Most businesses are overconfident with their cyber security, mistaking feeling prepared to combat cyber threats with actually being prepared. This is confirmed in a report from Centrify which surveyed 1,300 organisations across 11 industries in Canada and the US. Over 90% of the companies that were studied reported feeling ‘somewhat prepared’ to fight threats involving privileged access. However, their approaches for actually combatting these threats were not up to par – leaving them vulnerable despite feeling otherwise.
The Centrify report also discovered that 43% of organisations had a ‘nonexistent’ privileged access management approach and that the companies who were the most protected were those who had addressed privileged access management by hardening their environment with centralised management and enforced host-based sessions, files, and process auditing. This goes beyond the typical identity and vault-centric techniques that are effective, but that do not offer full protection when used alone.
As a whole, it was found that a vast majority of companies are unable to stop privileged access abuse and are incredibly unprepared to face the threats of an increasingly threat-centric digital environment.
Centrify’s CEO Tim Steinkopf stated that “the survey indicates that there is still a long way to go for most organisations to protect their critical infrastructure and data… the overconfidence organisations exhibit in their ability to stop (data breaches) from happening is concerning”.
Privileged Access Abuse
Almost 75% of data breaches that occur include privileged access abuse – but fewer than half of organisations have privileged access management solutions. Less than 1 in 7 have identity solutions to remove the requirement from shared and local admin accounts, putting them at an even higher risk. However, what is privilege access abuse? It occurs when privileges associated with a particular user account are used inappropriately or fraudulently. This may happen by mistake, due to willful ignorance, or with malicious intent.
In 2017, Verizon reported that abuse of privileged accounts was the second most common cause of security incidents and the third most common cause of cyber breaches. Abuse occurs due to inadequate access control, typically when users have more access rights than they need to do their jobs or a company fails to monitor and manage access accounts and establish appropriate policies and controls. The consequences of this can be significant because privileged accounts are a gateway to critical systems and data, and abuse of these accounts can lead to the loss of sensitive data, business intelligence, and more. The loss of funds, customer loyalty, and the potential fines can cripple companies – and ensuring that the right systems are in place to manage this kind of data breach is critical to corporate success.
Modern solutions are required for modern problems – and security is no exception. Solutions which incorporate conditional access controls and the application of privileged account management is crucial to this. Companies must be aiming to protect against:
- Unwanted activity
- Third party violations
- Ex or temporary employees
- Poor experience and policies
- Human error
- Security Breaches
- …and much more
However, how can they do this? Step one is to understand what your security networks currently look like – and where your most significant vulnerabilities lie. This involves reviewing access rights and permissions, and ensuring that sensitive data is not overexposed. This means understanding user behaviour and access and obtaining meaningful insight to provide ongoing and agile security. Businesses should also pay special attention to the privileged accounts and work to gain improved visibility with their IT environment.