Cyberattacks have been steadily rising in the last several years, yet appear particularly prominent as of late, with several high-profile cases making national headlines by not just affecting the breached organizations but having wide-ranging effects on everyday individuals. David Pignolet, founder and CEO of third-party identity management leader SecZetta, shared his perspectives on the rise of cyberattacks in the U.S. and what organizations can do to better safeguard themselves from these looming threats.
Recommended ITech News: IFS completes the acquisition of global Enterprise Service Management provider Axios Systems
“hackers don’t break in, they log in.”
David Pignolet’s Statement:
“From the SolarWinds cyberattack that compromised sensitive information of Fortune 500 companies and government agencies, to the ransomware attack on Colonial Pipeline that halted the flow of oil and gasoline across the Eastern Seaboard, and JBS Foods, another ransomware attack temporarily halting about 20% of beef production in the United States, the last few months have exposed just how vulnerable our nation and in particular critical infrastructure and OT environments are to cyberattacks.”
As our world becomes more digital, interconnected, and perimeter-less in terms of where and how companies conduct business, identity needs to be at the center of every organization’s security strategy. We often hear, “hackers don’t break in, they log in.” Unfortunately, most organizations lack an authoritative source, a key data resource for information that is used to make well-informed decisions about access, for their external workforce or “third parties.” While they grant access to their internal workforce based on their knowledge of each employee, they often have little to no information about the individuals from their external workforce (third parties like vendors, partners, freelancers, supply chain, etc.) yet readily grant them access to the same systems and data.
Recommended ITech News: Nutanix and Hewlett Packard Enterprise Announce Expanded Partnership to Accelerate Hybrid Cloud
Without an authoritative source of information for third-party individuals, organizations often don’t actually know who they have given access to; they grant excessive levels of access; provide access to high-risk individuals; and do not remove access once it is no longer needed. What makes this scenario even more problematic for organizations is the scale of the issue. The number of third-party individuals who have access at some organizations is actually exponentially greater than their number of employees. This creates a massive attack surface for bad actors and as a result, almost immeasurable risk for the organization.
Steps organizations can take today:
Know Your Third-Party Workforce: According to a 2021 Ponemon Institute study, 65% of organizations have not identified the third-parties with access to the most sensitive data of the organization.
Audit Those with Access: Organizations should conduct regular comprehensive user audits to ensure that users have access based on the least privilege, meaning the appropriate privileges for the appropriate resources at that specific point in time. It is also important to search for and remove active accounts for users who no longer need access.
Conduct Risk Ratings and Adjust Privileges Appropriately: While an organization may have carefully reviewed the security controls of a new partner or vendor, they must also assess the risk of each employee from those organizations who request access before access is granted. Risk rating should be a continuous process as risk factors, individual characteristics, and access needs evolve.
Recommended ITech News: Informatica Announces New Data Loading and Advanced ELT Integrations with Snowflake