October 21, 2016 | Security and Risk | Amy Burnis
Make no mistake, your organization is a target – do you have an effective security program in place to detect and contain the damage of an attack? With nearly daily headlines about cyber attacks, it’s imperative that organizations understand the role privileged accounts play in the attack life cycle. If privileged credentials are not properly managed and protected, business leaders should be prepared to deal with the aftermath of a crippling breach.
Consider the role of privilege in the following scenarios:
- Insider Threats: According to industry reports, it takes about 146-170 days to detect an in-progress attack. That’s plenty of time for a malicious insider with access to authorized, privileged accounts (or an external attacker that appears as a legitimate insider) to do real damage.
- Ransomware Attacks: For many reasons, phishing is a popular attack strategy, and often the phishing emails that target employees with direct (or indirect) access to privileged accounts contain sophisticated malware, such as ransomware.
- Cloud Adoption: The fast-paced migration to the cloud and surge in automation tools comes with an increasing number of privileged accounts within IT infrastructures. This expands the potential attack surface exponentially.
These are just a few reasons why the first and most critical step in executing an effective, layered defense is to prevent the theft and exploitation of privileged credentials—across endpoints, servers and domain controllers, on-premises or in the cloud. Without these credentials, an attacker’s ability to move across the network is blocked. And if you block privilege escalation, you block the attack.
Check out our infographic for more information on the role of privileged accounts in the attack lifecycle, and learn why now is the time to give privileged account security the priority it deserves.