In its circular dated June 2, 2016 titled ‘Cyber Security Framework in Banks’ Indian banking regulator RBI acknowledges that In- formation Technology is now an integral part of the operational strategies of banks. And in an earlier circular it indicated that the measures suggested for security implementation cannot be static — and that banks need to pro-actively create/fine-tune/modify their policies, procedures and technologies based on new developments and emerging concerns. Since then, the number, frequency and impact of cyber incidents or attacks has increased manifold, underlining the urgent need to put in place a robust cyber-security/ resilience framework at banks and to ensure adequate cyber-security preparedness among banks on a continuous basis.
While Banks have made significant investments in firewalls, intrusion detection systems, anti-malware, anti-phishing solutions, they have overlooked a very crucial aspect of security – the threat to Privileged Accounts.
Privileged Accounts represent the largest security vulnerability an organization faces today. In the hands of an external attacker or malicious insider, Privileged Accounts allow attackers to take full control of an organization’s IT infrastructure, disable security controls, steal confidential information, commit financial fraud and disrupt operations. Stolen, abused or misused privileged cre- dentials are used in nearly all breaches. With this growing threat, organizations need controls put in place to proactively protect against, detect and respond to in-progress cyber-attacks before they strike vital systems and compromise sensitive data.
The new battleground for cyber-attacks has gone beyond the perimeter, and it’s taking place inside your network. According to recent research, 53% of the data breaches in the first 6 months of 2015 occurred using Identity Theft, and in 62% of the cases, the malicious outsider managed to break through the security system. The latest reports state that most organizations in the world have been breached, and we’ve gone from a “I can’t stop everything at the perimeter” scenario, to “I can’t stop anything at the perimeter.”
The key for any attacker is to become an insider. Whether that means starting as an insider or for the external attacker to become an insider. Either way, most breaches take place because the attacker utilized compromised company credentials which allowed them to look and act as an insider. That is why Privileged Accounts are the most powerful accounts in any organization. Privileged Accounts, or administrator accounts, are often referred to as the “keys to the IT kingdom” because of the powerful access they provide users to servers, databases and applications, and the sensitive data housed within.
But how do you protect your Privileged Accounts from being compromised? We await your confirmation to be an active participant in this Roundtable.
