right way to establish critical pro active defences
play

Right way to establish critical pro-active defences against - PowerPoint PPT Presentation

Sep 09, 2022 •248 likes •498 views

Right way to establish critical pro-active defences against emerging cyber threats Andrew J Clarke Director, One Identity A fast changing world Digital Transformation Internet of Things (IoT) 2 Andrew J Clarke - One Identity The new attack

  1. Right way to establish critical pro-active defences against emerging cyber threats Andrew J Clarke Director, One Identity

  2. A fast changing world Digital Transformation Internet of Things (IoT) 2 Andrew J Clarke - One Identity

  3. The new attack vector …network credentials that were stolen from a third party vendor Equifax's website in Argentina allegedly were protected by the same generic username and password: "admin." The group apparently compromised a VEVO employee account for the single-sign-on (SSO) workplace app Okta. 3 Andrew J Clarke - One Identity

  4. Identity and Access Management (IAM) • Identity and access management (IAM) is a security, risk management and business discipline, and it is a set of processes and technologies that manage the identities and entitlements of people, services and things, and the relationships and trust among them. It provides the right access for the right reasons, enabling the right interactions at the right time, to help drive business outcomes. • IAM highlights a continued overall trend toward technology maturity, as several technologies have broadly penetrated the market to enhance operational efficiency, enhance security effectiveness and enable business 4 Andrew J Clarke - One Identity

  5. Survey : Goals and Methodology Research Goal The primary research goal was to understand current experiences and challenges around Identity Access Management (IAM) and privileged accounts. Methodology An online survey was fielded to independent databases of IT professionals with responsibility for security. A wide variety of questions were asked about experiences and challenges with IAM. Participants A total of 913 individuals completed the survey. All had responsibility for IT security as a major part of their job and were very knowledgeable about IAM and privileged accounts. 5 5 Andrew J Clarke - One Identity

  6. Survey reveals old fashioned IAM processes still widely used, leaving organisations ripe for breaches and disruptions • Despite years of high-profile breaches, it turns out that a significant number of organisations still aren’t close to applying best practices to their IAM processes, which leaves them and their users vulnerable to attacks and data breaches • The survey shows that: – 71% of survey respondents have concerns about risk from dormant accounts – Just one in four (25%) are “very confident” that user rights and permissions are correct – Despite concerns, nearly a quarter of respondents audit accounts annually or less frequently - including two- percent that never audit! – Most respondents have some sort of process to identify dormant accounts, but less than 20% have tools to find and monitor them To access the full survey results: https://www.oneidentity.com/whitepaper/survey-reveals-that-old-fashion-iam-processes-are-still-widely-used-wh8129464/ 6 Andrew J Clarke - One Identity

  7. 87% have dormant users Yes, we have more than we want to have Does your enterprise have dormant users, where the Yes, we have them 27% 53% 7% 4% 9% T but there is an accounts associated with the acceptable number identities are not being used? I'm not sure, but I would assume they exist 0% 50% 100% 7 Andrew J Clarke - One Identity

  8. Only a third are very confident they know which dormant users accounts exist Very confident How confident are you in Somewhat knowing which dormant user confident T 36% 52% 10% 2% accounts currently exist? Somewhat not confident Not confident at all 0% 50% 100% 8 Andrew J Clarke - One Identity

  9. Less than a third are very confident that their users are deprovisioned properly Very confident How confident are you that Somewhat all former users are fully de- confident 30% 49% 15%6% provisioned in a timely T Somewhat not manner (i.e. before retained confident access becomes an Not confident at unacceptable risk)? all 0% 50% 100% 9 Andrew J Clarke - One Identity

  10. Only 14% de-provision a user immediately upon change in status 35% 30% 30% 22% 22% 25% 20% 14% 15% How long does it 10% 6% typically take to 3% 3% 5% T de-provision a 0% user? 10 Andrew J Clarke - One Identity

  11. Inadequate IT Processes for Managing User Accounts and Access Continue to Create Major Security and Compliance Risks • Disgruntled former employees or other threat actors still have widespread opportunity to cause harm because their IT accounts remain active – 70% of respondents lack confidence that accounts of former employees are fully deactivated in a timely manner – 84% percent of respondents say it takes a month or longer to discover forgotten dormant accounts • Results show that common IT security best practices continue to be a challenge for organisations worldwide 11 Andrew J Clarke - One Identity

