Privileged accounts have become an important attack vector, and if a recent survey of mostly IT managers and executives is any indication that threat will continue to grow.
According to results of ID management provider Cyber-Ark’s sixth annual global “Trust, Security and Passwords Survey,” just under half of 820 respondents admitted if they were fired tomorrow, they’d walk out with proprietary data such as privileged password lists, company databases, R&D plans and financial reports — even though they know they are not entitled to it.
Given that admission, it’s no surprise 71 percent believe the insider threat is the priority security concern and poses the most significant business risk. As such enterprise executives says they are rethinking their security strategy, especially after last year’s well publicized attacks on RSA and Global Payments and the like, which they believe involved exploited privilege account access.
That said, despite growing awareness of the need to better monitor privileged accounts, only 57 percent say they actively do so. The other 43 percent weren’t sure or knew they didn’t. And of those that monitored, more than half said they could get around the current controls.
“These privileged accounts are often protected by weak or default passwords, which are seldom replaced,” according to a report on survey results released today. “Businesses that are not securing and managing these high-value targets are failing to uphold their responsibility for securing customer and similar sensitive information.”
Other findings include:
–45 percent said they have access to information on a system that is not relevant to their role
–42 percent indicated they or a colleague have used admin passwords to access information that was otherwise confidential
–55 percent believe competitors have received their company’s highly sensitive information or intellectual property – a significant increase from years past
“Privileged accounts are an organization’s most powerful access points and are the keys to unlocking a company’s most valuable asset – its data. With 42 percent of respondents claiming that they, or their colleagues, have used their administrator passwords to access confidential information, the potential for damage is huge if these accounts are not used for legitimate purposes,” the report states.
The survey was taken by IT staff and executives in North America (412) or Europe, Middle East and Asia (408). Results show just a little more than a quarter of all respondents believe current data breach notification laws have done much to curb data losses.
“Whether it’s a malicious insider looking to steal information, or an external attacker seeking to exploit privileged accounts to gain access to the network and sensitive information, it’s clear that privileged access points have emerged as the priority target of enterprise cyber-assaults. This pattern has been demonstrated in some of the most high-profile attacks including Global Payments, Utah Department of Health, and even with the recent Flame virus,” said Udi Mokady, founder and CEO of Newton, Mass.-based Cyber-Ark, in a prepared statement.