As #Infosec15 Ends, Time to Revisit the Benefits of Privileged User Management

Published: 05 June 2015

Kev Pearce

By Kev Pearce

Infosecurity Europe 2015 has just finished, and as they start unpacking the contents of London’s Olympia for another year it’s a great chance to take stock of some of the key trends in our industry. Now in its 20th year, the show – one of Europe’s largest pure play cyber security events – is always a perfect place to see who the movers and shakers are and what security professionals, industry experts and the like are talking about.

This year’s theme was: “Protect. Detect. Respond. Recover” – a message which chimes very much with our own at Osirium. Let’s see why.

Breaches soar

We need only look at the latest PwC Information Security Breaches Survey, launched at the show this week, to see the scale of the problem, and the costs involved for firms. It reported that nearly three-quarters of small firms and 90% of large businesses have now experienced a data breach – around a 10% increase on the previous year’s study. As far as costs go, they’re escalating too – more than doubling for large organizations to between £1.46m and £3.1m. Smaller firms also saw a significant rise, from £65k to £115k last year to £75k-£311k this.

Even though this report is widely regarded as one of the most accurate in the industry, it’s still likely only to capture a fraction of what is really going on. That’s because many cyber attacks today are highly targeted and deliberately crafted to fly under the radar of most traditional defences. This means they can remain hidden for weeks or even months, exfiltrating your most sensitive customer data and IP.

What’s more, targeted attackers are increasingly turning their attention to your IT department. You might think that they’re the most cyber savvy employees you have. But they’re no match for an enemy prepared to spend time carrying out detailed reconnaissance on your team to make sure that spear phishing email reaches the right person, and is so convincing that even they are fooled into clicking through.

Why are they being targeted? Because compromising a privileged user is like gaining the keys to the corporate kingdom. With these credentials, attackers have access to the most sensitive data an organisation holds without any need to escalate privileges. And remember, your IT department accounts are often above suspicion so that large downloads or other unusual behaviour won’t be flagged. In short, they get high level network access and stand very little chance of getting caught. A win-win for the bad guys.

#Infosec15 and Osirium

So what has that to do with this year’s Infosecurity Europe show? Well, the theme of “Protect. Detect. Respond. Recover” reflects the reality that while protecting the organization from a breach is still important, organizations are increasingly realising the importance of also building in cyber resilience to minimise the impact of a breach if it happens. Let’s be honest, a determined attacker with the right targeted attack tools and skills will be able to infiltrate even the best defended network.

This is where Osirium comes in. On the one hand our Privileged User Management technology is designed to protect organisations as much as possible from attacks aimed at those accounts which, if compromised, could do the most damage. We do this by separating the user’s system from their credentials so they don’t have to remember or type in a password/username. If there are no credentials to steal, it makes things much harder for the bad guys.

But we also provide Privileged Session Management so security and compliance managers can record, store and, if necessary, playback any activity across privileged accounts –adding a whole new level of visibility to proceedings. It’s all about raising secure authentication to new heights and shining a light on the whole process so you have a much better idea – if the worst happens – of what happened and how. It’s also worth noting that having this kind of transparency will also deter sysadmin malpractice and in so doing make firms more resilient in the process.

Information security, as attendees at this year’s Infosec Europe show I’m sure are painfully aware, is all about risk management. And with Osirium installed we think you can take a massive step towards lowering that risk exposure.

Release Date: 
Friday, 5 June 2015
Article Type: 
Blog Post
Author: 
Kev Pearce