The Centrify “Privileged Access Management in the Modern Threatscape” survey found that 74% of enterprise data breaches involved access to a privileged account, but organizations don’t take some of the most basic steps to stop the abuse of privileged credentials
The 74% of enterprise data breaches involved access to a privileged account. It has been observed by Centrify cyber security experts in the “Privileged Access Management in the Modern Threatscape” survey. The sample are 1,000 IT decision makers in the U.S. and the UK. According to the company’s blog, they revealed privileged credentials remain hackers’ cyber attack vector of choice. Furthermore, despite being armed with this knowledge, most organizations aren’t taking some of the most basic steps to stop the abuse of privileged credentials. In fact, 26% of U.S. respondents expressed uncertainty concerning the very definition of privileged access management (PAM). Only 28% of respondents overall expressed a preference for PAM as a top 3 digital project. For comparison, 40% said digital transformation.
The cyber security experts: Legacy PAM solutions simply cannot secure modern attack surfaces
Other key findings from the Centrify Privileged Access Management in the Modern Threatscape survey include that 52% of enterprises don’t have a password vault. Furthermore 65% of respondent admit to sharing root or privileged access and 21% still have not implemented multifactor authentication on their superuser accounts. 63% said it takes their enterprise more than a day to remove the privileged access from an account in the event an employee leaves the company, and 45% explain they don’t use privileged access to secure their public and private cloud workloads. Finally, 72% of respondents don’t use privileged access to secure containers. The cyber security experts believe that “legacy PAM solutions simply cannot secure modern attack surfaces. Organizations need to quickly move to Zero Trust Privilege, backed by cloud-ready services that minimize the attack surface, improve audit and compliance visibility, and reduce risk, complexity and costs for the modern, hybrid enterprise.”