Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label PAM. Show all posts

Managing Privileges is Essential Security Strategy

In order to stop increasingly sophisticated hacker assaults, having a system that regulates privileged access is crucial. Therefore, one must integrate privilege removal into their cyber strategy to ensure secure protection without loopholes.

Privileged access: What Is It?

Privileged access occurs when a system's technical maintenance, changes, or privileged emergency outages are carried out by an entity using an administrative account or a credential with boosted permissions. This could happen on-site or in the cloud. Technical privileges are separate from high-risk entitlements connected to business operations in this context. For all essential use instances, PAM controls ensure that privileges, including any related mechanisms like privileged accounts or credentials, are used in permitted target systems.

According to several institutions, safeguarding administrator passwords in a password vault entails securing privileged identities. In reality, a comprehensive plan that addresses what qualifies as a privileged action is required.

Eliminating privileges will safeguard one against attacks

Around 80% of breaches include violation of privileges, according to Verizon's Data Breach Investigations Report 2022.

Hackers use linked devices, local repositories, and more to access privileged passwords. As a result, every company's defensive plan should include reducing privilege. A hacker must complete several steps in order to carry out a cyber-attack. To begin with, they hack into the system of the business and then attempt to escalate privileges or move laterally in their investigation process until they find new privileges that offer more access. And finally, when they carry out the attack.

Hence, robbing a hacker of their privileges through PAM stops them from moving on to the next stage. No matter how they entered, if they are unable to pass through, the attack fails. Employing privilege elimination will also defend against a variety of attacks.




Ransomware Attacks Declined by 61% But Organizations Must Remain Vigilant

 


Despite WannaCry infecting thousands of PCs worldwide in 2017, ransomware has always remained one of the biggest threats to corporations worldwide. There is, however, new research that indicates that this persistent threat may be on the decline.  

Privileged access management (PAM) provider Delinea, in partnership with Censuswide, has released the 2022 State of Ransomware Report, a comprehensive study of the latest forms of ransomware. There was a survey of 300 U.S.-based IT decision-makers conducted by the research firm, and results showed that only 25% of companies had been affected by ransomware attacks over the last calendar year.  

This represents a 61% decline in incidents of theft from organizations over the last 12 months when 64% of organizations reported being victims in that period. Additionally, according to the report, the number of companies that paid ransoms decreased from 82% at the beginning of the study period to 68% at the end of the research.  

The fact that these attacks are still common enough to cause serious data breaches is encouraging news for enterprises. However, security leaders cannot afford to become complacent in the face of attacks. 

Ransomware: Why organizations should not be complacent  

However, organizations should not relax their security precautions, although ransomware attacks appear to be declining. As ransomware breaches cost an average of $4.5 million, this is particularly significant when there is potential for an increase. 

According to Joseph Carson, chief security scientist and advisory CISO at Delinea, ransomware remains a significant concern and a threat to any organization. He further continued that they saw some signs of complacency in the survey research. This could be a sign that ransomware will be on the rise in 2023. 

An example of complacency is the decline in the number of organizations that include incident response plans, which is one of the signs of complacency. As a result, this number dropped from 94% to 71%. These circumstances may make it less likely for these companies to be able to respond to data breaches effectively. This may give threat actors more opportunities to steal critical data assets from these companies. 

Actions to be taken proactively

Rather than succumbing to complacency, organizations should remain prepared while continuing to invest time, money, and effort in proactive security solutions to prevent breaches.  

The key to protecting networks and systems from these types of attacks is making organizations more proactive about cybersecurity. This is especially true in areas where they are most vulnerable, such as identity management and access controls.  

In Carson's view, the most pertinent aspect of this concerns adopting and enforcing the principle of least privilege and employing multifactor authentication (MFA) and password vaulting to decrease enterprises' vulnerability to ransomware attacks.  

Furthermore, other measures can be taken to mitigate additional risks including frequent data backups, comprehensive incident response plans, and investing in cyber insurance policies.