In its early stages, privileged access management (PAM) involved protecting only the passwords used for privileged accounts. But it evolved beyond that single purpose in the years that followed. Nowadays, it includes other security functions like multifactor authentication (MFA), session monitoring, proxying and user behavior analytics (UBA). Take a look at how these connect for better protection overall. 

PAM in an Evolving Threat Landscape

To understand why, it’s useful to look at how digital attackers work and which data types they’re hoping to steal. The 2021 Data Breach Investigations Report (DBIR) provides a glimpse into both. Verizon Enterprise found that credentials amounted to the most sought-after data variety in breaches and that more than a quarter of those incidents began with a digital break-in. In order do that, the attackers tried to steal an authorized set of credentials.

The reality is that some of those attackers didn’t just try: they succeeded. Meanwhile, privileged access management has evolved alongside them. Credentials consist of just a username and a password that someone can phish, intercept or leave exposed in some way. It’s too easy for that information to end up in the hands of someone with malicious intent. So, it’s too easy for a single-minded PAM strategy to fail.

Not Just Password Protection

But, at the same time, that’s besides the point. Privileged access management is not password management. It’s about protecting access to privileged accounts. MFA, UBA and the newer elements of PAM all help to ensure that access remains restricted if someone steals a trusted set of credentials. They can even help security teams spot when someone succeeds in accessing a privileged account.

A threat actor won’t let that access go to waste, after all. They’ll use those privileges to try to conduct reconnaissance, move laterally across the network and remove sensitive information. All they need is enough time.

Time is not something that the average attacker needs to worry about. The 2020 Cost of a Data Breach report found that data breaches came with an average dwell time of 280 days. That means the attackers had almost a year to gather what they could from their victims’ networks.

Learn more about PAM

The Need for a Layered Strategy

So, how do you prevent that from impacting your organizations? To make the most out of privileged access management going forward, use it as part of a layered defense strategy. This approach goes beyond just the need to manage privileged access credentials. It also involves protecting critical assets so that defense teams can spot potential instances of compromise and/or lateral movement.

That’s sometimes easier said than done. Years ago, most businesses and agencies didn’t have any virtualized applications or workloads. The data center existed on-premise, and the corporate network sat within the physical confines of the office building. So, they focused on hardening the security of their endpoints using endpoint detection and response (EDR) solutions.

The problem is that EDR does not account for containers, the cloud, applications and more recent additions. You need extended detection and response (XDR) that builds upon EDR by using critical data and telemetry to extend visibility across all critical assets.

XDR and Beyond

XDR isn’t the only way to thwart malicious actors’ misuse of privileged accounts, either. In the event that someone does take over an account, organizations need to make sure that the actor can’t access any of their sensitive information in a way that allows them to walk away with it. Network monitoring tools can help security teams to gain visibility over and block these attempts, for instance, while encryption can help protect data by preventing malicious actors from viewing it in plaintext.

Clearly, privileged access management consists of some vital security functions. But it’s not meant to replace your whole strategy. Instead, it functions best as part of that strategy.

More from Intelligence & Analytics

2022 Industry Threat Recap: Manufacturing

It seems like yesterday that industries were fumbling to understand the threats posed by post-pandemic economic and technological changes. While every disruption provides opportunities for positive change, it's hard to ignore the impact that global supply chains, rising labor costs, digital currency and environmental regulations have had on commerce worldwide. Many sectors are starting to see the light at the end of the tunnel. But 2022 has shown us that manufacturing still faces some dark clouds ahead when combatting persistent…

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly rapid pace. The need to ensure the security and safety of these technologies has never been more pressing. So, let’s discover a range of measures…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

The 13 Costliest Cyberattacks of 2022: Looking Back

2022 has shaped up to be a pricey year for victims of cyberattacks. Cyberattacks continue to target critical infrastructures such as health systems, small government agencies and educational institutions. Ransomware remains a popular attack method for large and small targets alike. While organizations may choose not to disclose the costs associated with a cyberattack, the loss of consumer trust will always be a risk after any significant attack. Let’s look at the 13 costliest cyberattacks of the past year and…