In the cybersecurity battle between attackers and defenders, attackers are quick to gain access to enterprise systems. And quick to get stolen data out.
Meanwhile, defenders are painfully slow to detect a compromise leading to a data breach. And even slower to respond to the breach and recover.
The Common Element of a Successful Data Breach
In examining the common causes behind successful data breaches, analyst firm Aberdeen estimated that eight out of nine data breach incidents involve the compromise / misuse of privileged access.
It stands to reason that proactively managing privileged credentials can have a large effect on disrupting the attack. Frequent updates to privileged credentials – with unique passwords for each privileged account – can contain a data breach in progress, and prevent lateral movement and nesting in the infiltrated environment.
Cyber Attackers Have the Advantage
Unfortunately, in the same study, Aberdeen also revealed significant problems with the way most organizations manage these powerful credentials, including:
- − Up to 78% of privileged accounts have credentials that aren’t changed for more than 90 days
- − While the median time it takes for attackers to gain access and begin exfiltration is 48 days
The Aberdeen analysis clearly shows that, in most organizations, current practices for managing privileged credentials is too little, too late. A high percentage of data breaches involve compromised privileged credentials. But these credentials are changed less frequently than the time it takes for attackers to strike.
How Managing Privileged Access Reduces Risk
Based off these findings, Aberdeen set off to quantify how securing privileged access with a privileged account management product can reduce the risk of a breach. They leveraged their Monte Carlo model, using estimated ranges and distributions for several key variables including:
- The annual cost of a privileged identity management solution
- The percentage of data breaches involving the abuse of privileged access (both before and after the implementation of a privileged identity management solution)
- The likelihood an attempt to compromise
- The likelihood of an incident leading to a successful data breach
- And more
Based on these probabilities and distributions, Aberdeen’s model demonstrates that proactively managing privileged access quantifiably reduces the risk of a data breach by up to 80%.
You can get all the details of Aberdeen’s findings, and the step-by-step approach they took to get there, by downloading the free report How Managing Privileged Access Reduces the Risk of a Data Breach.
If you like this topic, please subscribe to our Cyber Defense Newsletter.