In 
“CISOs are often forced to cast a wide net, ineffectively doing a little bit of everything in an attempt to address the wide range of security threats facing their organization. Unfortunately, this approach breeds more failure than success, resulting in more tools purchased than could ever possibly be effectively deployed given the existing staff,” a report titled 'The Role of Privileged Accounts In High Profile Breaches' brought out by CyberSheath says.
CyberSheath applies business discipline to cyber security, enabling its customers to measure risk, meet compliance goals, prioritize investments, and improve overall security posture.
Despite hacktivists and advanced attacks continuing to do the most damage by exploiting privileged accounts to exfiltrate data, organizations around the world are yet to make it a top priority to protect privileged accounts. The main reason for this lapse is because of a 'responsibility white space' between an enterprise's CISO and the VP, IT Infrastructure.
“There is a shared responsibility issue. In almost every IT organization CyberSheath works with, the authority and management of privileged accounts rarely sits with the CISO. Instead the 'owner of privileged account management' is the VP of IT Infrastructure or someone with a similar title. In this 'Responsibility White Space' between security and IT infrastructure, lies the issue. In working towards a balance between ease of administration and protecting access to these accounts, doing nothing becomes the path of least resistance,”
“What many organizations have yet to take advantage of is the maturity of solutions that both protect privileged accounts and facilitate ease of administration through workflow approvals, mobile access and direct connections to managed devices. Protecting, managing and monitoring privileged account access is a business enabler for the IT delivery organization in addition to a critical strategy in the protection against advanced and insider threats,” it says.
“Given that context, in 2013 we saw many CISOs prioritizing their resources by buying tools that were force multipliers rather than point solutions. We witnessed priority being given to products that integrated new security solutions with the existing security investments. Organizations are pushing the data they get from privileged session exploits into their security information and event management solutions for real time operational intelligence. Where previously you had to wait for forensics to be done to find out which privileged accounts had been compromised, now that information is available as it happens with privileged credential management solutions,” the report said.
As part of the comprehensive report, CyberSheath researched and analyzed 10 well-reported attacks (including Edward Snowden and the National Security Agency, Blackpos Malware breaches and the compromise of The New York Times) over the last 12 months, all containing elements of privileged account exploitation.
It examined how protecting, managing, and monitoring these accounts could have prevented these attacks and has suggested strategic takeaways for CISO.
Add new comment