Cybersecurity Insurance Checklist - Meet Insurance Requirements with BeyondTrust PAM Download for Free

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

Strengthening Agency Cyber Defenses with Privileged Access Management

January 29, 2020

  • Blog
  • Archive

The compliance landscape for government agencies is constantly evolving to keep pace with emerging threats to public sector systems and the deployment of new technologies.

Cyberattacks are not only increasing in frequency, but also becoming more sophisticated and targeted. Moreover, cloud, mobile, and DevOps environments are driving forces behind a rapidly expanding attack surface and dissolving perimeter that presents ever more opportunities for threat actors to exploit.

Amidst the ever-changing threat environment, government agencies and contractors must comply with a wide-range of federal, state, local and industry compliance initiatives and security controls. And today, non-compliance may not only lead to substantive penalties, but a heightened risk of a security breach that leads to data loss, downtime, and other damages. Consequently, agencies must stay vigilant to combat threats whether internal or external, malicious or unintentional, that expose weaknesses in their defenses and policies.

In our whitepaper, Privileged and Remote Access for Federal Agencies & Contractors, you will learn how your agency can cost-effectively reduce IT security risk, simplify the path to federal compliance mandates, and confidently embrace innovation. The paper also explores how BeyondTrust solutions can help you meet a number of security initiatives and mandates including:

  • FISMA SP 800-53, SP 800-171, and SP 800-137
  • NIST Cybersecurity Strategy & Implementation Plan (CSIP)
  • NIST Cybersecurity Framework
  • Continuous Diagnostics & Mitigation (CDM) Program
  • Department of Defense (DoD) Cybersecurity Discipline Implementation & Scorecard
  • Cybersecurity Strategy & Implementation Plan (CSIP)
  • National Industrial Security Program Operating Manual (NISPOM)
  • Homeland Security Presidential Directive 12 (HSPD 12)
  • NERC Critical Infrastructure Protection (CIP)

In the remainder of this blog, let’s briefly cover why securing privileged and remote access has become a top initiative for the public sector and beyond.

Misused Privileges, Unsecure Remote Access are Commonly Exploited Attack Vectors

Today, misused and abused privileged credentials play a role in over 80% of IT security breaches, according to Forrester Research. BeyondTrust’s own 2019 Privileged Access Threat Study revealed that government and public sector agencies have, on average, 124 third-party vendors logging into their systems and networks, in a typical week. Without full visibility and granular control over that access, including the ability to enforce least privilege, that vendor access represents risky pathways into your environment. The same study found that only 10% of government and public sector agencies believed that third-party vendor access was not a threat to their environment. So, if we can put a positive spin on this, it’s that most agencies are at least aware that they need to better secure remote access.

Given the current threat environment, agencies must have solutions that demonstrably reduce the threat surface and the risk of data breaches. Additionally, agency managers need solutions that can address compliance initiatives with security controls, threat analytics, and reporting.

How IAM Strategies, PAM Solutions Strengthen Security

Government agencies and municipalities are routinely exposed to attacks that could easily be blocked, or at least mitigated, with a mature identity access management (IAM) strategy and privileged access management (PAM) solutions.

Take, for example, some of the ransomware attacks in recent years on Atlanta (2018) and Baltimore (2019), as well as other cities, municipalities, and schools, that shutdown computer systems that supported vital public services, costing millions of dollars in damages. In most cases, the attackers leveraged threat vectors that could have been blocked, or at least mitigated, if the cities had a holistic PAM solution in place. For instance, security experts determined that the RobinHood malware used to attack Baltimore’s computer systems could not have spread from machine to machine across a network on its own. The attackers would have needed to obtain privileged access that would make them appear to be legitimate administrators, and then target individual computers. For more insight on this, I recommend checking out our blog: Ransomware: A Problem of Excesses (Access, Privileges, Vulnerabilities).

A robust PAM solution can prevent attackers from gaining access to legitimate administrators’ credentials. PAM solutions can discover, onboard, and securely manage privilege credentials for human and non-human accounts across diverse IT environments. The aim is at least two-part:

  • To prevent threat actors—either internal or external—from gaining an initial foothold within an environment
  • To restrict the ability of the threat actors to move laterally throughout an agency’s network once they have gained that initial foothold.

To accomplish this piece, agencies should remove all local administrative privileges from non-IT users and eliminate root and superuser access where possible. Their PAM solutions should also regularly rotate credentials, which reduces the window of time credentials could be used—even if they are stolen. Additionally, a robust PAM solution must have the capability to run a set of policies to determine which applications have the rights to run “elevated” or as an administrator – ideally, the user is not elevated.

Achieve Security and Peak Productivity

Over the years, people have perceived that strong information security equates to decreased productivity. Consequently, many organizations – public and private – have been lax on certain security measures, such as overprovisioning privileges, allowing people broad access to systems for the sake of productivity. If agencies have a robust PAM solution in place, their people, systems, and networks will be more secure—avoiding security incidents and the productivity-sapping help-desk tickets, while their workforce can achieve their mission goals more quickly and efficiently.

For more insights into improving your security and compliance posture, while enhancing productivity, read the BeyondTrust whitepaper, Privileged and Remote Access for Federal Agencies & Contractors.

Photograph of Craig McCullough

Craig McCullough, Regional Vice President, Public Sector

Craig has over 20 years of experience in the technology industry, having started his career as an intellectual property attorney in Washington, DC, and then moving into leadership roles growing technology businesses that support federal, state and local governments. He is a visible industry leader and frequent spokesperson, giving interviews in various media outlets and participating as a panel speaker at multiple industry events. Craig joined BeyondTrust in 2018 and created the Public Sector Team.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Microsoft Vulnerabilities Report 2021

Whitepapers

Privileged Access Management: PAM Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.