At a time of nonstop technological shift and churn, of terraforming and re-terraforming in cyber security, agility and the ability to improvise and pull off impromptu victories is essential. And quick wins feel good. They’re a boon to morale, and they go a long way toward reducing the once colossal hacker to an abundantly mortal and beatable foe.
The feeling that comes with scoring a quick win can be highly addictive. And with the fist-pumping and backslapping it generates, it can lull organizations into a false sense of security — into overestimating its overall level of vulnerability to attack. In this sense, quick wins, in as far as they are short-term, can be bad for an organization that has a goal of achieving something that will endure.
If there is an acceptable quick win at all, it’s in conducting an initial discovery of your privileged accounts across all platforms. This discovery process will help you determine your risk profile, and help assess the nature of the long game. Typically, you will find that many individuals have more privileges than they need to do their job. It’s definitely an eye-opener as you start to peel back the layers. The CyberArk document below will discuss this process as part of the Cyber Hygiene Program.
Shift, churn … vulnerability
Any organization that is serious about preventing security breaches must secure their privileged accounts and credentials. Companies that do so are recognizing certain realities of doing business today, including but not limited to:
- The “R” Factor – Worldwide damages from ransomware attacks are predicted to reach $11.5 billion annually by 2019. By 2019, there will be a ransomware attack every 14 seconds. (Source)
- Mobile workforce – More than half of office professionals will be working remotely by 2020 (Source). Remote workers can open their employers to security risk in many ways, including: using free Wi-Fi hotspots; emailing work documents to and from personal email; using free USB charging points.
- Changing infrastructures – Agile companies change. Priorities shift, and with these shifts come adjustments or even wholesale changes to infrastructure: new SaaS applications or apps built using DevOps methodologies; expanded cloud portfolios; data centre consolidation. Attackers know that with these shifts also comes potential vulnerability.
The process of securing credentials, with these moving parts (and many more) in play, can become complex, especially in larger organizations. Securing privileged accounts is not a quick-fix, “one and done” kind of thing. It calls for regular review and intense scrutiny. Companies play the long game by ensuring their privileged account security program is up to date and continues to protect their critical infrastructure, customer data, intellectual property, and other vital assets.
Any information security program needs to be built for the long game. The policy framework must ensure resiliency to new threats and architectures, and perimeter appliances must be designed to handle traffic three to five years from now. In many cases, data retention practices are in effect seven years or longer. Privileged access management is no different. From legacy applications to administration of new cloud Services, it’s critical that you have a roadmap for understanding and managing your privileged accounts.
CyberArk has produced a white paper, “CyberArk Privileged Account Security Cyber Hygiene Program,” that examines the security challenges facing today’s agile organizations and presents a programmatic approach designed to help companies protect themselves by establishing and maintaining strong privileged account security hygiene. This timely white paper covers:
- Maximum protection for privileged accounts – eliminating irreversible network takeover attacks; controlling and securing infrastructure accounts; limiting lateral movement; protecting credentials for third-party applications; managing NIX SSH keys; defending DevOps secrets in the cloud and on-premises; securing SaaS admins and privileged business users
- Next steps – solutions and capabilities to help organizations continue to build upon their privileged account security program and improve the organization’s overall security posture
The “30-Day Sprint” presented in this CyberArk report is a framework for shutting down with extreme prejudice the privileged pathway in Windows environments. Done right, the framework is not merely effective because it prevents breaches but because it builds in a second level: that if on the off-chance a bad actor happens to successfully compromise a workstation, they will (a) be detected quickly and (b) find it exceedingly difficult to move any further down the chain toward the golden egg, which is your critical data.
CyberArk is the global leader in privileged access security, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including more than 50 percent of the Fortune 100, to protect against external attackers and malicious insiders.