Gartner: Privileged Access Management is the #1 Cyber Security Priority for 2018
A recent report from Gartner reveals the top IT Security Projects for 2018 with Privileged Access Management as #1, Application Control #4 and Protecting Endpoints #6. Before we get into why Privileged Access Management (PAM) is the #1 Cyber Security Priority in 2018, let’s take a quick look at what lead up to this change.
Senior executives are more involved in cyber security than ever before. In fact, cyber security is top of everyone’s mind in today’s hyper-connected world. Yet in spite of this, breaking news announces one cyber-attack after the next—from ransomware to data breaches and DDoS (Distributed Denial of Service) attacks—usually attributed to cyber-criminals or nation states, and almost always beyond our own country’s borders and laws.
So, with a limited budget, the CISO is continuously searching for ways to protect the business, partner and customer data they have been entrusted with, while at the same time looking to add value to the business.
But traditional security perimeters are no longer effective alone.
The traditional security perimeter is proving to no longer be an effective cyber security control, and fast-growing technologies like cloud, mobile and virtualization make the security boundaries of an organization blurry. For many years organizations have protected their valuable and sensitive information by building a fence around assets, and all the data that flowed in and out was either via a single internet access point or on physical devices. This meant that a traditional perimeter was an effective measure because the boundaries were known. As long as the internet access was controlled by the data that flowed through it, it was possible to protect, monitor and control that data.
Privileged access is the access most often targeted by cyber security threats because it leads to the most valuable information.
Organizations typically protected the internet access with firewalls, VPNs, access controls, IDS, IPS, SIEMs, email gateways and so forth, building multiple levels of security on the perimeter. And on physical devices systems management and antivirus protected those systems and kept them updated with the latest security patches.
This traditional security approach was used for almost 30 years. But in today’s world it is no longer effective alone. Privileged Access Management is the new cyber security perimeter and a very effective solution—it is significantly reducing organizations’ risks from cyber-attacks.
The CISO must make a positive impact on the business and at the same time empower employees to be a stronger security perimeter on the front-line.
Here is why PAM is #1 and why it should be your #1 priority in 2018 as well
Why is privileged account management the number one project according to Gartner?
‘Privileged Access’ encompasses access to computers, networks and network devices, software applications, digital documents, and other digital assets that upper management, IT administrators, and service account users have. This access allows more rights and permissions than those given to standard business users. Privileged access is the access most often targeted by cyber security threats because this access leads to the most valuable and confidential information, such as customer identities, financial information, and personal data.
PAM is MORE THAN SECURITY: IT SAVES MONEY
One of the major reasons that Privileged Access Management is the #1 priority for organizations in 2018 is that it saves them time and money—both of which can go back into their cyber security efforts—and it enables the CISO to get more done with the same budget. Most cyber security solutions only reduce risk, so most organizations spend valuable budget on security solutions that typically add no additional business value
However, this is not the case with Privileged Access Management because the right PAM solution makes employees more productive by giving them access to systems and applications faster and more securely. Implementing a PAM solution secures access to sensitive systems and reduces the risk of getting compromised by disclosed passwords on the dark web. PAM also reduces cyber fatigue and simplifies the process of rotating and generating new complex passwords.
All of these save valuable employee time which translates directly into cost savings for the business.
PAM is a POSITIVE SECURITY EXPERIENCE AND EMPOWERS EMPLOYEES
Privileged account management empowers employees to work more closely with the security team.
When was the last time you heard someone talk about how much they like their Antivirus Software or how great their firewall is at protecting the business? Chances are, never. But when employees talk about Privileged Access Management it’s a different experience.
Cyber security has never been a positive security experience for most employees. In many organizations there is tension between employees and the cyber security team due to the negative impact that many cyber security solutions have on productivity, resulting in employees looking for ways around them and greatly increasing risk.
Some individuals feel so frustrated that they give up trying to manage things safely and default to using the same passwords for multiple accounts
Many employees at work and home suffer from cyber fatigue—the frustration experienced in juggling scores of online accounts with multiple passwords needed to gain access to the information they use daily or hourly. In some cases individuals feel so frustrated that they give up trying to manage things safely and default to using the same passwords for multiple accounts, sharing passwords with family members, and logging on to the Internet using their social media accounts.
