Why companies need to get serious about privileged account security

CyberArk VP of sales for APAC and Japan Vincent Goh warned of the rising insider threat amongst corporates.

Serious threats arising from unsecured privileged accounts appear to be growing with a recent survey from research firm Ponemon stating that more than half of IT operations and security managers believe their organisations are unnecessarily allowing individuals to access accounts that are beyond their roles or responsibilities. Furthermore, a startling 91% of over 700 respondents to the survey predicted that the risk of insider threats as a result of unsecured privilege accounts will continue growing.

To further understand the cyber-security issues surrounding privileged accounts, Singapore Business Review spoke with Vincent Goh, vice president of sales for Asia Pacific and Japan at global security firm CyberArk.

Goh also discussed how CyberArk could help companies put their security measures in place to protect their privileged accounts.

SBR: Can you elaborate more on privileged account security?

Unsecured privileged accounts represent the largest security vulnerability an organisation faces today. In the hands of an external attacker or malicious insider, privileged accounts allow attackers to take full control of an organisation’s IT infrastructure, disable security controls, steal confidential information, commit financial fraud and disrupt operations. These risks from within the organisation account for a large proportion of breaches, and they are often the most costly type of breaches.

What we do is provide our patented solutions that fully protect privileged passwords based on security policies and controls. These measures include securing, rotating, monitoring and controlling access to privileged accounts. Our system enables organisations to detect, alert, and respond to cyber-attacks targeting privileged accounts. The solution is designed to identify an attack in real-time and automatically respond to stop an attacker from continuing to advance the attack.

SBR: Why is it important for organisations to implement such a security?

Today’s IT infrastructure is not fully protected unless privileged accounts and their credentials are secured. Privileged accounts should be secured regardless of whether they are accessed by people or applications.

Privileged account security is the logical choice when it comes to securing your organisation. Reasons why it is important for organisations to implement privileged account security are as follows:

1. Privilege is the road most travelled – Privileged credentials give attackers the permissions necessary to access servers and steal data or go after the domain controllers and take control of the IT environment. If you block the escalation of privilege, you block the attack.

2. Privileged accounts represent the express lane to your domain controllers – If an attacker reaches the domain controllers, they own every piece of the infrastructure. They can create their own credentials and therefore, go anywhere they want. This means they can access any server which is essentially any asset or data on your network.

3. Your security systems need to be secure – Privileged accounts are embedded within every piece of security, database and network technology for them to be installed and managed. If you have a very comprehensive security for your firewall but not privileged accounts, it’s easy for the attacker to get those credentials and go right through your firewall.

4. A single solution to protect against insider threats and external attackers – Privileged account security protects against both a malicious insider who already has access to the credentials, insiders who make an error or do something they shouldn’t because of inappropriate access rights or external attackers who break in and steal those credentials. Privileged account security combines proactive controls with real-time detection on privileged activity. It’s important to know immediately when rogue insiders are misusing their privileged access to sensitive information.

At the end of the day, a malicious user on the network can get around any perimeter-based technology even though an organisation has the best technology on the perimeter. So it is the security of the privileged accounts that protects against those kinds of attacks. This is the last line of defence before your data and credibility of your organisation takes a walk out the door.

SBR: What is CyberArk all about?

CyberArk is a global security company delivering a new layer of IT security solutions that protect organisations from cyber-attacks. Dedicated to stopping attacks before they stop business, CyberArk proactively secures against cyber threats before attacks can escalate and do irreparable damage.

CyberArk is the market leader in Privileged Account Security. More than 50% of the Fortune 100 trust CyberArk to protect their highest-value information assets, infrastructure and applications.

SBR: What makes CyberArk stand out from competition?

With the most complete solution in the industry, only CyberArk protects enterprises from the ever-expanding threat landscape by locking down privileged accounts wherever they live: on premise, in the cloud or in hybrid environments.

Today’s motivated and diverse attackers continue to innovate and are working together against enterprises. That’s why we think it’s imperative to continuously push on the gas pedal of innovation. There is a cybersecurity arms race going on — and we always want to be ahead of the curve in terms of advanced research and development and how we are delivering new solutions to market.

To help us get there, CyberArk Labs and the CyberArk Red Team researches the most advanced attacks and looks for ways customers could better protect themselves. To date, CyberArk Labs has tested more than 600,000 ransomware samples – including WannaCryptor – in order to better understand common infection, encryption and removal characteristics. The team has since found that the combination of enforcing least privilege on endpoints and application greylisting control is 100% effective in preventing ransomware from encrypting files.

What also differentiates us is that CyberArk provides a new layer of security inside the network – what we call privileged account security. Privileged accounts represent the gateway to an organisation’s most valuable assets. That’s why cyber attackers covet them. It’s also why nearly all serious security breaches involve privileged accounts that attackers acquire, compromise and exploit. If such accounts fall into the wrong hands, considerable damage can be done – from IP theft and financial loss to complete network takeover. Essentially, CyberArk gives companies a suite of tools in order to protect themselves from the inside, including password management systems, secure proxy servers and threat analytics.

SBR: What is your plan/goal for CyberArk in 3-5 years?

My goal for the next three to five years is to continue growing CyberArk into a consistent and sustainable business. We want to provide the best to our customers, and to do that we are constantly focused on our customers’ success and developing an effective partner eco-system to support our regional customers.
Working with the extremely talented and dedicated CyberArk APJ team is a great contributor to our current success, with their passion to help organisations secure the heart of their enterprises. I’m confident that we will be able to build an ever more sustainable and successful CyberArk in APJ in the coming years.