A 2017 study by the Hong Kong Productivity Council (HKPC) found that 18% of organizations still encountered privileged access security-related issues despite taking steps to audit and manage it. Further studies showed that there may not be gaps in awareness of the issue, but in the measures taken to combat it.
Last year, when the HKPC released the results of their latest cyber security readiness survey in 2019, it showed that although public sector entities, healthcare and non-governmental organizations (NGO) had improved its overall readiness, the group remained under-equipped to combat new cyber threats. Privileged access management had high adoption rates, but the traditional tactics of using passwords and manually granting access and approval were the top measures taken for internal staff and third parties.
Privileged access via credential software was the least adopted at only 25% for internal staff and 14% for third parties. Given these bodies are supposed to be among our most trusted organisations, this gap in security should be a source of great concern.
Government entities hold significant volumes of personally identifiable information that requires stringent protection. Attackers are always a step ahead of defenses looking for ways to circumvent them and infiltrate company systems to access valuable data.
This is where Privileged Access Management (PAM) can be highly useful. PAM tools proactively audit the access and administrative privileges associated with both human and machine user accounts. PAM can also restrict access to key controls and data, restricting access only to everyone except the users who need it.
In the event of a network breach, government agencies can quickly identify and isolate infected areas automatically, ensuring that access to vital information and assets located in other parts of the network remain safe, secure and uninterrupted. Compromised credentials play a central role in most targeted attack, so proactively managing these credentials, and the privileges associated with them, are essential for protecting public sector systems against cyberattacks.
Let us look at this in the context of a typical attack. Say the target information is held deep within the network. An attacker will probably start by establishing a route into the network via an endpoint (i.e. an end user's device). After gaining initial access and establishing persistence, the attacker will look to escalate the privileges associated with the user’s account to gain access to other systems and move closer to their target. From there, the attacker can continue to move laterally within the network until the target is reached, data is stolen, and operations are disrupted — or completely taken over. PAM helps prevent this from occurring by providing security on a user level, where it is needed most.
Faced with increasing cyberattacks, public sector agencies need to establish a proactive cybersecurity programme more than ever. PAM is an important tool to keep critical data protected. With this technology in place, the public agencies that we rely on, and entrust our personal information, stand the best possible chance of protecting valuable personal information.
Jeffrey Kok, vice president of solution engineer for Asia Pacific and Japan at CyberArk, wrote this article. The views and opinions expressed in this article are those of the author and do not necessarily reflect those of CDOTrends. Photo credit: iStockphoto/ohishiistk