CISOs are looking for ways for employees to have a better experience with security, and the best way to do this is to implement a robust yet simple PAM solution. This will help remove one of the biggest causes of cyber fatigue and will generate new passwords and rotate them when they are stolen or compromised, which these days could be as often as every week.
At the same time employees are empowered to work more closely with the security team as Privileged Access Management makes them more secure both at work and at home. PAM creates a positive relationship between the cyber security team and employees. This is a MAJOR WIN for the CISO.
PAM is a FAST TRACK TO COMPLIANCE
A large number of organizations have to comply with industry and government regulations and it’s often a major challenge for the CISO to know where to start. Whether it’s PCI, ISO 27002, EU GDPR, Cyber Essentials or the NIST Framework, all of these have strong security control recommendations for access controls. This is where Privileged Access Management can help them get ahead quickly and develop a strong baseline.
To be compliant with many of these regulations organizations must have strong policies that cover privileged accounts, processes that cover provisioning/revoking privileged accounts, monitor usage, secure logons for privileged accounts, change vendor default passwords and audit privileged account usage, among many other security control requirements.
A PAM solution enables organizations to get in control of managing and securing privileged accounts to meet the needs of the access control requirement for a good number of the regulations. This is why Privileged Access Management helps organizations fast track their way to becoming compliant.
PAM HELPS YOU RECOVER QUICKLY FROM CYBER-ATTACKS
During a cyber-attack your Privileged Access Management solution enables you to quickly audit privileged accounts that have been used recently, discover whether any passwords have been changed, and determine which applications have been executed. It’s also a good idea to take a snapshot of the audit logs. You may have already prepared privileged accounts that are used explicitly for Incidents and enable them to be used by the technical and security team to quickly access systems.
Well-designed PAM software also lets you restrict access to sensitive systems, require additional approval processes, force multi-factor authentication for privileged accounts and quickly rotate all passwords to prevent further access by the attackers. PAM can help compare a baseline to before and after the incident, so you can quickly determine which privileged accounts might be malicious and audit the life-cycle. This is a good way to ensure you’ll recover and maintain the integrity of your privileged accounts.
PAM means you’re back to business quickly after a major incident!
PAM is a POWERFUL SECURITY SOLUTION AND MAKES A CYBER-CRIMINAL’S JOB MORE DIFFICULT
Yes, Privileged Access Management is a very strong and powerful cyber security solution that keeps most cyber-criminals moving to another target that is not using a PAM solution.
Integrating PAM as part of the broader category of Identity and Access Management (IAM) ensures automated control of user provisioning along with best security practices to protect all user identities. PAM security can also be integrated with Security Information and Event Management (SIEM) solutions. This provides a more inclusive picture of security events that involve privileged accounts and gives your IT security staff a better indication of security problems that need to be corrected, or those that require additional analysis.
PAM can also be used to improve insights into vulnerability assessments, IT network inventory scanning, virtual environment security, identity governance, and administration and behavior analytics. By paying special attention to privileged account security you can enhance all your cyber security efforts, helping safeguard your organization in the most efficient and effective way possible.
As you can see, while Privileged Access Management adds value to the business, it’s also a positive cyber security solution that helps companies meet compliance requirements. It’s also good at keeping cyber-criminals away and forcing good behavior from internal employees at risk of abusing their privileged access.
Some important things to consider:
PAM is the #1 Cyber security Priority for 2018 and—thanks to its excellent adoption rate—Thycotic is the #1 choice for complete Privileged Access Management, application control and protecting endpoints.
Your previous experience with older legacy Privileged Access Management software vendors may have been scary: it may have been complex, required expensive professionals, been very costly, taken years to implement (maybe you even had several kids during that time) or never got completely installed.
At Thycotic we have made Privileged Access Management a friendly solution. It’s simple and easy to use, can be easily learned by your own professionals, provides value for money, is fast to implement and provides a satisfying experience.