once an attacker breaches defences, it is still too easy for them to move laterally, and to attack higher value targets, or as we've seen recently, attack an organisation with ransomware. Our guest this week is chief security architect and formally the chief deception officer at Attivo, Carolyn Cr...

Stolen or compromised identities have been an attack vector for years, if not decades. Even now, organisations are failing to protect against compromised identity. Identity is one of security’s critical weak spots. But why is this? 

Once an attacker breaches defences, it is still too easy for them to move laterally, and to attack higher value targets, or as we've seen recently, attack an organisation with ransomware.

Our guest this week is chief security architect and formally the chief deception officer at Attivo, Carolyn Crandall

She argues that it is changing technology and changing work patterns, with the need to access information anywhere, and at any time, that is making these attacks both more common, and more damaging.

Interview by Stephen Pritchard