Businesses are facing new security threats, and privileged credentials are an often-overlooked source of breaches. Employing a zero-trust security strategy has become a business imperative.
Organizations today face a growing number of security threats. Ransomware attacks are on the rise and make more frequent appearances in the headlines. Cybercrime is continuously evolving as criminals invent new ways to threaten business security.
While outsider attacks make the news, insider threats are often overlooked. Insider security breaches are the threats that come from employees with privileged access, and such breaches can be accidental or malicious.
80% of all security incidents involve compromised privileged credentials.1
The growth and danger of privileged accounts
Privileged accounts are expanding in complexity and scope. Such accounts include human and nonhuman users with special access to an organization’s most critical assets: your network, systems and data.
Privileged human users include infrastructure and application administrators, developers, cloud administrators, third parties or contractors. Privileged nonhuman users included service and application accounts, hardcoded credentials, dormant accounts, Internet of Things (IoT) devices and robotic process automation (RPA) bots.
According to a study by the cybersecurity company Venafi, machine-identity-related cyberattacks grew by more than 400% between 2018 and 2019.2 In hybrid cloud environments—which are fast becoming the norm—the definition of a privileged account has widened further to include containers, servers and applications that have privileged access. And a growing number of organizations now have a hybrid workforce, with users, data and resources dispersed across the world, opening the enterprise to further vulnerabilities. All these factors broaden the potential attack surface for bad actors looking for an entry point.
40% of insider-proved incidents involve an employee with privileged access to sensitive company assets.3
Insider-caused security incidents can be unintentional, but those caused by malicious insiders involve a higher degree of privileged access and carry an even heavier price tag.
Addressing insider security threats is essential given the enormous possible consequences of a breach for businesses—from lost revenue to lost productivity to lost trust and reputation.
The global average total cost of a data breach in 2020 was USD 3.86 million.4
This proliferation of human and nonhuman accounts with privileged access to sensitive company information has undeniably increased risk for the enterprise. Threat actors actively target privileged accounts as an entry point into IT environments, from which they can compromise systems and steal sensitive company and customer data. Stolen or compromised privileged credentials can lead to highly damaging and costly data breaches.
Zero trust: Creating context-based security
To prepare for and mitigate security threats stemming from compromised privileged credentials, organizations need a modern approach to security. The concept of zero trust can help them execute context-based security across the enterprise.
Zero trust isn’t a product; it’s a set of principles to guide an organization’s security strategy. Its foundation is: never trust, always verify and enforce the principle of least privilege. A zero-trust approach entails wrapping security around every user, every device and every connection, every time. When a breach does occur, following zero-trust principles can help you get to the root of the problem faster.
Zero trust asks:
- Should a person have access?
- How long should that access last?
Today, zero trust has become a business imperative. Organizations are no longer asking, “What is zero trust?” or “Why should I adopt zero trust?” Instead, the question is, “How do I do it?”
80% of enterprises have plans to begin or advance their zero-trust adoption within the next 24 months.5
5 requirements for a zero-trust security strategy
- Implement the principle of least privilege.
- Protect high-power privileged accounts.
- Strengthen end-point security.
- Monitor privileged account activities.
- Apply multifactor authentication for business-critical assets.
Register for the zero-trust strategy paper from IBM and Forrester.