Information security company Cyber-Ark has been asking company exectives across the world about the advanced cyber threat landscape with both interesting and worrying results. A year ago, insider threats represented the greatest worry for corporate management but this has now shifted to external cyber threats with over half of those surveyed believing that they either have an attacker currently on their network or that one has been there within the last 12 months.
For targeted attacks that have a specific aim within the organization, perimeter security will rarely be enough to stop advanced persistent threats the can sit on a network fereting away until the goal is achieved. The answer would therefore to bolster robust network perimeter protection with advanced information asset protection technology.
There are a number of layers to the protection of company information including correct classification to make sure that those assets which are of more value are given appropriate levels of care. Encryption and data loss prevention tools are also part of the armoury available to IT security specialists but none of this is of much benefit without well-managed access management.
ProSecurityZone wanted to know more about this from experts in the protection of information assets and spoke to Cyber-Ark's regional director for the UK and Ireland, Matt Middleton-Leal. Matt explained that its becoming ever more important to lock down the corporation's most precious asset, the information it relies on to conduct its business competitively. One aspect of this is to reduce the number of shared accounts and monitor what they're being used for.
Poor management of privileged access rights has long since been the joy of cyber-spies and those wanting to disrupt a business even when it was quite a straightforward process to maintain control. However, businesses have become more complex and threats have become so advanced that manually managing access to corporate assets on the network, endpoints, users own devices and the cloud has become impossible. However, the need has become more imperitive.
Using privileged access management systems from suppliers such as Cyber-Ark not only puts barriers in place to prevent the wrong people from accessing and processing critical data, it also monitors what those who have right of access are doing with it. According to Matt, a secondary advantage of this monitoring aspect is that non-malicious users are also becoming more careful since they know they're being monitored and so are less prone to mistakes. Although secondary, this is no minor advantage since so-called insider threats are very often error-related rather than born from malice.
By using Cyber-Ark, access to all systems in the corporation is managed and controlled by the application and no person or application holds passwords. Modular access rights are still controlled within the relevant applications but the PAM system controls access to that application. A good example is an Enterprise Requirements Planning system (ERP). These tend to be pervasive applications which are modular and highly configurable. They are also critical to a company's operations. Within the ERP system, the administrator provides internal access rights to users so JSmith may have write access to scheduling and purchasing functions but not accounts receivable. However, to gain access to the ERP in the first place, JSmith must use the Cyber-Ark system which grants access at the privilege level he has and then monitors what the user then does within the system.
It is this ability to interface with other systems that extends the usability of Cyber-Ark's privileged access management beyond the world of corporate IT systems and into critical infrastructure environments. A staggering four-fifths of the Cyber-Ark survey respondents believe that cyber-threats represent a greater risk to national security than physical threats. In their eyes, the protection of critical infrastructure and industrial networks is vital. With a small amount of configuration, privileged access management can now protect critical infrastructure assets from unauthorized access regardless of what protocol they're using or how outdated the IT systems are that are attached to them.
Read more about Cyber-Ark's global survey in our news report