alt Hacker NewsAnd because it is surprisingly difficult to distinguish between 'oops' and 'malice' a lot of the actual perps get away with it too, as long as they limit their involvement. In-house threats are an under appreciated - and somewhat uncomfortable - topic for many companies, they don't have the funds to do things by the book but they do have outsized responsibilities and pray that they can trust their employees.
Replies
search_facility • yesterday at 8:37 PM
But on the other hand, adding LLM with strong guards (not yet here but doable for popular attack vectors) into the human loop can drastically eliminate insider factor, imho.
➕ show 1 reply
Also hard to track when the offending employee is a contractor or simply exits stage left to another company. Where he could also offer up his services to make another "blunder" that would grant access to these groups.