A Look at What is Next on the Horizon for Securing Organizations’ Privileged Accounts
By James Legg, President, and CEO, Thycotic
As each year passes, we analyze the successes and failures of the cybersecurity industry, knowing full well that we can’t stress enough the importance of securing access to data. Cybersecurity is only going to continue to increase in criticality, and with each breath, we are reminded how serious cyber incidents can be. The DoorDash breach affected nearly 5 million people. Almost 12 million people had their personal information accessed by a cybercriminal who infiltrated Quest Diagnostics. The average cost of a data breach is approaching $4 million, but some reports say the Capital One breach could cost the company upward of $100 million. These are just a few examples of the hundreds of data breaches that occurred in 2019.
Even with the constant news of attacks and the growing cyber awareness in the IT industry, criminals are still successfully penetrating organizations of all sizes and sectors. Most of the time, they accomplish this by targeting the victim organizations’ privileged accounts. Analysts at Forrester Research say 80 percent of data breaches involve the theft of the credentials that access these privileged accounts. These accounts allow users the “privilege” of accessing them, and the various capabilities, systems, applications, etc. they control. This access is at the center of organizations’ networks, infrastructures, and overall IT environments. As you probably expect, access to all this gives the user, authorized or not, great power within the environment — hence why it is the top target of cybercriminals.
Since we know these accounts are the most powerful and frequent target of cyber attackers, the responsibility falls on us, the Privileged Access Management (PAM) providers, to offer solutions that allow organizations to secure their privileged accounts and the information and systems they access. With that in mind, let’s take a look at where the PAM space is heading in 2020.
2019 was the year of Cloud transformation as many companies and governments began or completed their shifts to Cloud environments. As a result, the market saw a major shift as the leading providers turned their attention to delivering Cloud compatible PAM solutions. What will the shift be this year? What trends can we anticipate for this crucial sector of cybersecurity in 2020?
Partnering with PAM
A growing theme we’re seeing in several aspects of the security industry is an increase in collaboration from the various players of the market. While the PAM space is addressing the top target of cyber attackers, there are almost countless gateways into organizations that need to be protected. To adopt a common metaphor, securing an organization from cybercriminals is like securing a house from burglars. Just as a house has several ways in — doors, windows, chimneys, etc. — so does an organization: devices, the network, users and many more.
This is resulting in strategic partnerships that are bringing together specialized vendors. These partnerships are producing toolboxes of products and services that secure multiple pathways and dramatically reduce cyber risk. This is consolidating cybersecurity and providing organizations with full lifecycle solutions. As budgets often remain tight, it’s critical for CISOs to find the most efficient combination of solutions when securing their organizations because unfortunately, there is no such thing as a “one and done,” “do it all” security product.
Improving IoT security
The Internet of Things (IoT) space is ripe for security innovation. While this technology is still relatively new, the security adoption for these devices is dangerously behind.
In most cases, IoT devices, are largely ignored by organizations after installation. This means they typically rely on default passwords and configurations. Most often, when IT completes the routine updates of the company’s devices (computers, smartphones, etc.) they forget about the other internet-connected devices in their environments — such as smart TVs, which are located in many conference rooms. These are connected devices and thus are entry points for cybercriminals.
This is a golden opportunity for PAM providers to lead the charge and develop the solutions to safeguard these devices. In particular, password managers need to be offered to include all of the devices within an organization’s environment. Until IoT devices are properly secured, the networks and other systems they are connected to will be vulnerable to malicious cybercriminals.
Ransomware on the rise
Unfortunately, we are likely going to see a continued increase in ransomware. Due to the effectiveness of these schemes, cyber attackers are recognizing that companies are often opting to just pay the demanded ransom. Ransomware has been particularly lucrative for culprits targeting governments and health care systems. Sadly, it’s easier for victim organizations to submit to the cybercriminal than to deal with the fallout of the threatened malware attack. It is incredibly expensive and time consuming for a company to deal with data loss, denial of service and other consequences. To make matters worse, even when victim organizations comply, they only get access back 69 percent of the time, according to a recent report from Proofpoint.
Ransomware is most often delivered through phishing schemes via email, pop-ups, and other casual messaging. It’s relatively quick and easy for a cybercriminal to deploy and it only has to work (be *clicked*) once to penetrate an organization’s security perimeter.
Looking ahead
We know that credentials and privileged access are the top target of cyber attackers, and while the market has several solutions that can help organizations protect their credentials, criminals are only getting more sophisticated. Every day, they are developing more advanced strategies and launching new types of attacks. The challenge posed to us is to stay ahead of cybercriminals to reduce the risks to businesses. This also means that we need to keep pace with the rest of the IT industry, so that when an organization adopts new technology, the security for it is already available. There cannot be a gap that allows cybercriminals to penetrate organizations before they have deployed proper security to integrate with their new technology.
About the Author
James Legg, the President and CEO of Thycotic is responsible for the day-to-day operations at the company. He creates and executes growth strategies and initiatives designed to propel Thycotic to the next level. James has amassed over 25 years of managerial and sales experience in guiding technology companies to accelerated, sustained growth. Most recently, he served as EVice President and GM of Unitrends, Inc., after serving as CEO of PHD Virtual, acquired by Unitrends in 2013. Previously, he served as Vice President of worldwide sales for Idera Corporation, and was Vice President of sales at NetIQ Corporation, having come there via the acquisition of PentaSafe Security Technologies, a remote access, vulnerability assessment and intrusion detection solution
James can be reached online at [email protected] and at our company website https://thycotic.com/