Software company Centrify recently released the results of its Privileged Access Management in the Modern Threatscape survey. Centrify surveyed 1,000 IT decision-makers about cybersecurity in their organizations. The survey found that, of the organizations that had experienced a data breach, 74 percent resulted from privileged access credential abuse.
However, many organizations do not have sufficient Privileged Access Management and privileged credential security. Among those surveyed who experienced a breach, only 48 percent now use a password vault and only 21 percent implemented multi-factor authentication (MFA) for privileged administrative access. In addition, 65 percent share root or privileged access to systems and data at least somewhat often.
Advanced areas of IT are the most unprotected, with many organizations failing to use privileged access controls to protect containers (72 percent); network devices like hubs, switches, and routers (68 percent); Big Data projects (58 percent); and public and private cloud workloads (45 percent). The top five cybersecurity priorities for respondents are protecting cloud data, preventing data leakage, analyzing security incidents, improving security education/awareness, and encrypting data.
Finally, only 35 percent of organizations in the U.S. use Privileged Access Management to manage their partners' access to privileged credentials and infrastructure, according to the survey. Most respondents want to adhere to cybersecurity best practices, but fail to do so because of budget constraints and lack of executive buy-in. Louis Columbus "74% Of Data Breaches Start With Privileged Credential Abuse" forbes.com (Feb. 26, 2019).