Working with IT security industry experts for more than a decade, you hear a lot of interesting vulnerability stories. The kind that start with phrases like, “one time, when we got hacked … it was a nightmare.”
If you’re responsible for maintaining cyber resilience for your organization’s critical IT data and systems, this your month to celebrate a job well done. October is Cybersecurity Awareness Month. Micro Focus, and our NetIQ CyberRes team, would like to acknowledge your efforts including threat protection and prevention, or sleepless nights of triage against active threats to your organization.
Here’s the challenge: thwarting bad guys that relentlessly carpet bomb your systems with bots and social engineering to get access to your most critical data and systems has gone to a never seen before level of sophistication. This takes a solid team of experts in your organization to not only monitor and enforce cyber resilience, it takes another team of experts and solutions to monitor the team that enforces cyber resilience. “Who’s watching the watchers,” is a fitting idiom.
Today, IT security professionals must combat attack vectors from hackers across a broad landscape that includes a hybrid mix of cloud and on-prem server environments, multiple software languages, and a myriad of devices that require unfettered access to an organization’s systems and software services to get work done quickly.
Highly adaptable IT teams that collaborate, quickly modify, and deliver secure IT services are a must have. I reckon one of the most important places to build upon this gigantic undertaking of delivering secure IT services is to focus where it matters most. Protect the crown jewels. This means managing the users and machine-to-machine accounts with elevated access credentials.
Protecting against Cyber Attacks
According to the latest research about privileged access management from Paul Fisher at KuppingerCole:
“Privileged Access Management (PAM) is an essential component in protecting organizations against cyber-attacks, ransomware, malware, phishing, and data leaks. No longer only for protecting admin accounts, privilege management now extends across the entire organization -from on premises and cloud infrastructures to every user, no matter where they are working from, or what they are accessing which is how you manage your privileged access management to protect your most critical assets.”
Here are a few supporting details that support the analyst’s point of view:
- The top challenges for administrators of AD are directly aligned with privileged identity security, policy, and compliance.
- Malicious hackers stole cryptocurrency from 6,000 customers using a vulnerability to bypass the company’s SMS multi-factor authentication security feature from Coinbase, the world’s second-largest cryptocurrency exchange.
Attackers who gain access to privileged user credentials or accounts will often lurk undetected for months while they learn a company’s systems and decide what they can exfiltrate for financial gain. This includes entire databases of customer or workforce information such as usernames and passwords, Or worse? The ability to take over systems for ransomware, like the Colonial Pipeline attack. By using privileged credentials, hackers can delete activity logs to hide their activity.
According to the KuppingerCole report:
“Vendors, both traditional and new have been responding to the demand and critical need for advanced PAM that can meet the challenges of the modern computing era. Among key negative activities that PAM must control are abuse of shared credentials, misuse of elevated privileges by unauthorized users, theft of privileged credentials by cyber-criminals and abuse of privileges on cloud infrastructure.”
How can NetIQ help you manage this?
A CyberRes Point of View
From a NetIQ CyberRes point of view, we recommend focusing your privileged account management solutions in way that makes it easier to visually manage the ever-growing landscape of environments that serve, manage, or host your most critical services and data assets – aka the crown jewels. This Privileged Account Manager webinar from NetIQ experts is a great presentation and demonstration can help your organization understand why monitoring both privileged users and machine-to-machine privilege accounts can help you avoid data breaches and ransomware attacks. The webinar covers topics around:
- Risk-aware privileged management using risk scores
- Audit best practices into privileged access rights
- How to leverage your policy definition process using intuitive interfaces
- How to implement real time monitoring of privileged sessions
- How to stop risky commands before they are executed
- And how to securely support multiple LDAP and Microsoft directory sources from one central console
In addition to watching the webinar, you can download a complimentary copy of the KuppingerCole report on Privileged Access Management.
NetIQ provides security solutions that help organizations with workforce and consumer identity and access management at enterprise-scale. By providing secure access, effective governance, scalable automation, and actionable insight, NetIQ customers can achieve greater confidence in their IT security posture across cloud, mobile, and data platforms.
NetIQ is part of CyberRes, a Micro Focus line of business.