Why outsource risk management to people who don’t care?

The 2015 Cost of Cyber Crime Study by the Ponemon Institute reported that 50% of companies have implemented some sort of access governance technology. It fell 4th on the list in terms of ROI that people were getting from governance. The implementation trend is driven primarily by compliance.

In this podcast recorded at RSA Conference 2016, Travis Greene, Identity Solutions Strategist at Micro Focus, discusses why is it that in the process of implementing access certification we’re asking line of business managers, who know nothing about risk, to handle all the calculations around who should have access to what.

Even if you’re working in an industry that’s not heavily regulated, you should consider implementing access governance since it’s about reducing the attack footprint. The fewer people that have access to sensitive information, the less chance is there of that information getting into the wrong hands.

If you’re considering access certification tools, Greene offers a number of practical recommendations