Endpoint

12/24/2018
09:00 AM
By Adam Bosnian, Executive Vice President of Global Business Development, CyberArk
By Adam Bosnian, Executive Vice President of Global Business Development, CyberArk
Sponsored Article
50%
50%

Privileged Access & the Future of Security

Prioritizing privileged access can dramatically reduce the business impact of an attack. Here are five reasons why.

Industry research firm Gartner this month released the first-ever Magic Quadrant for Privileged Access Management (registration required). It is, in our view, a significant milestone for the industry.  

Privileged credentials exist everywhere. The adoption of cloud, DevOps, robotic process automation, and the Internet of Things have dramatically expanded the threat landscape. Attackers know this, which is why nearly 100% of all advanced attacks today rely on the exploitation of privileged credentials to reach a target’s most sensitive data, applications and infrastructure.

While there is no silver bullet for achieving bullet-proof cybersecurity, organizations can dramatically reduce the impact of an attack by prioritizing privileged access . These five reasons show why securing privileged access matters more today than ever before:

1. Privileged Access Provides a Pathway to Critical Assets
Attacks that reach the domain controller level can lead to a hostile takeover of network and assets. Attackers are starting to apply this approach to new environments, targeting cloud consoles and orchestration tools to gain control overall all infrastructure. Attackers who gain this level of privileged access can control any server, controller, endpoint or piece of data, anywhere on a network. They can run commands, or download/install anything they want. Regardless of the environment, privileged access management helps secure tier0/critical assets. 

2. Humans Are Going to Be Human – Trust is Not a Security Policy
Humans are always the weakest link in the cybersecurity chain. Whether it’s privileged users abusing their level of access, or attackers targeting and stealing privileges from users to masquerade as a privileged insider, having a privileged access management program in place to protect from these abuses is paramount. Privilege is also the control that makes sure that the right people have only the necessary levels of access to sensitive applications and infrastructure to do their jobs, ensures that the activities occurring within an environment aren’t malicious, or if they are, enables security operations teams to take quick action.

3. Privileges Proliferate across Machines and Applications
For systems to work together, they have to access one another. That’s why the number of machines and applications that require privileged access vastly outnumber the number of people. These non-human entities are harder to monitor, keep track of, or even identify. Commercial apps typically require access to various parts of the network, which attackers can exploit. A good privilege strategy accounts for everywhere privileges live and detects anomalous activities as they occur.

4. Privileges at the Endpoint
Every single workstation in an organization contains privilege by default. Built-in admin accounts allow IT to fix issues locally, but creates a massive security gap that attackers target and exploit. Attackers can exploit these risky systems by getting in and then jumping laterally from workstation to workstation until they reach what they are looking for.

A proactive privileged access security program should account for the comprehensive removal of local administrative rights on workstations. Without this step, attackers can easily move laterally into – and around – the network.

5. Achieving Compliance Revolves around Privilege
Putting privileged access at the forefront of an organization’s security and risk management strategy enables the recording and logging of all activities that relate to critical IT infrastructure and/or sensitive information. The ability to monitor and detect suspicious events in an environment is very important. But without a clear focus on what presents the most amount of risk – unmanaged, unmonitored and unprotected privileged access – the business will remain vulnerable.

To download a complimentary copy of the Gartner Magic Quadrant for Privileged Access Management, please click here.

Gartner, Magic Quadrant for Privileged Access Management, Felix Gaehtgens, Dale Gardner, Justin Taylor, Abhyuday Data, Michael Kelley, 3 December 2018.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. 

About the Author:
Adam Bosnian is executive vice president at CyberArk, where he is responsible for managing and expanding global strategic relationships with technology partners. As an early member of the CyberArk management team, Bosnian led the industry to define the market for privileged account security and has played a key role in helping to secure and maintain CyberArk’s leadership in the space.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
BEC Scammer Pleads Guilty
Dark Reading Staff 3/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15583
PUBLISHED: 2019-03-25
Cross-Site Scripting (XSS) vulnerability in point_list.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter.
CVE-2017-7340
PUBLISHED: 2019-03-25
A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality.
CVE-2014-9187
PUBLISHED: 2019-03-25
Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recomme...
CVE-2014-9189
PUBLISHED: 2019-03-25
Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. Honeywell...
CVE-2019-10044
PUBLISHED: 2019-03-25
Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters e...