Home » Cybersecurity » Identity & Access » Survey’s surprise finding: Only half of organizations believe they can stop cyber attacks

Survey’s surprise finding: Only half of organizations believe they can stop cyber attacks

If they are being honest with you, any CISO will tell you that they are well aware of the fact that their organization can be breached. None, at least none that I know, would contend that they are impenetrable when it comes to cyber-attack. Not with a straight face, anyway.

But how many of those CISOs would believe that their organization is so weakly defended that an attacker could breach their systems each and every time they tried — like a an unpatched Windows 2000 Server connected directly to the internet?

Surprisingly, a recent survey found that to be precisely the case among many of its respondents. To be exact, half of the respondents to a new survey from privileged account technology provider CyberArk believe that their organization can be breached each and every time an attacker tries.

Additionally, the survey found that DevOps, robotic process automation and the cloud are compounding the risks enterprises face and, presumably, making such attacks easier. That is, at least according to this pool of respondents.

When it comes to effectively managing privileged access to resources, the CyberArk report found less than half of organizations have a privileged access security strategy in place for DevOps, IoT, or robotic process automation.

“This creates a perfect opportunity for attackers to exploit legitimate privileged access to move laterally across a network to conduct reconnaissance and progress their mission,” CyberArk found.

This is very precarious. It’s critical that privileged accounts be properly managed because once attackers get through defenses and find privileged accounts within internal systems, they can be exploited to move throughout the organization. When not properly managed, privileged accounts can sit unused. These unused, or orphaned accounts, can then be hijacked and used in attacks. The same is true for privileged accounts that lack strong authentication or are protected with weak and default passwords.

Privileged accounts also have administrative access and provide attackers the means they need to steal data and wreak havoc. “Preventing this lateral movement is a key reason why organizations are mapping security investments against key mitigation points along the cyber kill chain, with 28 percent of total planned security spend in the next two years focused on stopping privilege escalation and lateral movement,” CyberArk said.

Here are the top threats survey respondents said they’re most concerned about, and the survey also found that most have yet to get a handle on privileged account management:

• 78 percent identified hackers in their top three greatest threats to critical assets, followed by organized crime (46 percent), hacktivists (46 percent) and privileged insiders (41 percent).
• 60 percent of respondents cited external attacks, such as phishing, as one of the greatest security risks currently facing their organization, followed by ransomware (59 percent) and Shadow IT (45 percent).
• 84 percent state that IT infrastructure and critical data are not fully protected unless privileged accounts, credentials and secrets are secured.
• Despite this, only 49 percent have a privileged access security strategy in place for protecting business critical applications and cloud infrastructure respectively, with even fewer having a strategy for DevOps (35 percent) or IoT (32 percent).
• Further, only 21 percent understood that privileged accounts, credentials and secrets exist in containers, 24 percent understood that they exist in source code repositories and 30 percent understood that they are present in privileged applications and processes such as RPA.

The survey shows that organizations know what they must do better when it comes to security, both in keeping malicious actors out of their systems entirely as well as making it harder for attackers to be successful once inside. This should include a way to effectively manage privileged accounts as well as roll new technologies such as IoT and RPA into their organizational-wide security risk management efforts.