  12. Notable finding : Internal threats as well! Businesses around the globe have a major employee snooping problem – 92% of respondents report that employees attempt to access information they do not need for their day-to-day work. – Nearly one in four (23%) of respondents report employees frequently attempt to access information that is irrelevant to their daily job functions. IT security professionals are among the worst snoopers – and get worse with seniority – More than one in three (36%) of IT pros admit to looking for or accessing sensitive information about their company’s performance, apart from what is required to do for their job. – Nearly two in three (66%) IT security professionals admit they have specifically sought out or accessed company information they didn’t need. – 71% of IT security executives admit to seeking out extraneous information, compared to 56% of non- manager-level IT security team members. – 40% of executives admit to snooping for or accessing sensitive company performance information specifically, compared to just 17% of non-manager team members. 12 Andrew J Clarke - One Identity

  13. 92% say employees attempt to access information they don’t need No, they Yes, this never even happens try frequently In your experience, do 8% 23% EMPLOYEES ever attempt to access T information that is not necessary for their day- to-day work? Rarely, but it happens 69% 13 Andrew J Clarke - One Identity

  14. Employees from every country attempt to access information they don’t need "Yes" or "Rarely" In your experience, do 95% 94% 94% 95% EMPLOYEES ever 92% 87% 100% 83% attempt to access 80% information that is not 60% T 40% necessary for their day- 20% to-day work? 0% (by region) 14 Andrew J Clarke - One Identity

  15. Employees at every size company try to access information they don’t need 92% 92% 100% 90% In your experience, do 80% EMPLOYEES ever attempt to access 60% information that is not 40% T necessary for their day- to-day work? 20% 0% (by company size) 500 – 2,000 2,000 – 5,000 More than 5,000 employees employees employees 15 Andrew J Clarke - One Identity

  16. 2 in 3 (66%) have tried to access information they didn’t need Yes, I do No, I have this never even frequently tried Have YOU ever attempted 15% 34% to access information that T is not necessary for your day-to-day work? Rarely, but I have done it 51% 16 Andrew J Clarke - One Identity

  17. More than 1 in 3 have accessed sensitive information about company performance Have you ever looked for Yes or accessed sensitive 36% information about your company's performance, T apart from what you are No required to do as part of 64% your job? 17 Andrew J Clarke - One Identity

  18. Credential-Based Attack Vectors • One of the easiest ways for malicious outsiders, or even insiders, to gain access into an organisation’s IT network is by stealing user credentials such as user names and passwords. • Once access is secured, a series of lateral movements and privilege escalation activities can procure access to the type of information and systems that are most coveted by bad actors, such as a CEO’s email, customer or citizen personally identifiable information, or financial records. • The more time inactive accounts are available to bad actors, the more damage can potentially be done, including data loss, theft and leakage, which could end up in irreparable damage to reputations, compliance violations, as well as possibly large fines and a significant drop in stock valuation. • Exploitation of excessive or inappropriate entitlements remains a goldmine for threat actors who will then capitalise on access to gain a foothold in an organisation to steal data or inject malware. • Accelerate the deprovisioning of access, proactively discover dormant accounts, and help ensure appropriate access rights across the entire organisation and user population 18 Andrew J Clarke - One Identity

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Airports as critical transportation infrastructures increasingly impacted by cyberattacks: a case

Airports as critical transportation infrastructures increasingly impacted by cyberattacks: a case

Airports as critical transportation infrastructures increasingly impacted by cyberattacks: a case study CYBER SECURITY & PRIVACY FORUM 2014 CSP Track 3 _ Cyber Attacks & Defences in critical Infrastructure CYSPA Alessandro Pollini, Deep

336 views • 15 slides
Active Arc Quenching Standards Improving Critical Electrical System Reliability and Eliminating

Active Arc Quenching Standards Improving Critical Electrical System Reliability and Eliminating

Active Arc Quenching Standards Improving Critical Electrical System Reliability and Eliminating the requirement for arc-rated PPE Tech4 LLC Mike Bukovitz, P.E. 20 April 2020 Introduction My Background The Arc Terminator Project

625 views • 39 slides
Active Arc Quenching Presentation Objectives: Improving Critical Electrical System Reliability

Active Arc Quenching Presentation Objectives: Improving Critical Electrical System Reliability

Active Arc Quenching Presentation Objectives: Improving Critical Electrical System Reliability and Eliminating the requirement for arc-rated PPE Tech4 LLC Mike Bukovitz, P.E. Introducing: The Arc Quencher Recognized & Certified? YES!

