Why 74% of data breaches start with privileged credential abuse
Centrify’s survey shows organisations are granting too much trust and privilege, opening themselves up to potential internal and externally-driven breaches initiated with compromised privileged access credentials.
Enterprises who are prioritising privileged credential security are creating a formidable competitive advantage over their peers, ensuring operations won’t be interrupted by a breach. However, there’s a widening gap between those businesses protected from a breach and the many who aren’t. In quantifying this gap consider the typical U.S.-based enterprise will lose on average $7.91M from a breach, nearly double the global average of $3.68M according to IBM’s 2018 Data Breach Study.
Further insights into how wide this gap is are revealed in Centrify’s Privileged Access Management in the Modern Threatscape survey results published today. The study is noteworthy as it illustrates how wide the gap is between enterprises’ ability to avert and thwart breaches versus their current levels of Privileged Access Management (PAM) and privileged credential security. 74% of IT decision makers surveyed whose organisations have been breached in the past, say it involved privileged access credential abuse, yet just 48% have a password vault, just 21% have multi-factor authentication (MFA) implemented for privileged administrative access, and 65% are sharing root or privileged access to systems and data at least somewhat often.
Addressing these three areas with a Zero Trust approach to PAM would make an immediate difference in security.
“What’s alarming is that the survey reveals many organisations, armed with the knowledge that they have been breached before, are doing too little to secure privileged access. IT teams need to be taking their Privileged Access Management much more seriously, and prioritising basic PAM strategies like vaults and MFA while reducing shared passwords,” remarked Tim Steinkopf, Centrify CEO. FINN Partners, on behalf of Centrify, surveyed 1,000 IT decision makers (500 in the U.S. and 500 in the U.K.) online in October 2018. Please see the study here for more on the methodology.
How you choose to secure privileged credentials determines your future
Identities are the new security perimeter. Threats can emerge within and outside any organisation, at any time. Bad actors, or those who want to breach a system for financial gain or to harm a business, aren’t just outside. 18% of healthcare employees are willing to sell confidential data to unauthorised parties for as little as $500 to $1,000, and 24% of employees know of someone who has sold privileged credentials to outsiders, according to a recent Accenture survey.
Attackers are increasingly logging in using weak, stolen, or otherwise compromised credentials. Centrify’s survey underscores how the majority of organisations’ IT departments have room for improvement when it comes to protecting privileged access credentials, which are the ‘keys to the kingdom.’ Reading the survey makes one realise that forward-thinking enterprises who are prioritising privileged credential security gain major cost and time advantages over their competitors. They’re able to keep their momentum going across every area of their business by not having to recover from breaches or incur millions of dollars on losses or fines as the result of a breach.
One of the most promising approaches to securing every privileged identity and threat space within and outside an organisation is Zero Trust Privilege (ZTP). ZTP enables an organisations’ IT team to grant least privilege access based on verifying who is requesting access, the context of the request, and the risk of the access environment.
Key lessons learned from the Centrify survey
How wide the gap is between organisations who see identities as the new security perimeter and are adopting a Zero Trust approach to securing them and those that aren’t is reflected in the results of Centrify’s Privileged Access Management in the Modern Threatscape survey. The following are the key lessons learned of where and how organisations can begin to close the security gaps they have that leave them vulnerable to privileged credential abuse and many other potential threats:
- Organisations’ most technologically advanced areas that are essential for future growth and attainment of strategic goals are often the most unprotected. Big data, cloud, containers and network devices are the most important areas of any IT infrastructure. According to Centrify’s survey, they are the most unprotected as well. 72% of organisations aren’t securing containers with privileged access controls. 68% are not securing network devices like hubs, switches, and routers with privileged access controls. 58% are not securing Big Data projects with privileged access controls. 45% are not securing public and private cloud workloads with privileged access controls. The study finds that UK-based businesses lag U.S.-based ones in each of these areas as the graphic below shows:
- Only 36% of U.K. organisations are very confident in their company’s current IT security software strategies, compared to 65% in the U.S. The gap between organisations with hardened security strategies that have a higher probability of withstanding breach attempts is wide between U.K. and U.S.-based businesses. 44% of U.K. respondents weren’t positive about what Privileged Access Management is, versus 26% of U.S. respondents. 60% of U.K. respondents don’t have a password vault.
- Just 35% of U.S. organisations and 30% of those in the UK are relying on Privileged Access Management to manage partners’ access to privileged credentials and infrastructure. Partners are indispensable for scaling any new business strategy and expanding an existing one across new markets and countries. Forward-thinking organisations look at every partner associates’ identity as a new security perimeter. The 35% of U.S.-based organisations doing this have an immediate competitive advantage over the 65% who aren’t. By enforcing PAM across their alliances and partnerships, organisations can achieve uninterrupted growth by eliminating expensive and time-consuming breaches that many businesses never fully recover from.
- Organisations’ top five security projects for 2019 include protecting cloud data, preventing data leakage, analysing security incidents, improving security education/awareness and encrypting data. These top five security projects could be achieved at scale by having IT teams implement a Zero Trust-based approach to Privileged Access Management (PAM). The time, cost and scale advantages of getting the top five security projects done using Zero Trust would free up IT teams to focus on projects that deliver direct revenue gains for example.
Centrify’s survey shows organisations are granting too much trust and privilege, opening themselves up to potential internal and externally-driven breaches initiated with compromised privileged access credentials. It also reveals that there is a strong desire to adhere to best practices when it comes to PAM (51% of respondents) and that the reason it is not being adequately implemented rarely has to do with prioritisation or difficulty but rather budget constraints and executive buy-in.
The survey also shows U.K. – and U.S.-based organisations need to realise identity is the new security perimeter. For example, only 37% of respondents’ organisations are able to turn off privileged access for an employee who leaves the company within one day, leaving a wide-open exposure point that can continue to be exploited.
There are forward-thinking organisations who are relying on Zero Trust Privilege as a core part of their digital transformation efforts as well. The survey found that given a choice, respondents are most likely to say digital transformation (40%) is one of the top 3 projects they’d prefer to work on, followed by Endpoint Security (37%) and Privileged Access Management (28%). Many enterprises see digital transformation’s missing link being Zero Trust and the foundation for redefining their businesses by defining every identity as a new security perimeter, so they can securely scale and grow faster than before.
Interested in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.
- » Why the Internet of Things and DDoS attacks are a match made in heaven
- » Why the missing link for enterprise digital transformation is Zero Trust Security
- » The cybersecurity angle: Why recent research and investment in quantum and IoT is key
- » Stratix joins Android Enterprise Recommended initiative
- » Why SIEM alone is not able to stop insider threats