Let's face it, everybody makes dumb mistakes at work. But these days, employee ignorance about the impact of certain IT technologies, a lack of controls around critical infrastructure and data, and a legion of employees armed with way too many system privileges are drowning enterprises in a potent cocktail of risk factors. According to security experts, the only way that organizations can reduce the risk of that combination is to be pragmatic. Rather than trying to completely eradicate stupid behavior -- a nigh impossible feat -- enterprises need to find ways to minimize the risk around the mistakes non-malicious insiders make. "It's not realistic to eliminate the user behavior nor identify all the vulnerabilities or attacks in advance," says Brian Hanrahan, senior systems consultant at Avecto. "You have to start from the assumption that any user through willing, or unwilling involvement may become the nexus of your next infiltration." Read full story on Dark Reading

Post a comment to the original version of this story on Dark Reading