If the history of cyber threats has taught us anything, it’s that the game constantly changes: The bad guys show us a move. We counter the move. Then the bad guys show us a new one. Today, that “new move” is the vulnerable state of identities. Attackers realize that even if the network and every endpoint and device are secured, they can compromise an enterprise’s resources once they gain access to just one privileged account.
Attackers are increasingly focused on privileged identity account takeover attacks (ATOs) because they can compromise organizations much more easily and quickly this way, as compared to the time, effort and cost to exploit a software vulnerability (CVE). And we should not expect this trend to stop anytime soon, given that these ATOs have reduced attacker dwell times from months to merely days, with very little risk to attackers that they’ll be detected before completing their crime.
So, what should IT and security leaders and their teams do about this? Erik and I offered up the following best practices recommendations during our webinar: ...read more!
