IT disaster recovery, cloud computing and information security news

44 percent of data breaches in the last year involved privileged identity

Nearly half (44 percent) of data breaches in the last year involved privileged identity according to a research report from Balabit. The report entitled ‘IT Out of Control’, also revealed that only two out of five (41 percent) of these privileged accounts are assigned to permanent employees with the majority being made up of contractors, vendors and third-parties. This is a problem that is getting worse, with 71 percent of businesses saying the number of privileged accounts in their network grew last year, and 70 percent expect the number of accounts to grow even more this year.

The IT out of Control eGuide is part of the Unknown Network Survey, which was conducted in the UK, France, Germany and the US, and reveals the attitudes of 400 IT and security professionals surrounding their concerns over IT security and their experience of IT security breaches, their understanding of how and when breaches occur and how they are trying to combat hackers and privileged account misuse.

When privileged accounts are misused in a data breach, often a malicious insider has misused their access, or a criminal hacker has hijacked the account through social engineering methods. Subsequently, finding the identity of the criminals is an impossible task. It should come as no surprise that IT teams have low confidence when it comes to having visibility of what is going on in their networks, with only 48 percent believing they can account for all permanent staff’s privileged access and the data they have access to. Only a further 44 percent believed they could account for all third-party vendors’ privileged access and the data they have access to.

This has led to 58 percent of respondents saying their company must take security threats related to privileged accounts more seriously.

Worryingly, 67 percent of respondents say it’s quite possible that former employees retain credentials and can access their old organization’s network.

This highlights the urgent need for the board to recognise the risks of privileged account misuse. More privileged accounts have led to increased risks for organizations. Simultaneously, it has become increasingly difficult for IT managers to keep track of who is accessing what data files and applications. As a result, ensuring that trust is validated and verified has become an overwhelming undertaking. In the same way that trusted employees can turn on a business, so can a vetted outsider.

www.balabit.com



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

   

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.