Danger from within: why authorised access is the 'Trojan horse' of cyber security
Complacency around privileged users is IT's biggest hidden security weakness
Inside enterprises, privileged IT accounts with elevated levels of access are often the target of high-impact cyber attacks, warns a recent study from consulting firm Protiviti, with accounts used for IT support the most susceptible. But despite this, nearly 90% of companies operating in Europe haven't implemented a privileged IT user access management solution- and none of those surveyed had operated a fully protected, mature structure for user access management.
The findings are even more alarming given the study included a number of high risk industries dealing with sensitive customer data.
Jonathan Wyatt, global leader of managing the business of IT at Protiviti said that the role that authorised access and the insider play in security incidents is regularly understated and not managed effectively.
> See also: The enemy within: rise of the insider threat
'The combination of poor risk analysis and in sufficient communication of business impact of risks in non-technical language that is accessible to the board and senior executives, leads to a lack of understanding of the true business risks at executive committee level,' said Wyatt.
'This can result in the wrong investment decisions being taken, with the potentially catastrophic consequences of inadequate preparation against cyber threats Organisations must recognise that threats can emerge from within – either through negligence or malice – and prepare accordingly. Relying on trust alone is clearly not enough.'
As well as raising concerns around privileged IT user access management, the study found that most organisations have severely underdeveloped security solutions for data loss prevention, cyber security incident management and response. Such solutions will typically have a critical role to play in managing authorised access.
Over 60% avoid ‘mature’ solutions (those with proven effectiveness) and instead rely on trust for privileged IT user security.
'Organisations must increase the attention paid to developing their security posture in both a surgical and tactical manner,' said Ryan Rubin, managing director and EMEA lead for managing security and privacy.
'Otherwise, businesses run the risk of chronically underutilising existing systems, being left vulnerable and spending far more than they need to in order to ‘fix’ the intractable problem that cyber security presents. This only adds to the misconception that adequate protection is only possible at high cost – a view held by 90% of respondents in our European study. By leveraging solutions that focus on the management of internal threats targeting high risk areas of their business, many firms have significant potential to boost security and cut costs.'