////////////////////////////////////////////////////////////////////////////
FEATURE: THREAT ANALYSIS
The
compromise
and misuse
of privileged
identity
As the compromise and misuse
of identity is often at the core of
modern threats, privilege accounts
are a prime target for phishing and
social campaigns. Peter Draper,
Technical Director EMEA, Gurucul,
discusses how Privileged Access
Management monitoring enables
companies to mitigate against
insider threats.
I
t’s widely accepted by today’s cybersecurity departments that
many serious data breaches can be traced back to the abuse of
privileged credentials and yet teams still struggle to integrate
this realisation into day-to-day operations. On the face of it, this
shouldn’t be happening. Organisations have been making big
investments in IT security tools such as Security Information Event
Management (SIEM), next-generation firewalls and intrusion prevention
systems (IPS), as well as a variety of anomaly detection systems, email
and web filtering and Data Leak Prevention (DLP). Despite this, data
breaches continue to plague companies, with new avenues for attack
appearing such as unsecured Remote Desktop Protocol (RDP) and VPN
servers, oiled by a steady flow of software vulnerabilities, including
‘surprise’ zero days.
Organisations feel compelled to open their networks to cope with
an increasingly mobile, remote workforce, to the cloud and IoT, and
to enable a complex web of remote access used by suppliers and
service providers. Many of those connections, including those to cloud
applications, are accessed using powerful privileged account credentials
www.intelligentcio.com
INTELLIGENTCIO
55