How Fake ‘Insiders’ Can Hijack an Organization

How Fake ‘Insiders’ Can Hijack an Organization

How Fake ‘Insiders’ Can Hijack an OrganizationHow Fake ‘Insiders’ Can Hijack an Organization

Cyber-attackers posing as legitimate insiders with privileged accounts are at the core of most cyber-attacks, yet many IT leaders are unaware of the danger.

Top Concern: Stolen Admin, Privileged AccountsTop Concern: Stolen Admin, Privileged Accounts

38% of respondents said stolen administrative and privileged credentials are their No. 1 security concern. 27% cited phishing attacks. 23% cited malware on the network and 12% cited infected endpoints.

Most Difficult Stage to MitigateMost Difficult Stage to Mitigate

Asked when it becomes most difficult to stop the attack cycle, 61% of respondents cited privileged account takeover, up from 44% last year.

Time to Discover BreachTime to Discover Breach

55% of respondents believe they can detect a breach within days, with 25% saying they can detect one within hours.

Types of Attacks of Greatest ConcernTypes of Attacks of Greatest Concern

The types of attacks respondents are most concerned about are: Password Hijacking: 72%, Phishing Attacks: 70%, SSH (secure shell) Key Hijacking: 41%, Pass-the-Hash: 36%, Golden Ticket: 23%

Confidence in Cyber-StrategyConfidence in Cyber-Strategy

57% of respondents said they are confident in their organization’s CEO and/or boards ability to provide sound leadership regarding security strategy.

Confidence in Preventing Network BreachesConfidence in Preventing Network Breaches

56% of respondents said they are confident in their ability to prevent hackers from breaking into their network.

Leading Factors Responsible for Most BeachesLeading Factors Responsible for Most Beaches

48% of respondents blame most data breaches on poor employee security habits. 29% said technical sophistication of cyber-attacks are responsible.

Automated Privileged Account ManagementAutomated Privileged Account Management

Half of respondents’ organizations have automated the security of privileged accounts. The breakout: 51% have automated privileged account management system in place across their organization while 49% do not.

Is Compliance Sufficient to Prevent Breaches?Is Compliance Sufficient to Prevent Breaches?

90% of respondents do not believe compliance with industry regulations is enough to prevent a data breach.

Karen A. Frenkel
Karen A. Frenkel
Karen A. Frenkel is a contributor to CIO Insight. She covers cybersecurity topics such as digital transformation, vulnerabilities, phishing, malware, and information governance.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles