The rule of thumb for network security today is that there is no perimeter anymore. An outsider can easily become an insider once perimeter security is breached. Every day, attackers find new ways to breach enterprise perimeter security through ransomware, malware or phishing through social engineering.
This is not to suggest that all is lost. Rather, organizations can defeat cybercriminals, in part, by better managing what has already been put in place. As an example of what can go wrong if that doesn’t happen, consider the following story.