NEW: Microsoft Vulnerabilities Report 2022 - Read the Findings of Our Annual Report Read Now

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

Black Hat Survey: Gap Between Security Concerns and Resources – a Maturity Problem

July 16, 2015

  • Blog
  • Archive

In advance of the upcoming Black Hat conference, the organization released a first-ever research report based on results of a survey to prior conference attendees. The report, titled, “2015: Time to Rethink Enterprise IT Security”, “reveals a significant gap between the priorities and concerns as well as the actual expenditure of security resources in the average enterprise.”

How stark is this gap?

Top concerns listed in the report include sophisticated targeted attacks (57% of respondents) and social engineering (46% of respondents). Security professionals, however, are actually spending their time in other areas, including addressing vulnerabilities introduced by internal (35%) and off-the-shelf software (33%).

Such a gap between importance and activity is not really news. We wrote about a similar gap showing that while 56% of respondents to a survey would be looking to increase their security spend to deal with insider threats next year, the leading categories where organizations plan to actually increase their security spend during the next 12 months were: Network defenses (52%), Endpoint, Mobile device protection (50%), and so on. There’s a disconnect there, too.

What’s the source of this ongoing gap?

I would contend that it is a lack of maturity, a lack of security maturity to borrow a phrase from Brian Krebs, that leads to the disparity between security priorities and actual activities. When organizations are focused on the “blocking and tackling” – like finding and fixing vulnerabilities, standing up new firewalls, or endpoint security tools – without the right philosophy, people structure, process or technology platforms in place, they will always find themselves spinning in an infinite loop of breach response madness.

How to overcome the maturity gap

I’m going to borrow a simple security model developed by the Enterprise Strategy Group (and noted in Brian’s article mentioned above) that will help you assess where you are now on your journey to becoming a more mature security organization. For illustration purposes, I will map common attributes in the context of privileged account management and vulnerability management to the levels in the model. The activities would differ of course based on the topic you wish to assess.

Basic Security Model

  • Manual processes for managing privileged passwords, including spreadsheets, wetware
  • Nearly all users in the organization have administrator access on their machines
  • No session monitoring or recording of privileged use
  • Lack of auditing and control over root accounts and privileged accounts
  • Disorganized and chaotic directory services infrastructure, with multiple logons required and inconsistent policy
  • No visibility over changes made to AD objects, configurations or permissions
  • Individual patching, management and policies by system in a complex, heterogeneous environment
  • No singular clear picture of threats or what to do about them

Progressing Security Model Level

  • Some automation and some cycling of some privileged passwords
  • 50% or fewer users with administrator credentials in the organization
  • Some session monitoring for compliance purposes, snapshotting
  • Common use of the root account, with some auditing of usage, perhaps using sudo
  • Few, but not one login to heterogeneous systems
  • Some change auditing, but lacking recovery of unwanted changes
  • More automated scanning on vulnerable systems
  • Threat analytics mostly from SIEMs

Advanced Security Model Level

  • Automated password and session management of all shared accounts
  • Least privilege implemented organization-wide, on all systems and machines
  • Automatic recording of keystrokes/video/over-the-shoulder activities
  • Full control and accountability over privileged users on any system, eliminating root access or insufficient methods like sudo
  • Single sign on for heterogeneous systems leveraging familiar infrastructure
  • Full auditing and recovery of changes across the environment; Ability to proactively know and deliver what auditors are looking for
  • Automated scanning, patching and reporting of vulnerable systems
  • Integrated threat analytics to improve decision making

The path to maturity is not an easy one. It’s not fast. There are no shortcuts. But by investing in the right people, processes and technology you can achieve greater levels of automation which will ultimately allow you to focus less on the repetitive monotony and more on the productive capacity of your IT security. This will help you align your efforts with your priorities.

If you’d like to learn more about how BeyondTrust Privileged Account Management and Vulnerability Management solutions can help you move ahead in your security maturity, contact us today.

PS: If you are planning to attend Black Hat, stop by and visit us at booth 441 – you could win great prizes like an Apple TV, Apple Watch, Apple Airport Express, or an iTunes gift card!

Photograph of Scott Lang

Scott Lang, Sr. Director, Product Marketing at BeyondTrust

Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Microsoft Vulnerabilities Report 2022

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Privileged Access Management: PAM Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.