by Josh Arrington
With several major security shows like the U.S. RSA Conference 2012 and Black Hat Europe behind us, and several more in the queue, the industry is tireless when it comes to elevating awareness around the evolving threat landscape. And it has to be, as it seems hackers never ease up in their relentless pursuit of vulnerabilities to exploit. With that said, let’s take a look at some topics that are generating buzz in IT security. We’ll dub this our IT Security Rewind: March Madness Edition!
No Longer Privileged: Employee turnover is a cost of doing business, but what happens when an employee with privileged user account access (e.g. a sys-admin) leaves the company? Apparently not enough. An IT Director piece examines the propensity of organizations to ineffectively close out the user accounts of inactive sys-admins. Fortunately, proactive removal and monitoring of privileged accounts is a central tenet of effective privileged identity management best practices. Organizations should avoid risks by deploying solutions that grant privileges on an ‘as needed’ basis.
APT? What’s in a name? The pursuance of a precise definition continues to perplex the IT security community and this week CSO took a stab at truly defining the term through an in-depth feature. The article focuses on the basic components of an APT, the normal actors involved, and some common attack vectors. One glaring omission: The piece does not address the privileged escalation angle that is commonly associated with most APTs.
Password: You are the Weakest Link. Goodbye: Joe McKendrick of ZDNet compiled an insightful follow-up post to the results of the Trustwave 2012 Global Security Report which highlights how poor IT password management persists as the largest security concern facing most organizations. The report indicates that “the use of weak and/or default credentials continues to be one of the primary weaknesses exploited by attackers for internal propagation.” As McKendrick describes, the use of default (and hardcoded) passwords, in particular, creates system-wide vulnerabilities that enable hackers to attack with limited sophistication.
That’s it for this week—what else is making you “mad” about IT security?
