What principle involves granting users the minimum account privileges necessary to perform their duties, helping to mitigate both insider threats and compromised accounts?

The principle of least privilege is critical in cybersecurity because it focuses on providing users with only the permissions and access necessary to perform their specific job functions. By limiting privileges, organizations can significantly reduce the potential attack surface for both insider threats and compromised accounts. When users have excessive permissions, they may inadvertently cause harm or may be exploited by malicious actors to gain broader access within the system.

Implementing least privilege helps ensure that even if an account becomes compromised, the extent of potential damage is limited, as attackers would only gain access to the permissions of that specific account. This approach aligns with the broader goals of security by minimizing risks and protecting sensitive data and systems from unauthorized access and misuse.