The current threat landscape: How to prepare and protect your organisation

By Karl Lankford,
Director of Solutions Engineering, BeyondTrust

The world is an uncertain place, particularly for
cybersecurity professionals – many of whom have learned the hard way that they can’t
rest on their laurels. While new technologies and methods of attack are always emerging,
threats are constantly attacking organisations from both outside and in. In an
age where a cybersecurity incident is both imminent and expected, IT professionals
need to know what to look out for and, crucially, how to best prepare for a
security event.

The threat from within

When you hear the phrase ‘cyber threat’, it’s natural to
imagine a nefarious outsider carrying out an external attack. Yet, the reality
is that compromised access from employees is one of the biggest risks facing
businesses right now.

In the UK, poor security hygiene by employees continues to
be a challenge for most organisations. According to the 2019
Privileged Access Threat Report, staff
sending files to personal email accounts, for example, was cited as an issue by
64% of UK IT professionals, while colleagues telling each other passwords was a
concern for 65%. The report also highlighted that over a third (35%) are worried
about unintended data loss when employees use unsecured devices, and while 72%
of IT professionals agree that their businesses would be more secure if they
restricted employee device access, this isn’t usually realistic or a viable
solution, let alone conducive to productivity.

Both internal employees and third-party vendors need
privileged access to be able to do their jobs effectively, but require this
access granted in a way that doesn’t compromise security or impede
productivity. In the face of growing threats, there has never been a greater
need to implement organisation-wide strategies and solutions to manage and
control privileged access in a way that fits the needs of the user.

Continual employee education around
best practices is vital, but privileged access management (PAM) tools can also
help, especially since many of the insecure employee behaviours are easily
preventable with the right password security solutions.

What’s driving policy: internal problems or external factors?

With GDPR coming into effect last year, it’s unsurprising that last
year’s report found that compliance was one of the biggest drivers of
cybersecurity strategies, however this year’s survey has found that high
profile security breaches is the leading driver. Almost half (43%) say that
high-profile security breaches outside of their business, are having a
significant effect on the way they’re governing employee access, while GDPR
compliancy is taking a backseat as third most important (41%). Meanwhile, 42% cite concern of
unintended data loss from unsecured data devices as driving their policies on
employee network access.

The report also
found that the risks associated with the Internet of Things (IoT) posed a big
concern for the professionals surveyed, with 61% of UK businesses citing that
IoT devices pose a threat to security. Despite this, a majority (80%) are
confident they know how many IoT devices are accessing their systems, and 81%
are confident they know how many individual logins can be attributed to these
devices. At the same time, 41% of security decision makers perceive at least a
moderate risk from Bring Your Own Device (BYOD) policies.

More vendors, more exposure, less confidence

Many IT teams struggle enough in managing identities and
privileged access within their organisation. However, IT security professionals
must also control vendor access.

As the vendor ecosystem grows, the threat landscape evolves and
users should be granted specific role-based privileges. Organisations need to
accept that the way to mitigate risks is by managing privileged accounts
through integrated technology and automated processes that not only save time,
but also provide visibility across the environment. By implementing
cybersecurity policies and solutions that also speed business efficiency,
versus putting roadblocks in users’ way, organisations can begin to tackle the
privileged access problem.

Ideally, a
business’ own security best practices should also be extended to the vendors it
works with. 46% of UK organisations say they have more than 100 vendors logging
in regularly, highlighting the sheer scope of risk exposure, with 83%
admitting they trust third party vendors accessing their networks, a slight
increase to last year’s report. Trust in employee privileged access was cited
at 87% however, a decrease of trust from last year which was 91%.

In an age where
data breaches have immense financial and reputational implications for
businesses, it’s a stark reminder that UK organisations need to do more to
assess the level of trust they place in their third-party vendors.

How to combat cyber threats

So, what strategies are IT leaders implementing to address
the diverse array of privileged access challenges, and what has been effective?
The report did show that some organisations are managing these risks with a PAM
solution. From the research, these same organisations experience less severe
security breaches and have better visibility and control than those who use
manual solutions or no solution at all. In fact, 90% of UK organisations with
fully integrated PAM tools are confident they can identify specific threats
from employees with privileged access.

The next big issues in cybersecurity threat management

Although the level of perceived threat has remained fairly
consistent for both insiders and vendors, the threat landscape itself continues
to evolve with a number of emerging threats that need to be considered. New
technologies and platforms often introduce new risks. Artificial intelligence
(AI), for example, promises many benefits but there are still many assumptions
made about what the actual outcomes look like for organisations.

As we approach the next decade, issues around employee and
vendor access are not going away. As long as businesses have data and IT assets
to protect, new threats will continue to emerge. Yet, as 2019’s report has made
clear, it is possible to improve the visibility of threats and increase the
confidence over an IT environment’s security. With an appropriate number of well-integrated
PAM solutions, businesses can gain greater visibility and control of privileged
insiders and third-party vendors, and all without disrupting productivity. A
PAM solution implemented with the user experience in mind, can enable the automated
management of privileged access and remote access, while minimising the
vulnerabilities caused by employees and vendors. Combined with continual
education and intelligent device management, this gives organisations control
and visibility of their privileged access, helping them to protect critical data
and systems.

Comments are closed.