Articles about Privileged Access Management

A new report into Microsoft vulnerabilities shows 2021 saw a 47 percent decrease in critical vulnerabilities, marking the lowest ever total since the report began.

The 2022 Microsoft Vulnerabilities Report from BeyondTrust also reveals that for the second year running, elevation of privilege was the #1 vulnerability category, accounting for 49 percent of all vulnerabilities.

Continue reading →

Privileged access management is not a new concept to most IT and security leaders, but we’ve seen a surge in cyber incidents focused on exploiting privileged access that have renewed its importance. From the Windows Print Spooler vulnerability of 2021 to the Okta breach that impacted hundreds of companies earlier this year, attackers continue to gain access through vulnerable credentials and use that access to move laterally and cause trouble at rapid speeds for Fortune 1000 organizations. While breaches happen, it’s unfortunate when something as simple as privileged access management could have thwarted the attackers.

As geopolitical tensions continue to rise on the cybersecurity front, it’s clear no one is spared from cyberattacks. With that, it’s more critical than ever before for organizations to closely review current privileged access management policies and solutions. Here are some best practices to think about when deciding how to approach PAM properly and securely.

Continue reading →

Many data breaches have unmanaged, misconfigured or exposed identity details at their core. Yet despite this, businesses continue to lack visibility into their identity risk.

A new study from Illusive reveals as many as one in six enterprise endpoints it analyzed had some form of identity risk.

Continue reading →

Despite the fact that admin credentials represent a major prize for hackers and cybercriminals, a new report reveals that 65 percent of organizations still rely on shared logins and 41 percent use shared SSH keys.

The survey of 600 DevOps professionals from infrastructure access platform strongDM shows that technical staff at 93 percent of organizations have access to sensitive systems.

Continue reading →

Failure to automate control of physical accounts is a major weak point in enterprise security according to a study released by Thycotic.

Among the findings are that a significant number of enterprises (28 percent) only audit privileged access management (PAM) on a quarterly or annual basis.

Continue reading →

With many large enterprises using Active Directory (AD) and Azure Active Directory (AAD) to control user permissions and access, this has become one of first places attackers look for weakness.

Add to this an acceleration of digital transformation projects due to the pandemic and more and more companies are looking to implement zero trust to stay secure. But a new report from One Identity suggests this transition may prove challenging.

Continue reading →

For the first time ever in 2020, the annual Verizon Data Breach Investigations Report included a section devoted to Privileged Access Management, leading with a jarring figure: 53 percent of all investigated breaches were due to the misuse of privileged accounts.

It makes sense that Privileged Access Management (PAM) would be vital to the security of an enterprise, as PAM controls access to administrative accounts -- or accounts that provide unlimited access to the systems which includes access to any sensitive data or important applications on that system. Bad actors gain access to these accounts by exploiting vulnerabilities like default and weak passwords, dormant accounts, and even leveraging social engineering tactics.

Continue reading →