Cybercrime is rising at a relentless rate. By the end of this year, the global annual cost of cybercrimes is expected to reach $6 trillion, double what it was in 2015.
A large majority of these crimes originate from compromised credentials. A recent ThycoticCentrify survey revealed cybercriminals were able to successfully access critical systems and/or data by using privileged user logins in 85% of instances. According to the survey, IT administrators were targeted the most (65%), followed by engineers and developers (21%) and C-suite executives (19%).
It’s easy to see why there has been such a huge surge in cybercrime when the conditions have made it easier for criminals to attack and harder for organizations to defend themselves. Employees have many interactions with fellow team members, customers and partners on a daily basis, but the rapid increase in remote working has shifted many of those conversations and exchanges online. As a result, it’s much harder to be certain the person you are communicating with is legitimate. It is also much more difficult to discover if an individual may have turned against the organization and abused their access.
The survey also revealed a majority of organizations are struggling to combat the theft of legitimate, privileged credentials (53%) and insider threat attacks (52%). Security teams find it hard to counter credential-based attacks because it is often difficult to recognize if the user is who they say they are. It can be even more of a problem when privileged users with access to sensitive company and customer information are targeted.
No single solution can entirely eliminate the threat of privileged credential abuse, but organizations can get a good start by adopting a Zero Trust philosophy. Put simply, organizations should apply a “never trust, always verify, enforce least privilege” approach to their cybersecurity strategy, whether the threat comes from inside or outside the network.
The good news from the survey is that most respondents (62%) were very familiar with the term and a large proportion (77%) believe they had already adopted a Zero Trust approach in their cybersecurity strategy. The main motivation for adopting this approach was to reduce cyberthreats (42%), followed by better compliance (30%), reducing privileged access abuse and inspecting and logging traffic/access requests (both on 14%).
There are some issues that are hindering the adoption of Zero Trust, including complicated or inadequate security solutions (57%), fear of disrupting user experience (43%), budget (38%), and staffing resources (30%).
Protecting your organization with Zero Trust
Zero Trust is built on a number of principles and applying them can help your enterprise defend itself from cybersecurity threats more effectively.
Enable multi-factor authentication (MFA) wherever possible
To stave off attacks from malicious actors using legitimate credentials to log onto a network, organizations need to add extra layers of protection for their users. MFA reduces the risk of accounts being compromised by adding a second form of authorization. At its simplest, this could be an SMS token sent via text message or a third-party app, or a fingerprint or face scan with a smartphone. Without that additional authentication, the user will not be verified or granted access.
MFA forces hackers to go beyond a username and password if they want to gain access. It should be standard for all users on a network and not just confined to administrators.
Manage your privileged users
Privileged credentials are very attractive to cybercriminals so they need to be managed and protected at all times. This means limiting movement within infrastructure and granting access to resources on a “just enough, just-in-time” basis. Privileged users should only be allowed access to the target systems, and only for the time required to complete the task.
Remember to protect non-human identities
There’s a new front opening up that organizations need to defend as they become increasingly dependent on non-human identities such as virtual machines, containers, microservices, and more. This is especially true in the DevOps pipeline. Many organizations forget to protect these identities, opening up another point of vulnerability for their data to be compromised. To fully adopt a Zero Trust approach, they need to implement privileged access solutions that seamlessly integrate in the DevOps pipeline to protect and validate non-human identities.
Incorporate a privileged access management tool into your security stack.
Perhaps the most effective starting point for adopting Zero Trust is a privileged access management (PAM) solution that can operate on-premise and in the cloud. The effectiveness of PAM can be demonstrated by the fact many organizations have already adopted it. The survey reported 83% of respondents had already incorporated a PAM tool into their security infrastructure and 89% of those services supported a Zero Trust approach.
Thanks to digital transformation, many businesses were able to continue operations over the past year as they adopted remote working on a massive scale. But this rapid transformation meant many enterprises didn’t have the time to evaluate whether or not they could trust the person on the other end of the screen trying to access their network.
By adopting a Zero Trust philosophy and incorporating a modern PAM solution organizations can minimize the risk from cyberattacks and continue to operate as normal.