
Steps in the Cyber Attack Chain
Based on our experience, externally-driven data breaches start when an attacker exploits asset vulnerabilities. This can be done via drive-by downloads, phishing attacks or even direct hacking attempts. (The Verizon Data Brach Investigations Report provides ample data on the frequency of such attacks, but 75% of attacks come from outsiders.) Next, once inside the network, the attacker hijacks privileges or leverages stolen or weak passwords. In fact, 80% of breaches involved misused privileged accounts. Once the attacker successfully becomes an insider, they can leverage those privileges and passwords to move laterally and exploit other resources to achieve their ultimate objective – your data. What’s scarier than that, is it takes an average of 256 days to realize you’ve been breached!Taking Control: How Integrated Privileged Access Management and Vulnerability Management Mitigate the Risks from Cyber Attacks
How can an organization prevent an attacker from exploiting the perimeter through a vulnerability, prevent hijacking and privilege escalation, and limit lateral movement? Start with these basic six steps:
Putting it all Together
The real value of a full-integrated solution to address every step of the Cyber Attack Chain is that there are no gaps, and that you can leverage vulnerability and external threat data to make privilege decisions. All of this reduces your attack surfaces and risks.