I was reading about the Google Hacking Diggity Project today when it occurred to me to ask:
Are 20% of users responsible for 80% of security breaches?
I ask because:
The Google Hacking Diggity Project is a research and development initiative dedicated to investigating the latest techniques that leverage search engines, such as Google and Bing, to quickly identify vulnerable systems and sensitive data in corporate networks. This project page contains downloads and links to our latest Google Hacking research and free security tools. Defensive strategies are also introduced, including innovative solutions that use Google Alerts to monitor your network and systems.
OK, but that just means you are playing catch up on security breaches. You aren’t ever getting ahead. Discovering weaknesses before others do is hopefully discovering them before others do.
If you coupled a topic map with your security scans, you can track users as they move from department to department, anticipating the next security breach.
And/or providing management with the ability to avoid security breaches in the first place.
I first saw this at KDNuggets.