How Fake ‘Insiders’ Can Hijack an Organization

 
 
By Karen A. Frenkel  |  Posted 10-20-2015 Email
 
 
 
 
 
 
 
 
 
  • Previous
    How Fake ‘Insiders’ Can Hijack an Organization
    Next

    How Fake ‘Insiders’ Can Hijack an Organization

    Cyber-attackers posing as legitimate insiders with privileged accounts are at the core of most cyber-attacks, yet many IT leaders are unaware of the danger.
  • Previous
    Top Concern: Stolen Admin, Privileged Accounts
    Next

    Top Concern: Stolen Admin, Privileged Accounts

    38% of respondents said stolen administrative and privileged credentials are their No. 1 security concern. 27% cited phishing attacks. 23% cited malware on the network and 12% cited infected endpoints.
  • Previous
    Most Difficult Stage to Mitigate
    Next

    Most Difficult Stage to Mitigate

    Asked when it becomes most difficult to stop the attack cycle, 61% of respondents cited privileged account takeover, up from 44% last year.
  • Previous
    Time to Discover Breach
    Next

    Time to Discover Breach

    55% of respondents believe they can detect a breach within days, with 25% saying they can detect one within hours.
  • Previous
    Types of Attacks of Greatest Concern
    Next

    Types of Attacks of Greatest Concern

    The types of attacks respondents are most concerned about are: Password Hijacking: 72%, Phishing Attacks: 70%, SSH (secure shell) Key Hijacking: 41%, Pass-the-Hash: 36%, Golden Ticket: 23%
  • Previous
    Confidence in Cyber-Strategy
    Next

    Confidence in Cyber-Strategy

    57% of respondents said they are confident in their organization's CEO and/or boards ability to provide sound leadership regarding security strategy.
  • Previous
    Confidence in Preventing Network Breaches
    Next

    Confidence in Preventing Network Breaches

    56% of respondents said they are confident in their ability to prevent hackers from breaking into their network.
  • Previous
    Leading Factors Responsible for Most Beaches
    Next

    Leading Factors Responsible for Most Beaches

    48% of respondents blame most data breaches on poor employee security habits. 29% said technical sophistication of cyber-attacks are responsible.
  • Previous
    Automated Privileged Account Management
    Next

    Automated Privileged Account Management

    Half of respondents' organizations have automated the security of privileged accounts. The breakout: 51% have automated privileged account management system in place across their organization while 49% do not.
  • Previous
    Is Compliance Sufficient to Prevent Breaches?
    Next

    Is Compliance Sufficient to Prevent Breaches?

    90% of respondents do not believe compliance with industry regulations is enough to prevent a data breach.
 

Privileged accounts are at the epicenter of most cyber-attacks, but many organizations still struggle to identify and locate such accounts, according to a new study. Yet access to these accounts can lead to a "complete hostile takeover" of network infrastructure and stolen data, the report by security firm CyberArk revealed. The study, "Global Advanced Threat Landscape Survey 2015," results from interviews with 673 IT security and C-level executives in North America, Europe and Asia-Pacific. It provides statistics and debunks some respondents' beliefs and assumptions that although the majority of respondents express confidence in their organization's cyber-strategy, CyberArk said this is contradicted by how today's attacks are conducted and the security approaches deployed. Furthermore, the report states that C-level executives and boards can no longer blame sophisticated attacks or employees for security lapses. "This needs to be accounted for in a holistic security strategy that assumes motivated attackers will always find a way to breach a network," CyberArk warned.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login Register