Cybersecurity predictions: Identity protection to be a priority in 2022
The 2021 Verizon Data Breach report highlighted that 61% of breaches involved credential data. “If there is one thing we can learn from 2021, is that the cyberattackers focus on credentials to expand their reach into their victim’s networks. “Take, for example, the Colonial Pipeline incident where fuel shortages resulted from a single compromised password or the Solarwinds breach,” said Ray Kafity, Vice President – Middle East Turkey and Africa (META) at Attivo Networks. “The focus of the defenders in the coming year would be on technology and solutions that can detect and derail such attacks before they can cause great harm to the organisation.”
Attivo Networks, experts in preventing identity privilege escalation and detecting lateral movement attacks, offer their predictions for the coming year in the cybersecurity industry.
Enterprises will increase their investment in identity security solutions
The rise in third-party attacks, remote working security risks and the continuing evolution of ransomware have driven home the fact that traditional security solutions are no longer enough. And while existing solutions like Identity and Access Management (IAM), Privileged Access Management (PAM) and Identity Governance and Administration (IGA) provide basic identity protections, their focus on authorisation and authentication leave gaps for attackers to exploit. To close those gaps, enterprises need to invest in Identity Detection and Response (IDR) solutions capable of providing expanded exposure visibility and detection specific to credential misuse, excess entitlements, privilege escalation and other common identity-based attack activities.
Ransomware defences must get a badly needed refresh
Ransomware 3.0 is here, characterised by double extortion, where cybercriminals encrypt files and leak information online to drastically impact the company’s image, profits, stock price and more. There’s no longer a one-size-fits-all approach to defending against these attacks. With over 300 variants, stopping ransomware requires a multi-faceted approach that starts with protecting Active Directory and privileged credentials. In 2022, organisations won’t understand how each group operates and, instead, must improve their visibility to exposures and add detection measures based on techniques. Setting up traps, misdirections and speed bump lures along the way will also serve as strong deterrents to keep an attacker from succeeding.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise