Craig Riddell

Craig is an award-winning information security leader specializing in identity and access management. In his role as Field CISO NAM at Netwrix, he leverages his broad expertise in modernizing identity solutions, including experience with privileged access management, zero standing privilege and the Zero Trust security model. Prior to joining Netwrix, Craig held leadership roles at HP and Trend Micro. He holds both CISSP and Certified Ethical Hacker certifications.

Identity

September 16, 2024

A Comprehensive Guide to Today’s IGA Solutions: Features, Benefits, and Options

Let’s face it. Managing and securing IT networks is far more complex today. Beyond securing endpoints, sensitive data, and the network perimeter, security teams must also focus on identity...

Identity

July 26, 2024

Enterprise IAM: Key Features, Benefits and Challenges

Introduction Enterprise identity and access management (IAM) is the discipline of managing digital identities and their access to data, applications, systems and other resources. It addresses two...

Cybersecurity Identity

July 18, 2024

10 Security Risks of Poor Access Management and How to Mitigate Them

Secure access management is more than just strong password policies and multi-factor authentication (MFA) – it includes a variety of processes and tools that create an integrated and comprehensive...

Identity

July 10, 2024

The Benefits of IAM and RBAC for Securing User Permissions

A vital component of any cybersecurity strategy is robust identity and access management (commonly known by the IAM acronym). This article explains the core elements of an effective IAM...

Identity

June 14, 2024

Securing the Cloud: A Comprehensive Guide to Identity and Access Management

In the not-so-distant past, managing user identities and access controls was a relatively straightforward process. Organizations operated within the confines of their on-premises networks where...

Data

February 12, 2024

Data Security Explained: Challenges and Solutions

Data is the most valuable asset for any organization, regardless of size or sector. Loss or corruption of financial reports, business plans and intellectual property can bring even a global...

Infrastructure

February 9, 2024

A Comprehensive Guide to Active Directory Monitoring Tools

Effective Active Directory (AD) monitoring is a cornerstone for security and compliance. It empowers administrators to spot suspicious activity, including improper changes to AD objects like user...

Compliance

November 20, 2023

What Is NIST SP 800-171 Compliance? A Guide to Protecting Your Sensitive Data

NIST SP 800-171 details requirements that all Department of Defense (DoD) contractors have been required to follow for years. The guidelines were updated in 2020, and Revision 3 was published in May...

Compliance

September 18, 2023

International Data Privacy Laws: A Guide

The push for data privacy has exploded in recent years, with regulations such as the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) leading the...

Compliance

January 27, 2022

How to Perform HIPAA Risk Assessment

The U.S. Department of Health and Human Services (HHS) requires healthcare entities to follow the Health Insurance Portability and Accountability Act of 1996 (HIPAA). This act requires healthcare...

Show more articles