Are network access security solutions fundamentally flawed? asks Julia O’Toole, CEO of the password protection product company MyCena Security Solutions.
It is estimated that in 2022 global cybersecurity spending reached over $300 billion. This money is being poured into corporate cybersecurity programs to improve resilience, deploy technology and train staff on the latest cyberattack techniques. Yet, it doesn’t seem to counter cybercrime. Instead, cyberattack numbers continue to grow in tandem with increased security spending.
So, where exactly is the problem? Could the reason attacks continue to escalate signal to a foundational flaw in cybersecurity infrastructure that will pursue organisations until it is addressed? The answer to this is yes. And it all comes down to the way companies manage their corporate network access.
According to Verizon’s latest Data Breach Investigations Report, stolen credentials play a part in over 82 per cent of security breaches. Attackers understand that by stealing one set of valid user credentials, they no longer need to hack into an organisation, they simply login.
From there, they will often achieve unfiltered network access, allowing them to reach critical data, exfiltrate it, and sell it on. This is one of the key reasons why credentials are often viewed as the top target for attackers.
To counter this threat, organisations have been rapidly deploying network access security solutions to secure their employee credentials. These products range from Privileged Identity Management, Identity and Access Management to Identity-as-a-Service and Single Sign-on solutions, but all these products present new security challenges for organisations. With each of these solutions, the credentials are still placed in the hands of users, and when they are compromised, they open channels for criminals to go faster and deeper into the network.
With Single Sign-on, once a criminal gets hold of one set of credentials, they have seamless network access for that account, and can drop malware, travel through the network via lateral movement and privilege escalation, siphoning off data until they get detected. Once they access a privileged account or get administrator-level access, not only can they download the company’s most sensitive information, but they also have the power to create and change usernames and passwords, and to launch a ransomware attack.
These solutions are also dependant on each employee not making mistakes and not having malicious intentions. Imagine if you put all your money in a box and asked each employee to make their own key to open that box. Employees could still unintentionally lose their keys. That is why the more people you have in your organisation, the smaller your odds are of securing your business against credentials theft, phishing, breaches and ransomware attacks.
So, how can organisations better secure their credentials to prevent these attacks? The answer lies in access encryption and segmentation.
To take back control of their network access, instead of allowing employees to make their own keys to access digital assets, companies can automatically generate strong unique passwords for each door and send them encrypted to each employee. Because employees can’t divulge what they don’t know, it is then impossible for them to get phished or sell their passwords. That also means there is no more master password or identity for criminals to steal.
To prevent lateral movement and privilege escalation, people can go back to what they do in the real world, which is having a different key for their house, their car, their office… And organisations can have one key for each door throughout the whole organisation since there are no passwords to remember or see. Furthermore, organisations can provide digital fortresses where each credential can be used separately. This means even if an attacker did manage to get in through a supply chain attack via one system, they could not travel as every doorway is locked and encrypted. This defence-in-layers approach counters criminals using lateral movement and privilege escalation attacks.
Organisations are currently trapped in a model where no matter how much they spend on cybersecurity, they continue to get breached through their employee access credentials. By encrypting and segmenting access, the responsibility of securing credentials no longer lies in the hands of employees, but it is back in the hands of the organisation. Exactly where it should be.
