wonderfully unique software solutions

Credential theft and insider attacks commonplace in last 12 months, says ThycoticCentrify

Around half of US respondents to a small ThycoticCentrify poll indicate either that privileged credentials were stolen from their organisation or that they experienced insider attacks in the past 12 months.

ThycoticCentrify’s CensusWide survey polled 150 US-based IT decision makers on questions around common access privilege threats and zero-trust adoption.

“In 85% of the privileged credential theft instances, cybercriminals were able to access critical systems or data. In addition, two-thirds of insider threats led to the use of administrative privileges to illegitimately access critical systems or data,” ThycoticCentrify’s Kali Linette wrote in a post on the company’s blog.

Around half of respondents also said they had suffered a data breach due to “giving an employee or contractor too much access” in the past 12 months, according to Linette.

IT administrators were most commonly targeted, with engineers, developers and the C-suite next, Linette said.

However, at the same time about three-quarters of respondents also indicated taking a zero trust approach to cybersecurity.

Most respondents had incorporated a privileged access management (PAM) tool into their security infrastructure, with the majority supporting a zero trust approach for verifying privileged users, Linette said.

Access and identification management vendor ThycoticCentrify has just announced a boost to service account governance in Thycotic Account Lifecycle Manager via integrations with cloud vaults including AWS Secrets Manager and Azure Key Vault.

Jai Dargan, vice president of product management at ThycoticCentrify, noted that privileged service accounts automatically connect business-critical applications, databases, root accounts, and other IT systems that contain sensitive information.

“Enterprises need usable security solutions with central oversight and consistent policies that are easy for teams that manage cloud platforms, applications, and devops tools to adopt,” Dargan said in the press announcement.

“Cloud-based service accounts are among the most challenging to govern because they can be commissioned by teams other than central IT.”

( Photo by Studio Republic on Unsplash )

Recent Articles

N-able rebrands RMM as N-sight – targeting IT teams and emerging MSPs

N-able has relaunched its RMM remote monitoring and management as N-able N-sight RMM, with a view to attracting more IT departments and...

Stormshield and partners warn of cybersecurity risks to Paris 2024

Giant global events -- such as the Paris 2024 Olympic Games -- can expect to continue to be targeted by cyber criminals...

Usecure builds security awareness focus, adds platform functionalities

MSP-focused security vendor Usecure is continuing to expand the capabilities of its human risk management focused software for partners.

Phishing attacks still plague common file types, Hornetsecurity warns

Phishing via archive, HTML, Excel or PDF files remain the leading email-based cyber attack on organisations, according to cybersecurity specialists at Hornetsecurity.

How TechSmith video-based learning can boost diversity and inclusion

When Hillsborough Community College in the USA wanted to create a remote-learning platform to assist students who use sign language, it turned...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox