wonderfully unique software solutions

Credential theft and insider attacks commonplace in last 12 months, says ThycoticCentrify

Around half of US respondents to a small ThycoticCentrify poll indicate either that privileged credentials were stolen from their organisation or that they experienced insider attacks in the past 12 months.

ThycoticCentrify’s CensusWide survey polled 150 US-based IT decision makers on questions around common access privilege threats and zero-trust adoption.

“In 85% of the privileged credential theft instances, cybercriminals were able to access critical systems or data. In addition, two-thirds of insider threats led to the use of administrative privileges to illegitimately access critical systems or data,” ThycoticCentrify’s Kali Linette wrote in a post on the company’s blog.

Around half of respondents also said they had suffered a data breach due to “giving an employee or contractor too much access” in the past 12 months, according to Linette.

IT administrators were most commonly targeted, with engineers, developers and the C-suite next, Linette said.

However, at the same time about three-quarters of respondents also indicated taking a zero trust approach to cybersecurity.

Most respondents had incorporated a privileged access management (PAM) tool into their security infrastructure, with the majority supporting a zero trust approach for verifying privileged users, Linette said.

Access and identification management vendor ThycoticCentrify has just announced a boost to service account governance in Thycotic Account Lifecycle Manager via integrations with cloud vaults including AWS Secrets Manager and Azure Key Vault.

Jai Dargan, vice president of product management at ThycoticCentrify, noted that privileged service accounts automatically connect business-critical applications, databases, root accounts, and other IT systems that contain sensitive information.

“Enterprises need usable security solutions with central oversight and consistent policies that are easy for teams that manage cloud platforms, applications, and devops tools to adopt,” Dargan said in the press announcement.

“Cloud-based service accounts are among the most challenging to govern because they can be commissioned by teams other than central IT.”

( Photo by Studio Republic on Unsplash )

Recent Articles

Hornetsecurity expands M365 cloud security offer with Vade deal

Cloud email security provider Hornetsecurity has added a partnership with Vade, increasing focus on answering data sovereignty requirements with best-in-class cloud, compliance...

Cross-browser testing provider BrowserStack named Microsoft ‘partner of choice’

Software testing platform provider BrowserStack has announced a strategic partnership with Microsoft to support Visual Studio App Center users transitioning to BrowserStack...

JetBrains rolls out full-line code completion for its IDEs

Developer tools company JetBrains has added to its AI-enablement tools with full-line code completion for its integrated development environments (IDEs), separate to...

OpenText renews X12 supply-chain data standards partnership

Enterprise information management (EIM) software vendor OpenText is renewing its partner licensing agreement with the X12 electronic data interchange (EDI) standards organisation.

LiveAction NPM performance extended for Cisco unified server users

Network intelligence from vendor LiveAction has been certified to work with high performance Cisco servers, increasing availability of its packet data and...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox