Mobile

5/9/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Insider and Third-Party Access Ranks as Top Cyber Threats for Global Organizations

Bomgar's 2017 Secure Access Threat Report finds many organizations still allow a myriad of internal and external parties unsecured privileged access to critical systems and data.

Atlanta, GA – Bomgar, a leader in secure access solutions, today announced the results of its 2017 Secure Access Threat Report, which finds that insider and third-party access are growing security threats facing organizations and enterprise IT systems. The global survey explores the visibility, control, and management that IT organizations in the U.S. and Europe have over employees, contractors, and third-party vendors with privileged access to their IT networks. Despite rising awareness of the threats posed by users with privileged access permissions, most organizations still allow a myriad of internal and external parties to access their most valuable systems and data. Many are placing trust in both employees and third parties without a proven means of managing, controlling, and monitoring the access that these individuals, teams, and organizations have to critical systems and networks.

The 2017 Secure Access Threat Report respondents outlined two primary, yet distinct threats: insiders nd third parties. Insiders are classified as employees or people acting as an employee for the business, including freelancers or on-premises contractors, while third parties are defined as external vendors or suppliers granted access to business systems, including outsourcers.

The report revealed that 90 percent of security professionals trust employees with privileged access most of the time, but only 41 percent trust these insiders completely. Despite placing a lot of trust in employees by granting them privileged access, security professionals are paradoxically aware of the numerous risks that these individuals pose to the business. While most were not primarily worried about breaches of malicious intent, they have concerns that a breach was possible due to employees unintentionally mishandling sensitive data, or that employee’s administrative access or privileged credentials could easily be phished by cyber criminals. Yet, businesses are still falling behind with only 37 percent of respondents having complete visibility into which employees have privileged access and 33 percent believing former employees could still have corporate network access.

Generally, employees want to be productive and responsible at work, suggesting that most employees are not malicious, but rather skirt security best practices to speed up productivity. This is driving the need for access solutions that prioritize both productivity and usability, without sacrificing security, that can be seamlessly integrated into applications and processes that employees already use.

“It only takes one employee to leave an organization vulnerable,” said Matt Dircks, Bomgar CEO. “With the continuation of high-profile data breaches, many of which were caused by compromised privileged access and credentials, it’s crucial that organizations control, manage, and monitor privileged access to their networks to mitigate that risk. The findings of this report tell us that many companies can’t adequately manage the risk related to privileged access. Insider breaches, whether malicious or unintentional, have the potential to go undetected for weeks, months, or even years – causing devastating damage to a company.”

The report also uncovered that data breaches through third-party access are widespread. External suppliers continue to be an integral part of how most organizations do business. On average, 181 vendors are granted access a company’s network in any single week, more than double the number from 2016. In fact, 81 percent of companies have seen an increase in third-party vendors in the last two years, compared to 75 percent the previous year.

With so many third-parties granted access to an organization’s systems, perhaps it’s no surprise that more than two-thirds (67 percent) have already experienced a data breach was ‘definitely’ (35 percent) or ‘possibly’ (34 percent) linked to a third-party vendor. While 66 percent of security professionals admit that they trust third-party vendors too much, action has not followed this recognition. Processes to control and manage privileged access for vendors remains lax, as evidenced by only 34 percent of respondents being totally confident that they can track vendor log-ins, and not much more (37 percent) confident that they can track the number of vendors accessing their internal systems.

“As with insiders, third-party privileged access presents a multitude of risks to network security. Security professionals must balance the business needs of those accessing their systems – whether insiders or third-parties – with security,” added Dircks. “As the vendor ecosystem grows, the function of managing privileged access for vendors will need to be better managed through technology and processes that provide visibility into who is accessing company networks, and when, without slowing down business processes.”

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
121 Pieces of Malware Flagged on NSA Employee's Home Computer
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/16/2017
Mobile Malware Incidents Hit 100% of Businesses
Dawn Kawamoto, Associate Editor, Dark Reading,  11/17/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Managing Cyber-Risk
An online breach could have a huge impact on your organization. Here are some strategies for measuring and managing that risk.
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.