IMPROVING YOUR BUSINESS RESILIENCE WITH PRIVILEGED ACCESS MANAGEMENT (PAM) – WHAT A CISO NEEDS TO KNOW

A notable result of a study showed that 81% of the respondents stated business resilience as the foremost reason for their cybersecurity investments. More precisely, the top findings were:

1. Business resilience drives investments in four out of five organizations

2. AI is everywhere, and it introduces unprecedented security concerns

3. Top priorities 2024: Security monitoring, Security awareness, and Identity and Access Management

This is understandable considering several things, such as:

1. The geopolitical situation: Unpredicted threats are rising as the political tension is growing worldwide. Especially here in the Nordics, Finland and Sweden joining NATO naturally creates friction.

2. Rise in cyberattacks: The Nordics have experienced a surge in cyberattacks targeting various sectors, from government agencies to healthcare organizations, financial institutions, and critical infrastructure. The National Cybersecurity Centre Finland predicts that the threat level will stay elevated in 2024 (The National Cyber Security Centre Finland’s weekly review – 12/2024).

3. A new era of more sophisticated threats: The rise of generative AI, as highlighted in the CrowdStrike 2024 Global Threat Report, is not just a technological advancement, but a potential game-changer for adversaries. It could significantly lower the barrier of entry for low-skilled attackers, enabling them to launch more sophisticated and rapid attacks. The outdated legacy technologies are no longer a match for the speed and sophistication of the modern adversary.

4. Rise of identity-based attacks: Continuation of identity-based attacks take center stage, as adversaries focus on social engineering attacks that bypass multifactor authentication (CrowdStrike 2024 Global Threat Report).

What does a CISO need to know?

As the world around us becomes more and more digital, it is obvious that the significance of cyber security becomes even more important in the battle against cybercriminals. But what should you invest in to maximize the impact of it?

Stolen credentials play a significant role in cyberbreaches. The percentage varies, but e.g., in Google Cloud´s 2023 Threat Horizon report, it was stated that 86% of breaches involved stolen credentials. Based on this, it is great to see that Nordic organizations have realized the importance of IAM in improving security posture and business resilience. In the Cybersecurity Index, 40% of the respondents highlighted the significance of IAM. In addition, 35% of the respondents identified IAM as one of the most critical capabilities and one of the top priorities in development plans. At the same time, depending on the country, the number of respondents thinking that this capability is managed well varied between only 14 and 23 %. In conclusion, we can say that more needs to be done.

How does all this boil down to PAM, then? Up to 80% of all security breaches involve the compromise of privileged credentials, meaning the accounts of administrators and other users with elevated rights. By getting access to such credentials an attacker can cause a lot of harm to the company through lateral movement, granting themselves rights to operate freely in the IT environment. PAM focuses on securing those credentials.

How to get started, then? An easy way to form an understanding is to conduct a PAM Roadmap, starting with investigating the current state, defining the target state, and building a roadmap to reach the target. There are several ways to implement a PAM capability, either as a project or PAM as a Service. The latter one is a turn-key solution, perfect for companies who want to get the benefits of PAM fast and easy; no need to build and maintain a PAM organization and skills in-house; just buy as a service and let us handle all. Feel free to contact us on sales@sentinelguard.tech for more detailed information and assistance.