wonderfully unique software solutions

Credential theft and insider attacks commonplace in last 12 months, says ThycoticCentrify

Around half of US respondents to a small ThycoticCentrify poll indicate either that privileged credentials were stolen from their organisation or that they experienced insider attacks in the past 12 months.

ThycoticCentrify’s CensusWide survey polled 150 US-based IT decision makers on questions around common access privilege threats and zero-trust adoption.

“In 85% of the privileged credential theft instances, cybercriminals were able to access critical systems or data. In addition, two-thirds of insider threats led to the use of administrative privileges to illegitimately access critical systems or data,” ThycoticCentrify’s Kali Linette wrote in a post on the company’s blog.

Around half of respondents also said they had suffered a data breach due to “giving an employee or contractor too much access” in the past 12 months, according to Linette.

IT administrators were most commonly targeted, with engineers, developers and the C-suite next, Linette said.

However, at the same time about three-quarters of respondents also indicated taking a zero trust approach to cybersecurity.

Most respondents had incorporated a privileged access management (PAM) tool into their security infrastructure, with the majority supporting a zero trust approach for verifying privileged users, Linette said.

Access and identification management vendor ThycoticCentrify has just announced a boost to service account governance in Thycotic Account Lifecycle Manager via integrations with cloud vaults including AWS Secrets Manager and Azure Key Vault.

Jai Dargan, vice president of product management at ThycoticCentrify, noted that privileged service accounts automatically connect business-critical applications, databases, root accounts, and other IT systems that contain sensitive information.

“Enterprises need usable security solutions with central oversight and consistent policies that are easy for teams that manage cloud platforms, applications, and devops tools to adopt,” Dargan said in the press announcement.

“Cloud-based service accounts are among the most challenging to govern because they can be commissioned by teams other than central IT.”

( Photo by Studio Republic on Unsplash )

Recent Articles

Octopus Deploy deprecates Server authentication, certifies with HashiCorp

Devops-focused config management company Octopus Deploy has rounded off November with a trio of updates -- affecting Octopus Server developers, HashiCorp Vault...

SolarWinds and HCL expand enterprise AI for IT ops partnership

Infrastructure applications vendor SolarWinds and HCL Software are expanding their work together delivering enterprise AI and ITops management offerings.

N-able expands channel push with accelerated global support

Remote monitoring and management (RMM) specialist N-able is ramping up its support fot the distribution channel worldwide in a bid to increase...

Keeper Security finds multiple weekly cyberattacks on UK professional services

The IT systems of UK-based professional services and financial services providers are often attacked many times each week, according to a Keeper...

JetBrains previews new IntelliJ based Fleet IDE and editor

Developer tools company JetBrains has opened up public preview access to its Fleet integrated development environment (IDE) and editor.

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox