Whilst there has been dramatic improvement in security posture over the last couple years, this attack is an example that for some organisations, there’s still a long way to go.
Had there been strong data classification and controls implemented, security teams would have quickly recognised that an unauthorised user was trying to access sensitive information and stopped them immediately.
Organisations must have an access control system which ensures that only the right people can access particular servers. Controls must be able to define access levels to data based upon risk and justifiable need, as well as by reviewing a number of attributes such as location and access rights. Security teams can then track the access rights of users, applications and systems – ensuring that sensitive information is being handled correctly.