Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Stopping the Cyber Attack Chain with Privilege and Vulnerability Management

June 22, 2017

  • Blog
  • Archive
The Cyber Attack Chain (or Kill Chain) is a common reference for illustrating the steps involved in an externally-driven cyber attack. After witnessing first-hand so many data breaches that happen as a result of these methods, we have developed a summary version that you can use as you make the case to better protect your important data and assets. Let’s begin by reviewing the steps in the Cyber Attack Chain, then I will define six steps you can take today to reduce your attack surface.

Steps in the Cyber Attack Chain

Based on our experience, externally-driven data breaches start when an attacker exploits asset vulnerabilities. This can be done via drive-by downloads, phishing attacks or even direct hacking attempts. (The Verizon Data Brach Investigations Report provides ample data on the frequency of such attacks, but 75% of attacks come from outsiders.) Next, once inside the network, the attacker hijacks privileges or leverages stolen or weak passwords. In fact, 80% of breaches involved misused privileged accounts. Once the attacker successfully becomes an insider, they can leverage those privileges and passwords to move laterally and exploit other resources to achieve their ultimate objective – your data. What’s scarier than that, is it takes an average of 256 days to realize you’ve been breached!

Taking Control: How Integrated Privileged Access Management and Vulnerability Management Mitigate the Risks from Cyber Attacks

How can an organization prevent an attacker from exploiting the perimeter through a vulnerability, prevent hijacking and privilege escalation, and limit lateral movement? Start with these basic six steps: 1) Identify and remediate vulnerabilities with better prioritization of risks. How well are you able to prioritize vulnerabilities, or correlate those vulnerabilities against other threats in the wild? Integratingmultiple threat inputs into a single system for prioritization and “heat mapping” is the one way. 2) Limit access to sensitive systems and data by leveraging vulnerability data to make decisions on granting privileges to assets or applications. 3) Enforce least privilege to prevent client-side attacks and reduce default user privileges to contain potential account hijackers. Basically, stopping an attacker before he moves laterally. 4) Eliminate shared accounts and password sharing. Uncontrolled accounts are involved in 8 out of every 10 data breaches. Want a fast way to reduce 80% of that risk? Store all your enterprise passwords in a single, secure store that requires a check-in, check-out process and provides a secure enclave for third-parties. 5) Monitor all privileged activities for security and accountability. Logging must be done for compliance purposes, but session monitoring also adds additional benefits – indexed recordings provide keystroke-level detail on who did what and when, ensuring that you have a full audit trail for the auditors. 6) Tie it all together by correlating and analyzing user and asset behavior to identify in-process attacks. This is where the value of full-integrated privileged access management and vulnerability management comes into play. This combination of behavioral analytics, vulnerability and malware intelligence, user and security data from best-of-breed security solutions allows you to out-maneuver attackers and stop data breaches.

Putting it all Together

The real value of a full-integrated solution to address every step of the Cyber Attack Chain is that there are no gaps, and that you can leverage vulnerability and external threat data to make privilege decisions. All of this reduces your attack surfaces and risks. Disrupting the Cyber Attack Chain with BeyondTrust Want more information on how BeyondTrust can help disrupt the Cyber Attack Chain? Check out the infographic now or request a demo today!

Scott Lang

Sr. Director, Product Marketing at BeyondTrust

Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Webcasts | February 09, 2021

Customer Webinar: Remote Support 21.1 Released!

Webcasts | February 24, 2021

Your PAM 2021 Blueprint: Securing Privileged Accounts for On-Premises and Cloud Assets

Whitepapers

Evolving Privileged Identity Management (PIM) In The 'Next Normal'

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.