Businesses are Failing to Block HackersJuly 3rd, 2012 by BrightCloud
Businesses are largely failing to block hackers from exploiting privileged IT accounts to access sensitive commercial data, a survey has revealed.
Some 63% of more than 400 IT staff polled across Europe agreed that recent cyber attacks have involved the exploitation of privileged account access, according to the latest annual Trust, Security and Passwords survey and report by security software company Cyber-Ark.
However, 48% of respondents said their organisations either did not monitor the use of privileged accounts or were unsure if they did. Worse still, 50% of respondents admitted they were able to get around the controls put in place to monitor their privileged access. Nearly half also admitted that they would take company information with them if they were fired, such as privileged passwords (9%) and customer databases (8%).
“A huge number of companies do not have effective privileged identity management systems in place, and many of the organisations either don’t realise this is a threat or continue to ignore it because its far down their list of priorities.”
Duncan Little, BrightCloud Managing Director
Organisations need to put systems in place that tighten up the use of privileged accounts with planned delegation of authority throughout the business and add application security tools and more secure access. New technologies such as Next Generation firewalls and Network Access Control can truly add valuable security quickly, either as a product or a managed service. Although awareness of the issue is growing, few organisations are fully aware of the potential security risk at all levels; there is still a long way to go on that.
Exploitation of privileged accounts has become the sweet spot for cyber attackers due to their far-reaching and powerful access rights. Therefore, monitoring and securing privileged accounts must be central to any organisation’s security strategy, whether they are looking to protect against the rogue insider, the cyber attacker, or both.