Beyond Trust and GEC Media Group successfully completed the hosting of an executive round table on Privileged Access Management. The executive round table was held at the Address Boulevard in Dubai on 04 September. GEC Media Group’s Editor Arun Shankar was the moderator and introduced the participants through an ice breaker session. John Hathway, Regional Vice President Middle East and India and Michael Byrnes, Senior Solutions Architect, Middle East, led the discussion from the side of Beyond Trust.
The attendees at the round table included top security executives from Aldar Properties, Dubai Financial Market, Gulf Marine Services, Interserve Middle East, Jotun, Kuwait Finance House, MENA Energy, Ooredoo Oman, OSN Gulf DTH, Standard Chartered Bank, VPS Healthcare, amongst others.
Most of the queries and discussion from the end users centered around how to build robust security around the password vault that secures the credentials for privileged users.
Hathway took the attendees through an overview of Privileged Access Management, while Byrnes explained the hands-on and implementation procedures of the solution. The presentation indicated that BeyondTrust solutions attempt to disrupt the cyberattack chain.
Hathway explained that the attack chain is a common way to illustrate external attacks, which make up 72% of all attacks. Internal attacks are similar, they just start at step two. At a high level, external attacks start when an attacker gains network access by exploiting an asset vulnerability, like unpatched software.
Alternatively, by gaining a foothold through phishing or other social engineering tactics. Once inside the network, hackers seek to access sensitive data by hijacking the access privileges of legitimate users, or by leveraging stolen or weak passwords. They repeat the cycle to laterally move through the network to compromise additional assets and data.
Based on the vendor’s experience, externally-driven data breaches start when an attacker exploits an asset vulnerability or attempts to gain a foothold through a social engineering tactic, like phishing, where the aim is to obtain a credential.
Why does this happen? Systems on the perimeter are vulnerable to attack, and users can have too much privilege, making them targets. Once inside the network, the attacker hijacks privileges or leverages stolen or weak passwords. Unmanaged credentials and excessive privileges are the culprits here.
Once the attacker successfully becomes an insider, they can leverage those privileges and passwords to move laterally and exploit other resources to achieve their ultimate objective – your data. And most organisations do not have the visibility to connect the dots between excessive privileges and perimeter exploits.
Learning points
- The attack chain is a common way to illustrate external attacks, which make up 72% of attacks.
- Most organisations do not have visibility to connect excessive privileges and perimeter exploits.
- Externally-driven data breaches start when an attacker exploits an asset vulnerability or gains entry through social engineering.
- The aim is to obtain a credential gaining network user access.
- Unmanaged credentials and excessive privileges are culprits.