BeyondTrust, the leading cybersecurity company, just announced the results of the 2018 Implications of Using Privileged Access Management to Enable Next-Generation Technology Survey. The survey revealed that 90% of enterprises engage with at least one next-generation technology (NGT), but an overwhelming majority of 78% respondents are concerned about security breaches.
The survey indicated that next-generation technologies such as artificial intelligence (AI), the Internet of Things (IoT), and business processes like DevOps were particularly vulnerable to security violations. According to the statistics, 1 in 5 respondents experienced five or more breaches related to NGTs, and 52% of these were a result of excessive user privileges.
Morbey Haber, BeyondTrust CTO, declared that “the stickiness of these next gen technologies is actually better than what we've ever heard in previous years. But, security still seems to be an afterthought.” This certainly seems to be the case, with 18% of respondents reporting that they had a NGT related breach in the last 24 months that led to data loss, 20% that resulted in an outage, and 25% triggering a compliance event.
The survey also highlighted the importance of privileged access management (PAM) capabilities, and its role in improving the security of next-generation tech. To improve security, BeyondTrust recommends that enterprises implement five PAM practices:
1. Discover and inventory all privileged accounts and assets - Organisations should perform continuous discovery and inventory of everything from privileged accounts to container instances and libraries.
2. Scan for vulnerabilities and configuration compliance - Organisations should scan online and offline container instances and libraries for image integrity.
3. Manage shared secrets and hard-coded passwords - Governing and controlling shared and other privileged accounts.
4. Enforce least privilege and appropriate credential usage - Only grant required permissions to appropriate build machines and images through least privilege enforcement.
5. Segment networks - Lateral movement protection should be zone-based and needs to cover the movement between development, QA, and production systems.