April 25, 2019 By Ronan O'Connor 2 min read

Your security infrastructure is there to protect your organization from malicious threats. That much is obvious, but what happens when a user’s credentials are compromised and threat actors access your systems? This could expose your company to a data breach and all the reputational damage, operational downtime and financial costs that come with it.

But all access is not created equal. What would happen to your organization if one of your privileged users had their identity compromised? Privileged account management (PAM) helps protect against the most dangerous data breaches because it enables you to closely monitor your most sensitive accounts.

Protecting Your Privileged Users Is Paramount

The majority of security breaches involve the compromise of user and privileged accounts via attack vectors such as phishing, malware and other means. Once the attacker establishes a foothold in the network, the next step is to find and hijack a privileged account, enabling the actor to move laterally across the network while appearing as a legitimate user.

At this point, the malicious activity can begin. Attackers often search compromised networks for valuable data such as personally identifiable information (PII), intellectual property and financial data. Such sensitive information enables threat actors to commit financial fraud as well as other crimes.

The bottom line is that protecting critical data means protecting your most valuable users. That’s why Gartner recognized privileged account management in its “Top 10 Security Projects for 2019,” along with detection and response, cloud security posture management, business email compromise, and more. The research firm also placed PAM on its 2018 list.

Further demonstrating the criticality of PAM is a Centrify survey that revealed 74 percent of data breaches involve unauthorized access to a privileged account. If privileged access is the most fruitful point of attack for cybercriminals, why are so many companies still not taking even basic steps to prevent this abuse?

Tackle Privileged Abuse With the Zero Trust Model

If you’re looking to tackle privileged abuse once and for all, you should consider adopting a zero trust strategy. According to Forbes, applying an approach of “never trust, always verify” can help grow digital business models. To implement a zero trust architecture, you must adopt a strategy built around constant verification. This means creating an environment in which all access is cut off until the network knows who is attempting to access it.

Since cybercriminals target privileged users, consider abandoning the traditional castle-and-moat approach and limit the user’s ability to move through internal systems once they have initially accessed the network. Default connections within your network are a key point of failure that malicious agents are constantly trying to exploit.

Traditional firewalls act as a barrier between internal and external activity. To move to a zero trust environment, you must create a more granular perimeter around individually segmented applications, databases and other key pieces of your infrastructure.

The first step is to define your strategy, not your technology. Decide how you want to proceed, examine how you can apply this to your organization’s infrastructure and then look for the right tools to execute that approach.

It’s all about building a system that can protect the most valuable users and systems within your organization. Understand that your privileged users are also the ones that make your company the most vulnerable — that is, if you don’t mitigate those risks by monitoring these accounts differently. Creating a verification-centric security system for these users is one way to reduce the biggest risks.

Register for the webinar to learn more

More from Identity & Access

Another category? Why we need ITDR

5 min read - Technologists are understandably suffering from category fatigue. This fatigue can be more pronounced within security than in any other sub-sector of IT. Do the use cases and risks of today warrant identity threat detection and response (ITDR)? To address this question, we work backwards from the vulnerabilities, threats, misconfigurations and attacks that IDTR specializes in providing visibility into. As identity threat detection and response (ITDR) technology evolves, one of the most common queries we get is: “Why do we need…

Access control is going mobile — Is this the way forward?

2 min read - Last year, the highest volume of cyberattacks (30%) started in the same way: a cyber criminal using valid credentials to gain access. Even more concerning, the X-Force Threat Intelligence Index 2024 found that this method of attack increased by 71% from 2022. Researchers also discovered a 266% increase in infostealers to obtain credentials to use in an attack. Family members of privileged users are also sometimes victims.“These shifts suggest that threat actors have revalued credentials as a reliable and preferred…

Passwords, passkeys and familiarity bias

5 min read - As passkey (passwordless authentication) adoption proceeds, misconceptions abound. There appears to be a widespread impression that passkeys may be more convenient and less secure than passwords. The reality is that they are both more secure and more convenient — possibly a first in cybersecurity.Most of us could be forgiven for not realizing passwordless authentication is more secure than passwords. Thinking back to the first couple of use cases I was exposed to — a phone operating system (OS) and a…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today