wonderfully unique software solutions

Credential theft and insider attacks commonplace in last 12 months, says ThycoticCentrify

Around half of US respondents to a small ThycoticCentrify poll indicate either that privileged credentials were stolen from their organisation or that they experienced insider attacks in the past 12 months.

ThycoticCentrify’s CensusWide survey polled 150 US-based IT decision makers on questions around common access privilege threats and zero-trust adoption.

“In 85% of the privileged credential theft instances, cybercriminals were able to access critical systems or data. In addition, two-thirds of insider threats led to the use of administrative privileges to illegitimately access critical systems or data,” ThycoticCentrify’s Kali Linette wrote in a post on the company’s blog.

Around half of respondents also said they had suffered a data breach due to “giving an employee or contractor too much access” in the past 12 months, according to Linette.

IT administrators were most commonly targeted, with engineers, developers and the C-suite next, Linette said.

However, at the same time about three-quarters of respondents also indicated taking a zero trust approach to cybersecurity.

Most respondents had incorporated a privileged access management (PAM) tool into their security infrastructure, with the majority supporting a zero trust approach for verifying privileged users, Linette said.

Access and identification management vendor ThycoticCentrify has just announced a boost to service account governance in Thycotic Account Lifecycle Manager via integrations with cloud vaults including AWS Secrets Manager and Azure Key Vault.

Jai Dargan, vice president of product management at ThycoticCentrify, noted that privileged service accounts automatically connect business-critical applications, databases, root accounts, and other IT systems that contain sensitive information.

“Enterprises need usable security solutions with central oversight and consistent policies that are easy for teams that manage cloud platforms, applications, and devops tools to adopt,” Dargan said in the press announcement.

“Cloud-based service accounts are among the most challenging to govern because they can be commissioned by teams other than central IT.”

( Photo by Studio Republic on Unsplash )

Recent Articles

SCORM compliance and why it matters for e-learning

Learning management systems (LMS) and e-training content that comply with the Shareable Content Object Reference Model (SCORM) help ensure consistency across corporate...

LastPass signs new CIO for passwordless innovation versus AI threat

Password management software vendor LastPass has hired a new chief information officer (CIO) to drive sales, anticipating demand in line with potential...

Miro rolls out Enterprise Guard to solve puzzle of compliant visual collaboration

Digital whiteboard software company Miro has unveiled a security and compliance layer for organisations using its software for teams working collaboratively, especially...

How Stormshield IPsec protects customers via Diffusion Restreinte

Civilian companies can benefit from adoption of cybersecurity with the French government's 'Diffusion Restreinte' label, not just military and government organisations or...

GFI seeks to grow MSP opportunity in expanded EMEA channel

GFI Software has been ramping up its marketing around the managed services provider (MSP) opportunity, building out its channel, developing its offerings...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox