In Sri Lanka, most of the top corporates don’t take proactive measures in cyber security assuming that attackers will not target the corporate IT infrastructure; some corporates and organizations have been hacked but they don’t disclose it due to various reasons.
Access control protects companies against “internal attackers” by controlling which persons within the company need access to which data.
Risk: Data losses
Any company, independent of its size and industry, is exposed to data losses through intentional theft or the negligent handling of data and risks know-how losses, competitive disadvantages,
Defines which user is authorized to use which data paths. Only those employees who need sensitive data for their work have access to these data.