One Article Review
| Source |  SecurityWeek |
|---|---|
| Identifiant | 513762 |
| Date de publication | 2018-03-14 17:58:03 (vue: 2018-03-14 17:58:03) |
| Titre | Organizations Failing Painfully at Protecting, Securing Privileged Accounts (Recyclage) |
| Texte | Legal Requirement for Cyber Insurance May be Necessary to Protect Privileged Credentials The need to manage privileged accounts is understood by practitioners and required by regulators, but poorly implemented in practice. Eighty percent of organizations consider privileged account management (PAM) to be a high priority; 60% are required by regulators to demonstrate privileged account management; but 70% would fail an access control audit. According to the 2017 Verizon Data Breach Investigations Report (DBIR), 81% of all hacking-related data breaches involved the use of stolen and/or weak passwords. The prize for hackers is gaining access to privileged account credentials. Once acquired, the adversary can move around the network with high capability and little visibility. Despite this, a new survey (PDF) by Thycotic demonstrates widespread poor implementation of PAM principles to protect key accounts. Thycotic queried nearly 500 global IT security professionals. In privileged account provisioning, it found 62% of organizations fail at processes for privileged access; 70% fail to fully discover privileged accounts (while 40% do nothing at all to discover these accounts); and 55% fail to revoke access after an employee is terminated. Even with strong controls, the report warns, "You cannot secure and manage what you do not know you have." However, most organizations have few and poor controls. Seventy-three percent of organizations do not require multi-factor authentication with privileged accounts; 63% do not track and alert on failed logon attempts for privileged accounts; and 70% fail to limit third-party access to privileged accounts. Related Webcast: Live on 3/21 - Reducing Privileges Reduces Risk Thycotic recommends a virtuous life cycle approach to privileged account management: define; discover; manage and protect; monitor; detect anomalous use; respond to incidents; and review and audit. Without automation, this will be impossible for anything but the smallest of companies. There are several companies -- including Thycotic -- that provide technology to assist. SecurityWeek spoke to the report's author, Joseph Carson, chief security scientist at Thycotic to understand why privileged account management is failing. "Organizations," he said, "are not measuring their security effectively. They continue to spend their budget blindly; and with limited budgets, they have difficulty in letting go of their l |
| Notes | |
| Envoyé | Oui |
| Condensat | $11 about access accounts accountscyber active ads articles async attack been before best birth but columns com/js/plusone computer contributor createelement current different document dozens endpoints failing faster: financial firm found from function getelementsbytagname gone google had has high https://apis identity improves industrial industry information insertbefore issues kevin last links long magazines many microsoft millionusual more news optimum: organizations painfully parentnode performance practices prevention previous privileged protecting published publishes raises remains reportiic reportsoc script securing security; securityweek senior short since solebit sophisticated specialized sponsored src t46 tags: tech text/javascript thousands threats times townsend townsend:organizations true; tweet type var writing years |
| Tags | |
| Stories | |
| Move | 
|
Les reprises de l'article (1):
| Source | SecurityWeek |
|---|---|
| Identifiant | 510601 |
| Date de publication | 2018-03-13 14:10:02 (vue: 2018-03-13 14:10:02) |
| Titre | SOC Performance Improves, But Remains Short of Optimum: Report |
| Texte | The good news is that security operations centers (SOCs) are becoming more efficient. The not-so-good news is that there is still considerable scope for improvement. This is the conclusion of the fifth annual Micro Focus State of Security Operations Report for 2018 (PDF), which draws on the experience of 200 assessments of 144 discreet SOC organizations in 33 countries. In greater detail, there has been an overall 12% improvement in SOC maturity -- the most significant shift yet in the five years of the survey. Despite this, the median SOC maturity level stands at just 1.42 across all industries; significantly below the Micro Focus recommended target of 3.0, The report uses the Micro Focus Security Operations Maturity Model (SOMM) methodology for assessments. This is based on the Carnegie Mellon Software Engineering Institute Capability Maturity Model for Integration (SEI-CMMI), which has been updated by Micro Focus at regular intervals to remain relevant with current information security trends and threat capabilities. SOMM evaluates SOCs on the basis of people and processes, technology, and business capabilities. Despite the remaining room for improvement, this year's results show that organizations are beginning to see a return on their security investments and are seeing more value out of the security solutions they have deployed. “Over the last five years, we have watched organizations attempt to achieve a complete security transformation by applying Band-Aids – such as the purchase of peripheral products or dismantling of solutions – only to find poor results and poor business alignment,” said Matthew Shriner, vice president, Security Professional Services for Micro Focus. “With that in mind, it is refreshing that when it comes to cyber defense capability, Micro Focus is seeing a much higher degree of operational sophistication than ever before. Nearly 25% of organizations assessed are meeting business goals, representing a nearly 10% year-over-year improvement.” The SOMM gives a rating between 0 and 5. '0' represents a complete lack of capability, while '5' is given for a capability that is consistent, repeatable, documented, measured, tracked, and continually improved upon. Micro Focus believes that enterprises should seek a maturity level of 3, while managed security service providers should target a level between 3 and 4. The reliable detection of malicious activity, and a systematic approach to managing that activity are considered to be the most important success criteria for mature cyber defense. Despite the overall improvement in maturity levels, the report notes that "20 percent of cyber defense organizations that were assessed over the past 5 years failed to score a security operations maturity model (SOMM) level 1. These organizations continue to operate in an ad-hoc manner with undocumented processes and significant gaps in security and risk management." Geographically, the top performing areas are South America (SOMM score of 1.89) and the Benelux countries (1.79). In both cases the |
| Notes | |
| Envoyé | Oui |
| Condensat | $30 about active ads articles attack been before best biocatch biometrics birth but columns computer contributor current cyberattacks detects different dofoil dozens endpointsbehavioral financial firm found from gone had has high improves incident industrial industry information institutionsmicrosoft issues kevin korea last linked links long magazines many massive microsoft millionnew news north optimum: performance practices previous published publishes raises remains report reportiic response securing security; securityweek senior short since soc specialized sponsored t46 tags: target tech thousands times townsend townsend:soc writing years |
| Tags | |
| Stories | |
| Move |
|
L'article ressemble à 1 autre(s) article(s):
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
|
2018-03-15 13:03:01 | (Déjà vu) Microsoft Publishes Bi-annual Security Intelligence Report (SIR) (lien direct) | !function(){if("undefined"==typeof powerbiresize){powerbiresize=1;var e=function(){for(var e=document.querySelectorAll("[pbi-resize=powerbi]"),i=0;i | NotPetya Wannacry |