Speaking at the SC Magazine Total Security Conference, EA's Callum Dickinson said that auditing users was one of the key parts of privileged user management, and that some would say that this was a big part of securing the organisation.
He admitted that while logging and appropriate technologies can create a lot of data and do not leave a lot of space on the system, “the benefits they reap are absolutely fantastic".
Richard Bell, corporate security assurance manager at Transport for London, said that the cyber threat had taken management at TfL by surprise and it was forced to react to it in the same way it did with more physical challenges, such as the Olympics.
He said: “The three faces of security are physical, people and cyber, we call it proactive security assurance. It is our job to keep all our units 'honest' by testing our capabilities and we try to do a holistic view on the level of security across the organisation.
“People try to cause us harm, such as on 7/7. Passengers are at the forefront for us, so we had to decide what security meant for us.â€
He said that staff were encouraged to report unusual incidents or activity. “If you can influence people it can be a big change,†he said.
“Our job is continuity and making the system secure. Our cyber point of view is robust and trusted and we communicate to all partners and staff.â€
Speaking on the Olympics, Bell questioned research about the biggest risk being cyber, saying that the biggest risk was hoping people show up! He said: “My team is fit for purpose to manage the insider threat on the areas that they are working in. We will try and deliver the games as well as possible.â€
