Almost 90 per cent of businesses believe that the threat of privileged users will increase in the next two years.
According to a Ponemon Institute report, 88 per cent of 693 respondents believed that the risk of privileged user abuse will increase or stay the same in the next 12-24 months, while 69 per cent of respondents do not believe their organisations have the ability to identify an insider threat before it’s too late.
Jack Harrington, vice president of cyber security and special missions at Raytheon Intelligence Information and Services, said: “While the problem is acutely understood, the solutions are not. Even a well-intentioned, seasoned, privileged user with wide access to a network poses great risks because they are high-value targets to corporate ‘hacktivists’ and persistent adversaries eager to penetrate a company’s defences.”
While 88 per cent of those surveyed recognised that enhanced security was a top priority, only 40 per cent had a dedicated budget to invest in enabling technologies to reduce insider threat.
Commenting, Matt Middleton-Leal, regional director for UK and Ireland at CyberArk, acknowledged that privileged accounts and credentials had been found to be the attack vector in a number of high-profile breaches in recent years.
“However, despite the increased awareness of the risks posed by insiders, many organisations are clearly still confused by the threat,” he said. “While Edward Snowden was a classic example of a ‘rogue insider’, the accidental or careless misuse of privileged rights can also spell disaster for a business. Added to which, the enormous power that these credentials grant has not gone unnoticed by today’s cyber criminals, who now routinely seek to take control of these accounts in order to infiltrate a target system, either to steal valuable information or to imbed malware for use at a later date.
“Privileged accounts clearly present vast and multiple vulnerabilities and must be proactively addressed within all organisations. The days of perimeter security are long gone and security strategies must now focus on locking down access to the heart of the enterprise.”
Doug Mow, CMO of Courion, said: “A disgruntled employee will leave with access credentials and statistics show that there is an average of seven rotations in one company, so privileged access is rarely changed.”
Mow said that the issue for identity and access management is it that destroys the secure perimeter, as users with enhanced access can bypass controls.