Unprotected Machine Identities Latest Concern in Enterprise IT Security
A new report from a privileged access management (PAM) company warns that IT security is deteriorating as businesses remain mired in deciding what to do and what it will cost.
Delinea, formerly Thycotic and Centrify, released research based on 2,100 global security decision makers on Tuesday, revealing that 84% of organizations experienced an identity-related security breach in the past 18 months. .
This revelation comes as companies continue to fight against the expansion of entry points and more persistent and advanced attack methods from cybercriminals. It also highlights the differences between the perceived and actual effectiveness of security strategies. Despite the high percentage of violations recognized, 40% of respondents believe they have implemented the right strategy.
Numerous studies have shown that credentials are the most common attack vector. Delinea wanted to know what IT security managers are doing to reduce the risk of attack. The study focused on learning how organizations adopt privileged access management as a security strategy.
Key findings of the report include:
- 60% of IT security decision makers are prevented from implementing an IT security strategy due to a host of concerns;
- Identity security is a priority for security teams, but 63% believe it is not understood by leaders;
- 75% of organizations will fail to protect privileged identities because they refuse to get the support they need.
Identity security is a priority, but board buy-in is essential
The growing policy that many executives seem to be following when it comes to IT efforts to provide better breach prevention is a lag in corporate commitment to taking action.
Many organizations are hungry for change, but three-quarters (75%) of IT and security professionals believe these promises of change will fail to protect privileged identities due to lack of business support , according to the researchers.
The report notes that 90% of respondents said their organizations fully recognize the importance of identity security in helping them achieve their business goals. Almost the same percentage (87%) said it was one of the most important security priorities for the next 12 months.
However, a lack of budget commitment and management alignment has resulted in a continued blockage in improving IT defenses. Some 63% of respondents said their company’s board still doesn’t fully understand identity security and the role it plays in enabling better business operations.
“While the importance of identity security is recognized by business leaders, most security teams will not receive the support and budget they need to implement vital security controls and solutions. to reduce major risks,” said Joseph Carson, Chief Security Scientist and CISO Advisory. in Delinea.
“This means that the majority of organizations will continue to fail to protect their privileges, leaving them vulnerable to cybercriminals seeking to discover and abuse privileged accounts,” he added.
Lack of policies puts machine IDs at great risk
Companies have a long way to go to protect privileged identities and access, despite the best intentions of business leaders. According to the report, less than half (44%) of organizations surveyed have ongoing security policies and processes in place for managing privileged access.
These missing security protections include password rotation or approvals, time or context-based security, and monitoring of privileged behaviors such as logging and auditing. More worryingly, more than half (52%) of all respondents allow privileged users to access sensitive systems and data without requiring multi-factor authentication (MFA).
Research highlights another dangerous oversight. Privileged identities include humans, such as domain and local administrators. It also includes non-humans, such as service accounts, application accounts, code, and other types of machine identities that automatically log in and share privileged information.
However, only 44% of organizations manage and secure machine identities. The majority leave them exposed and vulnerable to attack.
Source: Delinea Global Survey of Cybersecurity Leaders
Cybercriminals are looking for the weakest link, Carson noted. Ignoring “non-human” identities – especially when they grow at a faster rate than human users – dramatically increases the risk of privilege-based identity attacks.
“When attackers target machine and application identities, they can easily hide,” he told TechNewsWorld.
They move around the network to determine the best place to strike and cause the most damage. Organizations should ensure that machine identities are included in their security policies and follow best practices when it comes to protecting all of their accounts from IT “superusers” who, if compromised, could cripple the company as a whole, he advised.
The security gap is widening
Perhaps the most important finding of this latest research is that the security gap continues to widen. Many organizations are well on their way to securing and reducing cyber risk to the business. They face the challenge that large security gaps still exist for attackers to gain an advantage. This includes securing privileged identities.
An attacker only needs to find one privileged account. When companies still have many unprotected privileged identities, such as application and machine identities, attackers will continue to exploit and affect companies’ operations in exchange for a ransom payment.
The good news is that organizations are realizing the high priority of protecting privileged identities. The sad news is that many privileged identities are still exposed because securing human privileged identities is not enough, Carson explained.
The security gap is growing not only between the business and attackers, but also the security gap between IT managers and business executives. Although this is improving in some industries, the problem still exists.
“Until we solve the challenge of communicating the importance of cybersecurity to the board and the business, IT leaders will continue to struggle to secure the resources and budget to close the security gap” , he warned.
One of the biggest challenges in securing identities is that mobility and cloud identities are ubiquitous. This increases the complexity of securing identities, according to Carson.
Companies are still trying to secure them with the existing security technologies they already have today. But this comes with a lot of security gaps and limitations. Some companies even fail when trying to check off security identities with simple password managers, he said.
“However, that still means relying on business users to make good security decisions. To secure identities, you must first have a good strategy and plan in place. This means understanding the types of privileged identities that exist in the enterprise and using security technology designed to discover and protect them,” he concluded.