With several major security shows like the U.S. RSA Conference 2012 and Black Hat Europe behind us, and several more in the queue, the industry is tireless when it comes to elevating awareness around the evolving threat landscape. And it has to be, as it seems hackers never ease up in their relentless pursuit of vulnerabilities to exploit. With that said, let’s take a look at some topics that are generating buzz in IT security. We’ll dub this our IT Security Rewind: March Madness Edition!
No Longer Privileged: Employee turnover is a cost of doing business, but what happens when an employee with privileged user account access (e.g. a sys-admin) leaves the company? Apparently not enough. An IT Director piece examines the propensity of organizations to ineffectively close out the user accounts of inactive sys-admins. Fortunately, proactive removal and monitoring of privileged accounts is a central tenet of effective privileged identity management best practices. Organizations should avoid risks by deploying solutions that grant privileges on an ‘as needed’ basis.
APT? What’s in a name? The pursuance of a precise definition continues to perplex the IT security community and this week CSO took a stab at truly defining the term through an in-depth feature. The article focuses on the basic components of an APT, the normal actors involved, and some common attack vectors. One glaring omission: The piece does not address the privileged escalation angle that is commonly associated with most APTs.
Password: You are the Weakest Link. Goodbye: Joe McKendrick of ZDNet compiled an insightful follow-up post to the results of the Trustwave 2012 Global Security Report which highlights how poor IT password management persists as the largest security concern facing most organizations. The report indicates that “the use of weak and/or default credentials continues to be one of the primary weaknesses exploited by attackers for internal propagation.” As McKendrick describes, the use of default (and hardcoded) passwords, in particular, creates system-wide vulnerabilities that enable hackers to attack with limited sophistication.
That’s it for this week—what else is making you “mad” about IT security?
After a jam-packed week in San Francisco, the Cyber-Ark team is home – a little tired but also inspired by our experiences at IT security’s biggest conference of the year – RSA 2012. In addition to the great buzz associated with the launch of our brand new product – Privileged Session Manager version 7 –we decided to use this week’s IT Security Rewind to reflect on the week and provide you our take on major RSA show news and events.
Art Coviello Takes the Hot Seat…
Ahead of his keynote presentation that kicked of RSA, Art Coviello sat down with AllThingsDigital reporter Arik Hesseldahl, to answer seven questions about one of the most highly publicized cyber-security attacks that occurred almost one year ago – the RSA security token hack. While he didn’t reveal anything new about the hack, Art did offer his words of advice, “the bottom line is that we do hope, in the final analysis, that people have more of a sense of urgency in protecting themselves, because the truth of the matter is that we weren’t alone.” This quote set the tone for the RSA show as IT professionals looked back on a year of sophisticated APT’s and examined the future of how we will go about protecting ourselves.
Verizon gives a preview…
In time for RSA, Verizon published a snapshot of data from its upcoming 2012 Data Breach Investigations Report, revealing that more than 85 percent of the data breach incident response cases investigated by Verizon Business last year originated from a hack, and more than 90 percent of them came from the outside rather than via a malicious insider or business partner. However, the preview also found that “the most commonly used venue for breaches was exploiting default or easily guessed passwords, with 29 percent of the cases last year.” RSA and the U.S. Chamber of Commerce are just a few organizations that learned the privileged identity management lesson the hard way.
If you forgot to tune in on Sunday…
Keeping with some core themes from the RSA show…if you’re curious to hear what retired Gen. Mike Hayden, former head of the National Security and Central Intelligence agencies had to say about Stuxnet and similar cyber weapons, 60 Minutes aired a segment on Sunday that shows just how real cyber threats are and how serious government agencies are taking the threat of future attacks. FBI Director Robert Mueller stated, “I do believe that the cyber threat will equal or surpass the threat from counterterrorism in the foreseeable future.” If you missed “Stuxnet: Computer worm opens new era of warfare” you can watch the full segment here.
What were your best RSA moments this year? Comment below!
Cyber-Ark explains how it is helping enterprises meet today’s advanced security challenges and highlights the new capabilities, offered in its largest release to date, further extending its long standing market leadership. By focusing on continuously protecting the datacenter, learn how Cyber-Ark creates powerful solutions that fight internal and advanced threats and satisfy the growing demands of compliance.
