Intelligent CIO Africa Issue 10 | Page 54

INTELLIGENT BRANDS // Enterprise Security BeyondTrust reveals ‘5 deadly sins’ increasing the risk of data breach BeyondTrust’s annual survey, Five Deadly Sins of Privileged Access Management, reveals the attitudes and actions responsible for the contradiction of IT organisations struggling to secure sensitive information despite high levels of awareness. B eyondTrust, the leading cybersecurity company dedicated to preventing privilege misuse and stopping unauthorised access, has announced its annual privileged access management survey which identified the ‘Five Deadly Sins of Privileged 54 INTELLIGENTCIO Access Management’, and how they prevent organisations from effectively protecting sensitive information. identifiable information (86%), downtime of computing systems (85%), and loss of intellectual property (80%). For years, security experts have outlined best practices for privileged access management (PAM) in an effort to reduce problems associated with the abuse of privileged credentials. Despite this, IT organisations continue to struggle with privileged access management. Yet, despite these widespread concerns, Forrester research finds that 80% of data breaches are the result of the abuse or misuse of privileged credentials. The BeyondTrust survey finds these ‘5 Deadly Sins of Privileged Access Management’ are to blame for this contradiction between the fact that so many IT organisations struggle to secure sensitive information despite their high levels of awareness and commitment to PAM: To understand why, BeyondTrust recently surveyed nearly 500 IT professionals from around the world with involvement in privileged access management. Because so many attacks start with the misuse of privileged accounts, it is not surprising that respondents rated the following three security measures as somewhat to extremely important to their efforts: • Privileged access management (83%) • Privileged session management (74%) • Privileged elevation management (74%) When asked what issues keep them awake at night, respondents most often cited the misuse of personally 1. Apathy: When asked to list the top threats associated with passwords, respondents listed employees sharing passwords with colleagues (79%), employees not changing default passwords their devices ship with (76%), and using weak passwords like ‘12345’ (75%). Despite knowing better, respondents admitted that many of these same bad practices are common within their organisation. A third of the respondents report www.intelligentcio.com