I’ve been presenting about privileged account security for over six years, and in that time, the number of people at our events who raise their hand when I ask the question “who has a solution to control and monitor privileged access?” has increased massively.
In the early days, it was unusual to see more than one or two people raise their hand, greeted by a sea of raised eyebrows from the rest of the audience and a knowing look that suggested that somebody had a big budget that enabled them to indulge in “nice to haves.” I generally spent between thirty and sixty minutes at the event explaining the risk around not monitoring privileged accounts, and although people often came over to see me after the presentation explaining how they recognized the risk, they were having trouble persuading the boardroom of its importance.
Of course, the last few years have seen the risks of unmanaged privileged accounts become more mainstream. It seems that hardly a day goes past without a breach announced. When we delve deeper into those breaches, the abuse of a privileged account is the primary method for attackers to move through a company’s network.
To see the damage attackers can cause with insider access, we need look no further than Edward Snowden and the NSA. Snowden, a sysadmin, had unfettered and approved access to information that was highly classified. This access was part of his job. We know the result of what he chose to do with this access.
As breaches like this continue to build up, awareness of the risk associated with unprotected and unmanaged privileged accounts is growing rapidly. In the CyberArk Global Advanced Threat Landscape survey we conducted in June, we found that 64 percent of respondents indicated that they now manage privileged accounts as an advanced threat security vulnerability.
This is positive movement and indicates broader awareness for the problem – but it’s not enough.
Companies are under a multitude of threats: hacktivists, criminal gangs intent on harvesting credit card information, nation states embarking on hacking on a massive scale and even – potentially – their own disgruntled employees. In almost every case, these attackers use privileged accounts to move around the organization undetected.
Luckily, the situation is getting better. Every time I attend an event, I notice more and more companies who are looking to deploy a privileged account security solution and want to talk about how they might go about it.
So things are changing for the better and companies are focusing their efforts on these high risk privileged accounts – but there’s more work to do.. As long as privileged accounts are the primary target of cyber-attackers on the outside and in, every company is vulnerable.