The Risk Modeling Gotcha: Roles Are Like Hammers to Screws

18 January 2018

Why do organizations continue to struggle with entitlement risk modeling? It boils down to risk being aligned to roles and role-based access. The irony is that roles were never intended to be risk models. They were once low-hanging fruit, a logical way to provide an early means of grouping users to entitlements and later associating risk to such groupings.

The Problem With Role-Based Risk Modeling

Let’s briefly step back and distinguish the difference between groups and roles. Groups are typically bundles of individuals or entitlements that can be managed together within a single system, application or common system framework.

Read full news article on Security Intelligence

Date:

18 January 2018

Categorie(s):

NEWS

Tag(s):

Access Management, Gotcha, Likes, Modeling, Risk Management, Risk Mitigation, Risks, Roles

Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely15 November 2024
New Glove Stealer Malware Bypasses Google Chrome’s App-Bound to Steal Data15 November 2024
Updated whitepaper: Architecting for PCI DSS Segmentation and Scoping on AWS15 November 2024
Cybersecurity dominates concerns among the C-suite, small businesses and the nation15 November 2024
Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitary Code Remotely15 November 2024