Phone Number +1-202-802-9399 (US)

ThycoticCentrify is now Delinea!

The Lockdown

Thycotic’s Cyber Security Blog

KuppingerCole Report: Protecting the keys to your kingdom against cyber-attacks and insider threats

Written by Thycotic Team

March 8th, 2016

In November 2015, KuppingerCole released a White Paper titled “Protecting the keys to your kingdom against cyber-attacks and insider threats” outlining the state of security surrounding organizations protecting their privileged accounts throughout their organizations. In this blog post, I’d like to highlight a couple of critical points KuppingerCole makes in this report and expand a bit on why Privileged Account Management has become such an important and more prevalent topic in the security community at large.

Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, authored this white paper to share his perspective on the state of Privileged Account Management in the organizations he has worked with. Even in the introduction, Martin leads with two very important observations that, in my opinion, nicely sums up what I have also seen in the companies I’ve worked with over the years. He states: “Privilege Account Management is far more than just managing a few administrators within a particular system environment…And, “Setting up Privilege Account Management nowadays is a #1 requirement for mitigating Information Security risks and improving cyber-attack resiliency.”

Martin does an excellent job in the Highlights section of the report going into details about why Privileged Account Management is much larger than just watching over a small handful of administrators, and while he covers the technical examples of what falls under the purview of Privileged Account Management, there is a cultural component that is missing from this equation. While the number of cyber-attacks is growing, and the root causes for these attacks is more commonly being determined to be an abuse of a privileged account, leadership within organizations across the globe still make security decisions seemingly blind to these events. Commonly, the response is “It’s too hard,” or “There’s no easy solution,” and they move their security programs toward other layers of defense. Over time, this builds an organizational culture of moving to the Next Great Security Solution, rather than address the base problems which, as time continues on, become more and more the most common attack vector by both hackers and malicious insiders.

Following the steps outlined in this excellent White Paper to understand the state of your environment and begin working toward addressing the Privileged Account Management Challenge is a critical component of success. But to even begin this process, there must be an organizational culture within your security program which will support this undertaking. This is so very important, as handling this problem is absolutely a huge undertaking and can be a very difficult thing to solve without  the drive and support from leadership to expend the resources necessary to understand where your privileged accounts exist, and subsequently, how best to protect and manage those accounts now and going forward. This may not be a new concept to anyone who’s familiar with launching a new project, but for something as critical to the state of security as beginning an effort to properly manage privileged accounts, getting that executive buy-in and supportive culture established in the organization is absolutely imperative to successfully tackle the critical Privileged Account Management Challenge posed in this white paper.

Once you get this effort toward the Privileged Account Management Challenge started, then Martin’s second point comes into focus. Over the course of the last few years, we have seen more studies and reports which show an increasing trend of criminals, hackers, malicious insiders and other attackers are zeroing in on finding and taking advantage of privileged credentials to carry out whatever activity they’ve set out to do. Whether that’s intellectual property theft (common with educational institutions), data mining for personally identifiable information to sell on black markets (e.g. Target, Home Depot, Anthem, and many more), or impacting the operations of the target’s business or organization (e.g. Sony Playstation Network outages), it becomes painfully evident that protecting these keys to the kingdom should truly be the #1 priority for any organization that is trying to establish a security program. If additional efforts aren’t made by more organizations to address protecting these critical accounts that have access to so much data, then this trend will continue ever-upward. If we continue to leave the door open because it’s too difficult to close it, then intruders will continue to follow this path of least resistance and come in to our domains in that manner. The evidence shows us that the trend is there, and now is the time for us to finally take action to start making these kinds of attacks and data breaches less common than they are today.


Like this post?

Get our top blog posts delivered to your inbox once a month.