The Weak Point in Cyber Security

The best place to start is by securing a well-known defensive weak point: privileged access that has administrator-level powers.

Green numbers showing cyber and a hacker entering the system

Cyber insurance, once a luxury, is now becoming a part of an organization's cyber resiliency toolkit, along with incident response readiness. However, in the face of accelerating insider cyber crime, a rise in ransomware attacks and other threats, some insurers are increasing their premiums. Others are simply exiting the market altogether. As a result, cyber insurance is becoming more expensive and harder to obtain. This is a matter of insurability.

Behind all of this, there is the upfront cost of making sure your organization is first equipped to satisfy the increasingly rigorous security controls to meet the coverage qualification criteria. To simply qualify for protection, businesses must be able to demonstrate their cyber resilience and prove they have deployed appropriate protection.

We argue that the best place to start is by securing a well-known defensive weak point: privileged access that has administrator-level powers.

Keep Your Privileged Access in Check

If an attacker manages to crack into a privileged user account, they gain the literal keys to the kingdom, and it could be game over for defenders. This is one reason why businesses should ensure key corporate assets are only accessible to authorized users with the right security controls satisfied.

Privileged Access Management (PAM) is one of the best solutions to protect and manage access. Yet, as well as improving an organization's security posture, a PAM solution also demonstrates that a business has reduced the risks and is better prepared to face the latest threats. We are not alone in making this claim, because underwriters are also now questioning clients as to whether they have deployed secure access solutions before signing off on insurance policies. PAM should therefore be a foundational part of any organization's cybersecurity posture and readiness.

Insurers evaluate cyber risk using a variety of models and metrics. Cowbell Cyber, for instance, uses specific factors that rate an organization's cyber risk along eight criteria: Network Security, Cloud Security, Endpoint Security, Dark Intelligence, Extortion, Funds Transfer, Compliance and Software Supply Chain. They assess an organization's insurable threats and map them to risk exposures, on a continuous basis. The result: a cyber insurance policy tailored to your risk and business needs.

The methods of assessing risk will vary among providers, but they are all looking for the same fundamentals: strong cybersecurity defenses that respond to the latest threats. Secure access is an important part of risk reduction insurers are looking for when making insurance premium decisions.

The authoritative Verizon Data Breach Investigations Report 2021 found that 61% of breaches involved credentials, with stolen credentials used in 25% of breaches. It is so easy to buy or steal passwords that organizations must be realistic about the limited protection they offer. PAM is a more robust way of securing access, protecting privileged accounts from unauthorized access and limiting the potential damage of an incident.

See also: Cyber: Black Hole or Huge Opportunity?

Managing Privileged Access

A PAM solution monitors administrator accounts to ensure only authorized users are accessing its network and promptly catches any suspicious activity. For example, a PAM solution would be on high alert if a privileged account started to access large amounts of sensitive data or if a high number of privileged user accounts were suddenly accessed outside of normal business operations or from suspicious network locations.

Users rely on PAM tools for protection against external and internal threats. PAM solutions effectively reduce risk by their ability to recognize and stop unusual behavior before it becomes damaging to the network. Key features in a PAM solution include orchestration and automation. The orchestration of the PAM solution keeps functions running smoothly, giving other critical solutions the access they need without increasing the risks, such as integration with vulnerability assessment or data loss prevention solutions. PAM ensures a multifaceted defense system that shuts down any potential risks and provides seamless, secure access when needed on demand. The automation feature in PAM manages authentication, authorization and monitoring, with no added work for security teams such as rotating passwords after a task has been completed.

As an extra layer of security for privileged accounts, multi-factor authentication (MFA) assists in protecting privileged accounts from unauthorized access for a greater amount of workflows, systems and users.

As attacks continue to grow in volume and sophistication, cyber insurance policies have had to constantly adapt and raise their requirements for businesses. They expect businesses to have a comprehensive security posture in preparation for a wide variety of attacks. Businesses that have already deployed PAM and MFA solutions in their security systems will certainly be more appealing as insurers look to evaluate their coverage options.

Joseph Carson

Profile picture for user JosephCarson

Joseph Carson

Joseph Carson is the chief security scientist and advisory CISO at Delinea.

He has more than 25 years of experience in enterprise security and infrastructure. Carson is an active member of the cybersecurity community and a certified information systems security professional (CISSP). He is also a cybersecurity adviser to several governments, critical infrastructure organizations and financial and transportation industries, He speaks at conferences globally.


Read More