44 percent of data breaches in the last year involved privileged identity

Published: Friday, 01 June 2018 07:58

Nearly half (44 percent) of data breaches in the last year involved privileged identity according to a research report from Balabit. The report entitled ‘IT Out of Control’, also revealed that only two out of five (41 percent) of these privileged accounts are assigned to permanent employees with the majority being made up of contractors, vendors and third-parties. This is a problem that is getting worse, with 71 percent of businesses saying the number of privileged accounts in their network grew last year, and 70 percent expect the number of accounts to grow even more this year.

The IT out of Control eGuide is part of the Unknown Network Survey, which was conducted in the UK, France, Germany and the US, and reveals the attitudes of 400 IT and security professionals surrounding their concerns over IT security and their experience of IT security breaches, their understanding of how and when breaches occur and how they are trying to combat hackers and privileged account misuse.

When privileged accounts are misused in a data breach, often a malicious insider has misused their access, or a criminal hacker has hijacked the account through social engineering methods. Subsequently, finding the identity of the criminals is an impossible task. It should come as no surprise that IT teams have low confidence when it comes to having visibility of what is going on in their networks, with only 48 percent believing they can account for all permanent staff’s privileged access and the data they have access to. Only a further 44 percent believed they could account for all third-party vendors’ privileged access and the data they have access to.

This has led to 58 percent of respondents saying their company must take security threats related to privileged accounts more seriously.

Worryingly, 67 percent of respondents say it’s quite possible that former employees retain credentials and can access their old organization’s network.

This highlights the urgent need for the board to recognise the risks of privileged account misuse. More privileged accounts have led to increased risks for organizations. Simultaneously, it has become increasingly difficult for IT managers to keep track of who is accessing what data files and applications. As a result, ensuring that trust is validated and verified has become an overwhelming undertaking. In the same way that trusted employees can turn on a business, so can a vetted outsider.