Centrify expert on confronting the cyberthreat from every angle
John Andrews, VP, Centrify, discusses why businesses and organisations should consider a zero trust approach to cybersecurity

Centrify expert on confronting the cyberthreat from every angle

While much attention is given to well-known external threats targeting consumers and businesses, less interest is taken in the rising tide of privilege access management attacks, which leave companies vulnerable to severe and lasting damage. John Andrews, VP, Centrify, discusses why business leaders should consider a change to their cultural approach to security and adopt a zero trust approach, assuming that every log-in is a potential threat.

The advancements which have been made within the IT industry in the 21st century have led us to a complete and utter dependence on technology in both our personal and professional lives. Not a day goes by without consumers and workers using a multitude of technological devices. This dependence and sheer volume of usage has unfortunately made such devices a prime target for hackers, who are seeking access to personal and financial data by any means necessary.

There is an obvious correlation between technological advancements, the sophistication of cybercriminals and the scale of damage caused by modern day cyberattacks. In an age when we are so reliant on technology, hackers will continue to invent new and increasingly sophisticated ways to cause harm.

In fact, recently, the largest collection of leaked data in history was discovered by a security researcher. The 87GB trove consisted of over one billion unique combinations of email addresses and passwords and was likely compiled from thousands of different sources.

This data was posted to an Internet forum for anyone and everyone to access, for the purpose of bulk testing combinations of email addresses and passwords. Most worryingly, it is likely that a vast majority of the victims from this data leak, dubbed ‘collection #1’, are completely unaware that their email address or password has even been compromised.

However, cybercrime does not just affect the casual Internet surfers. Cyberattacks can cause catastrophic damage to businesses, charities and even the UK’s National Health Service (NHS). Arguably the most famous UK attack, the WannaCry hack was carried out in May of 2017 and caused 200,000 computers worldwide to lock-out users, demanding a ransom in the cryptocurrency, Bitcoin.

The effects were devastating – in the UK, more than 19,000 important NHS appointments were cancelled, costing the NHS £20 million initially, followed by a further £72 million in the subsequent clean-up and upgrades of its IT systems.

However, while it’s often the cyberattacks on huge companies that make national headlines, it’s also important to remember that small and medium-sized businesses and organisations are just as prone to an attack. In fact, the 2018 Cyber Security Breaches survey found that 19% of charities and a staggering 43% of businesses had reported cybersecurity breaches or attacks in the last 12 months.

The average financial impact for each successful attack was £3,100 for businesses and £1,030 for charities. It is worth noting that this figure does not even include permanently lost or damaged files containing important data, corrupted software and systems, and stolen assets or intellectual property.

Contrary to popular belief, these cybersecurity issues do not just disappear as soon as the relevant systems have been upgraded and a firewall or malware detection software has been put in place, for example. In fact, cybercrimes have increased rapidly in the modern day, even in spite of a major boost in global cybersecurity expenditure – which was estimated by Gartner to be over US$114 billion in 2018.

The reason an increase in spending contradicts the increase in cyberattacks is simply because business leaders and employees fail to fully confront the cyberthreat from all angles. Admittedly, this is understandable: the representation of cyberattacks in the media seems to have convinced a majority of the population that all cybercriminals are elite groups of internationals with refined hacking skills and a host of sophisticated tricks to circumvent sophisticated cybersecurity technology. This is certainly not the case. In fact phishing, credential harvesting and weak passwords are some of the leading causes of any cyberattack because they’re easy. Most cyberattackers no longer ‘hack’ in – they log in.

Moreover, it takes a lot more than cybersecurity software to ensure your company, business or organisation is as safe as it can be. For a start, business leaders must begin to understand that perhaps an employee who is logging into a system should not be trusted fully. This is not to say every company has at least one employee who actively leaks out passwords and sensitive information for a reward; what’s more likely is that certain employees might be careless with the essential cybersecurity measures that must be in place. For example, weak passwords (often saved to a cloud system), leaving an account logged in to the system when it is not being used and general mismanagement of sensitive data could open any organisation up to a cyberattack.

Many businesses have adopted password-vaults where privileged access credentials are safely stored, only available to be accessed by approved identities. These password-vaults store the ‘keys to the kingdom’ and if compromised could be the be-all-and-end-all for any organisation.

However, essential internal cybersecurity measures go a lot further than just simply a password-vault. In our increasingly dangerous digital world, businesses can no longer just assume a user is who they say they are, merely because they entered the correct login information.

In order to ensure cybersecurity measures are maintained at all times, organisations must seriously consider adopting a zero trust approach to security, especially when it comes to privileged access. This is a strategy that assumes every user is a potential security threat and mitigates risk by making every user verify their identity before being granted access or privilege.

Of course, there is a fine line between implementing necessary security measures and over-complicating the entire system, which could lead to reduced company efficiency, employees’ wasting hours trying to gain authorisation just to access everyday files and general frustrations towards an overly-paranoid system which revokes login rights for workers in any position. Luckily, there is a solution to this problem: multi-factor authentication.

Multi-factor authentication should come as standard for any modern day cybersecure IT network, as a basic building block of zero trust. A user’s identity can be quickly verified by making them provide a secondary proof point via something they have, like a mobile phone.

Sophisticated cybersecurity software can enforce a zero trust approach via real-time analysis of key information and details about the user trying to log in to a given company system. The information utilised includes location of the user, time of log-in, the source of the access request and position in the organisation. If enough of the key details match up and the system is entirely confident that the user attempting to login is not a security threat, they will be granted instant access.

Any employee or business leader who believes cybersecurity measures of this quality would be ‘overkill’ fail to understand that the stronger a system’s internal defences are, the less likely that organisation is to be targeted by cybercriminals or hackers in the first place.

While this is not to suggest that organisations must move their entire IT spend budget towards internal security measures, we are simply acknowledging the cyberblind spot that is prevalent in many businesses and charities. By bolstering defences against internal and external threats with a zero trust approach, an organisation can significantly harden its security posture and the chances of a cyberattack are reduced exponentially.

Click below to share this article

Browse our latest issue

Intelligent CIO Africa

View Magazine Archive