Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Black Hat Survey: Gap Between Security Concerns and Resources – a Maturity Problem

July 16, 2015

  • Blog
  • Archive
In advance of the upcoming Black Hat conference, the organization released a first-ever research report based on results of a survey to prior conference attendees. The report, titled, “2015: Time to Rethink Enterprise IT Security”, “reveals a significant gap between the priorities and concerns as well as the actual expenditure of security resources in the average enterprise.” How stark is this gap? Top concerns listed in the report include sophisticated targeted attacks (57% of respondents) and social engineering (46% of respondents). Security professionals, however, are actually spending their time in other areas, including addressing vulnerabilities introduced by internal (35%) and off-the-shelf software (33%). Such a gap between importance and activity is not really news. We wrote about a similar gap showing that while 56% of respondents to a survey would be looking to increase their security spend to deal with insider threats next year, the leading categories where organizations plan to actually increase their security spend during the next 12 months were: Network defenses (52%), Endpoint, Mobile device protection (50%), and so on. There’s a disconnect there, too. What’s the source of this ongoing gap? I would contend that it is a lack of maturity, a lack of security maturity to borrow a phrase from Brian Krebs, that leads to the disparity between security priorities and actual activities. When organizations are focused on the “blocking and tackling” – like finding and fixing vulnerabilities, standing up new firewalls, or endpoint security tools – without the right philosophy, people structure, process or technology platforms in place, they will always find themselves spinning in an infinite loop of breach response madness. How to overcome the maturity gap I’m going to borrow a simple security model developed by the Enterprise Strategy Group (and noted in Brian’s article mentioned above) that will help you assess where you are now on your journey to becoming a more mature security organization. For illustration purposes, I will map common attributes in the context of privileged account management and vulnerability management to the levels in the model. The activities would differ of course based on the topic you wish to assess. Basic Security Model
  • Manual processes for managing privileged passwords, including spreadsheets, wetware
  • Nearly all users in the organization have administrator access on their machines
  • No session monitoring or recording of privileged use
  • Lack of auditing and control over root accounts and privileged accounts
  • Disorganized and chaotic directory services infrastructure, with multiple logons required and inconsistent policy
  • No visibility over changes made to AD objects, configurations or permissions
  • Individual patching, management and policies by system in a complex, heterogeneous environment
  • No singular clear picture of threats or what to do about them
Progressing Security Model Level
  • Some automation and some cycling of some privileged passwords
  • 50% or fewer users with administrator credentials in the organization
  • Some session monitoring for compliance purposes, snapshotting
  • Common use of the root account, with some auditing of usage, perhaps using sudo
  • Few, but not one login to heterogeneous systems
  • Some change auditing, but lacking recovery of unwanted changes
  • More automated scanning on vulnerable systems
  • Threat analytics mostly from SIEMs
Advanced Security Model Level
  • Automated password and session management of all shared accounts
  • Least privilege implemented organization-wide, on all systems and machines
  • Automatic recording of keystrokes/video/over-the-shoulder activities
  • Full control and accountability over privileged users on any system, eliminating root access or insufficient methods like sudo
  • Single sign on for heterogeneous systems leveraging familiar infrastructure
  • Full auditing and recovery of changes across the environment; Ability to proactively know and deliver what auditors are looking for
  • Automated scanning, patching and reporting of vulnerable systems
  • Integrated threat analytics to improve decision making
The path to maturity is not an easy one. It’s not fast. There are no shortcuts. But by investing in the right people, processes and technology you can achieve greater levels of automation which will ultimately allow you to focus less on the repetitive monotony and more on the productive capacity of your IT security. This will help you align your efforts with your priorities. If you’d like to learn more about how BeyondTrust Privileged Account Management and Vulnerability Management solutions can help you move ahead in your security maturity, contact us today. PS: If you are planning to attend Black Hat, stop by and visit us at booth 441 – you could win great prizes like an Apple TV, Apple Watch, Apple Airport Express, or an iTunes gift card!

Scott Lang, Sr. Director, Product Marketing at BeyondTrust

Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

A Zero Trust Approach to Secure Access

Webcasts

Rising CISOs: Ransomware, Cyber Extortion, Cloud Compromise, oh my!

Whitepapers

A Zero Trust Approach to Windows & Mac Endpoint Security

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.