BeyondTrust, the cyber security company dedicated to preventing privilege misuse and stopping unauthorised access, has announced the availability of a new book, Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Organizations.
The book, authored by BeyondTrust’s Chief Technology Officer, Morey Haber, and Chief Operating Officer, Brad Hibbert, and published by Apress, details the risks associated with poor privilege management, the techniques that hackers and insiders leverage, and the defensive measures that organisations must adopt to protect against a breach, protect against lateral movement, and improve the ability to detect hacker activity or insider threats in order to mitigate the impact.When unmanaged, privileged credentials pose a significant threat from external hackers and insider threats
Privileged access management
In BeyondTrust’s recent survey - Five Deadly Sins of Privileged Access Management, 86 percent of the nearly 500 IT professionals surveyed reported that the misuse of personally identifiable information was an issue that kept them up at night.
Not surprisingly, Forrester research found that 80 percent of data breaches are the result of the abuse or misuse of privileged credentials.
“We have privileged credentials and over-privileged users virtually everywhere and they all need to be managed for a business to stay secure,” said Morey Haber, Chief Technology Officer at BeyondTrust.
“When unmanaged, these privileged credentials pose a significant threat from external hackers and insider threats that can present a game over event for a business or its team members."
"We’re excited to deal with this complex topic head-on in a comprehensive manner in the book which will be a valuable resource to individuals and enterprises alike,” Morey added.Attackers target the perimeter network, but, in recent years, have refocused on users and their privileges
Safeguarding identities
The book identifies how identities, credentials, passwords, and exploits can be leveraged to escalate privileges during an attack and breach an environment. It presents an overview of 12 logical steps in the following areas:
- Implement a secure privileged attack defensive
- Comply with privileged regulatory audit requirements
- Mitigate privileged threats through least privilege, access control, and session management
- Incorporate credential and password best practices to secure privileged access in any environment
- Integrate privileged access management into your existing systems and workflow
“As cyber-attacks continue to increase in volume and sophistication, it is not a matter of if, but when your organisation will be breached,” said Brad Hibbert, Chief Operation Officer at BeyondTrust.
“Attackers target the perimeter network, but, in recent years, have refocused their efforts on the path of least resistance: users and their privileges. Our hope is our new book will help users understand the risks and build a solid defense to protect their most prized credentials.”