The index – a survey of more than 500 of the world’s most senior business leaders – noted that cybersecurity is firmly at the top of the agenda for boards of global enterprises, third only to the risks posed by high taxation and the loss of customers.
“With the risks to global organizations higher than ever, it is clear that cybersecurity has finally reached the attention of business decision makers across the enterprise – no longer just an agenda item but a key point of discussion,” said Matt Middleton-Leal, regional director for UK & Ireland at Cyber-Ark, in a statement.
The expectation of course is that decision makers will be taking proactive steps to review their security strategies. Middleton-Leal said that movement is being made to modernize security approaches as top executives begin to understand that they’re facing an ever-changing cyber threat landscape.
“Businesses are at last beginning to understand that the best way to mitigate the threat cybercrime poses is to approach security from the inside out – with the assumption that your organization has already been targeted, or even infiltrated,” he said. “Companies need to review their strategies and approaches so they are agile and can meet the ever changing threats.”
The abuse of privileged accounts in advanced cyber-attacks is one of the biggest concerns, he noted, which means that traditional enterprise security infrastructure, including over-reliance on perimeter protections, is in need of an “urgent overhaul” as businesses shore themselves up against breaches.
A recent report from CyberSheath (commissioned by Cyber-Ark) found that the absence of fundamental access control measures was a crucial factor in many of the recent high-profile attacks, including the South Carolina Department of Revenue, the University of Georgia, the NASA Jet Propulsion Library, Red October, Utah Department of Health, Toyota, the Swiss NDB Intelligence Service, Saudi Aramco and Global Payments.
Further, the report found attacks that use privileged accounts are more difficult to detect, shut down and remediate. They can delete logs to make forensic analysis more difficult, and can be used to install new malware to evade detection and open more doors. In addition, privileged account use appears as normal traffic flow and is not detected by traditional means, so that finding illicit privileged account use among legitimate processes is like finding a needle in a stack of needles.
“The perimeter is important, however it is only one layer of defense and is not capable of warding off advanced threats, or of monitoring unusual activity and intervening once attackers are already on the inside,” Middleton-Leal said. “An organization must be confident that its corporate networks and data are being managed and controlled in real-time and using advanced analytics in order to keep up with the escalating threat level.”
Then there is the human element to consider. A Ponemon Institute study released last month found that together, human errors and system problems accounted for 64% of data breaches in a global study, while prior research showed that 62% of employees think it is acceptable to transfer corporate data outside the company – and the majority never delete the data, leaving it vulnerable to leaks. This illustrates the large extent to which insiders contribute to data breaches and how costly that loss can be to organizations.
“An equally important component in a successful cyber strategy is training at all levels of the organization, as a simple mistake can also lead to a potentially disastrous loss of data,” concluded Middleton-Leal. “Education is particularly important for those in positions of privilege, including employees with access to both technical and business information via these sensitive credentials."