489 views • 30 slides
How To Build Critical Literacy Communities Critical literacy is the ability to read texts in an

How To Build Critical Literacy Communities Critical literacy is the ability to read texts in an

Retrieved from: www.joanwink.com/scheditems/ALER-Presentation-Part2-Final.pdf How To Build Critical Literacy Communities Critical literacy is the ability to read texts in an active, reflective manner in order to better understand power,

316 views • 16 slides
The Active Card An Active Mind in an Active Body More people, More Active, More often! The

The Active Card An Active Mind in an Active Body More people, More Active, More often! The

The Active Card An Active Mind in an Active Body More people, More Active, More often! The Active vision Active The Olympic Legacy 100,000 card holders by 2012 SMART card technology Improved communications for

421 views • 21 slides
Bicycle Parking Initiative About Ride the Cov The mission of Ride the Cov is to establish

Bicycle Parking Initiative About Ride the Cov The mission of Ride the Cov is to establish

Bicycle Parking Initiative About Ride the Cov The mission of Ride the Cov is to establish Covington as a bike- friendly place to live, work, and play 60 Active -ists 589 Facebook followers 12 Group Rides planned for 2019, so

234 views • 12 slides
RP2 Online Banking: Attacks & Defences Dominic van den Ende, Tom Hendrickx University of

RP2 Online Banking: Attacks & Defences Dominic van den Ende, Tom Hendrickx University of

Outline Introduction Research Analysis Questions Conclusion RP2 Online Banking: Attacks & Defences Dominic van den Ende, Tom Hendrickx University of Amsterdam Master of Science in System and Network Engineering Class of 2008-2009

440 views • 23 slides
TOGETHER, WE BUILD. OFFICE OF ECONOMIC DEVELOPMENT Objective of the M/WBE Program ESTABLISH

TOGETHER, WE BUILD. OFFICE OF ECONOMIC DEVELOPMENT Objective of the M/WBE Program ESTABLISH

DIVISION OF ECONOMIC MOBILITY Creating and expanding opportunities for small, disadvantaged, and minority- and women-owned businesses TOGETHER, WE BUILD. OFFICE OF ECONOMIC DEVELOPMENT Objective of the M/WBE Program ESTABLISH A CRITICAL

84 views • 7 slides
Defences Structure of the Courts What is a Crime? a public wrong Wrong committed

Defences Structure of the Courts What is a Crime? a public wrong Wrong committed

Defences Structure of the Courts What is a Crime? a public wrong Wrong committed against the common good or public interest causes harm to society, not just the individual 3 features that make something a public wrong:

474 views • 25 slides
COMMITTAL FOR CONTEMPT: Procedure, Defences, Funding and Costs 14 July 2020 Paper produced by

COMMITTAL FOR CONTEMPT: Procedure, Defences, Funding and Costs 14 July 2020 Paper produced by

COMMITTAL FOR CONTEMPT: Procedure, Defences, Funding and Costs 14 July 2020 Paper produced by Tim Baldwin, Barrister at Garden Court Chambers to supplement slides A. Introduction 1. There are many types of proceedings for committal for

361 views • 12 slides
Storm Surge Barrier conference Thames Barrier Andy Batchelor Thames Tidal Defences Operations

Storm Surge Barrier conference Thames Barrier Andy Batchelor Thames Tidal Defences Operations

Storm Surge Barrier conference Thames Barrier Andy Batchelor Thames Tidal Defences Operations Manager May 2019 Environment Agency - roles & responsibilities Within England, were responsible for: water quality and resources

862 views • 68 slides
Iceberg Thinking and Safety Defences Chris Langer CIRAS April 2016 The Iceberg new reps

Iceberg Thinking and Safety Defences Chris Langer CIRAS April 2016 The Iceberg new reps

Iceberg Thinking and Safety Defences Chris Langer CIRAS April 2016 The Iceberg new reps meetings Events asking questions: drivers culture UK interest: performance before safety across transport blame

172 views • 6 slides
Tony Clothier PhD, BSc Eng (Civil) CEng, CEnv, C.WEM, MCIWEM ICM Modelling Approach Preliminary

Tony Clothier PhD, BSc Eng (Civil) CEng, CEnv, C.WEM, MCIWEM ICM Modelling Approach Preliminary

Tony Clothier PhD, BSc Eng (Civil) CEng, CEnv, C.WEM, MCIWEM ICM Modelling Approach Preliminary Assessment: Local Flood Defences Local defences remove flooding of residential properties Increase in flood depths through Loxwood by

756 views • 17 slides
The Critical Role of Testing in the COVID Era Unlocking opportunities and re-igniting patient

The Critical Role of Testing in the COVID Era Unlocking opportunities and re-igniting patient

The Critical Role of Testing in the COVID Era Unlocking opportunities and re-igniting patient engagement If you havent already, register at VirtualPractices.org Access the latest testing resources Establish your testing

283 views • 24 slides
NG9-1-1 Procurement Outcomes June 25, 2020 The Process 2 Mission Critical Partners | 9-1-1

NG9-1-1 Procurement Outcomes June 25, 2020 The Process 2 Mission Critical Partners | 9-1-1

NG9-1-1 Procurement Outcomes June 25, 2020 The Process 2 Mission Critical Partners | 9-1-1 ACOG RFP Outcomes | Due Diligence RFP Development Publishing Scoring Establish Scoring Committees Training

546 views • 16 slides
BD in Covington Committed to Covington BD (previously C. R. Bard) has been an active member

BD in Covington Committed to Covington BD (previously C. R. Bard) has been an active member

BD in Covington Committed to Covington BD (previously C. R. Bard) has been an active member of the Covington community since 1967 Headquarters of BDs Urology and Critical Care business, a medical device sterilization facility and

578 views • 5 slides
ALAMEDA COUNTY TREASURER TAX COLLECTOR FISCAL YEAR 2020-2021 Budget Work Session Henry C.

ALAMEDA COUNTY TREASURER TAX COLLECTOR FISCAL YEAR 2020-2021 Budget Work Session Henry C.

ALAMEDA COUNTY TREASURER TAX COLLECTOR FISCAL YEAR 2020-2021 Budget Work Session Henry C. Levy Treasurer-Tax Collector April 14, 2020 Mission Statement FY 2020-2021 Provide Alameda County

755 views • 18 slides
Accounts Ryan Preston Director of Audit Services State Board of Accounts 2017 HEA 1009 SBOA

Accounts Ryan Preston Director of Audit Services State Board of Accounts 2017 HEA 1009 SBOA

SBOA Chart of Accounts Ryan Preston Director of Audit Services State Board of Accounts 2017 HEA 1009 SBOA Requirements: Created IC 20-42.5-3-7 Chart of Accounts must coincide with the State Board of Educations determined

610 views • 21 slides
How Large Organizations Can Save on Mailing Fleet Costs Adam Lewenberg - Background and

How Large Organizations Can Save on Mailing Fleet Costs Adam Lewenberg - Background and

How Large Organizations Can Save on Mailing Fleet Costs Adam Lewenberg - Background and Experience President of Postal Advocate Inc. The only mail audit and recovery firm in the US and Canada Manage a portfolio of 85,000 pieces of

714 views • 30 slides
NEW SERVICE LAUNCH Email Sales Pro 1 Todays Presenters Dianne Lucca Email Product Manager,

NEW SERVICE LAUNCH Email Sales Pro 1 Todays Presenters Dianne Lucca Email Product Manager,

NEW SERVICE LAUNCH Email Sales Pro 1 Todays Presenters Dianne Lucca Email Product Manager, Essendant Collin Williams Matt Mindrum Caroline Casey Email Support, Essendant Channel Manager, sales-I Business Analyst, sales-i Todays

568 views • 39 slides
2019 AGM PRESENTATION Group CEO Robin Fleming Disclaimer NOT FOR PUBLICATION OR

2019 AGM PRESENTATION Group CEO Robin Fleming Disclaimer NOT FOR PUBLICATION OR

2019 AGM PRESENTATION Group CEO Robin Fleming Disclaimer NOT FOR PUBLICATION OR DISTRIBUTION, DIRECTLY OR INDIRECTLY, IN OR INTO THE UNITED STATES This presentation has been prepared and issued by Bank of South Pacific Limited (the

575 views • 31 slides
Investor Relations Meeting on November 21, 2019 Q&A Summary Presenters Kazuhiro Higashi

Investor Relations Meeting on November 21, 2019 Q&A Summary Presenters Kazuhiro Higashi

Investor Relations Meeting on November 21, 2019 Q&A Summary Presenters Kazuhiro Higashi President and Representative Executive Officer, Resona Holdings, Inc. Satoshi Fukuoka Representative Executive Officer, Resona Holdings, Inc. Tetsuya

138 views • 10 slides
Offering banking services in a mobile world Denise Buckton Head of Mobile and Phone Banking

Offering banking services in a mobile world Denise Buckton Head of Mobile and Phone Banking

Offering banking services in a mobile world Denise Buckton Head of Mobile and Phone Banking Evolution of ANZ & NBNZ Mobile Banking Txt Banking NBNZ iBank M-Banking ANZ goMoney NBNZ Mobile Banking and M-Banking for iPhone browser for

429 views • 8 slides
Academic Affairs Presentation to University Budget Committee CSUDH, November 17, 2017 1.

Academic Affairs Presentation to University Budget Committee CSUDH, November 17, 2017 1.

Sources of uncertainty: - Collective bargaining - State funding ($104M vs. $160M) - Prerequisites of transparency, real-time data Academic Affairs Presentation to University Budget Committee CSUDH, November 17, 2017 1. Outstanding Academic

249 views • 11 slides

More recommend