Defining maturity model to securing privileged accounts

Best Practices Guide breaks down the process of locking down the most coveted asset in advanced and insider attacks.

  • 10 years ago Posted in

CyberArk, the company securing the heart of the enterprise, has released a maturity model to securing privileged accounts, titled The Three Phases of Securing Privileged Accounts: A Best Practices Guide. This guide will enable organisations to understand how to prevent exploitation of this critical security layer by providing a simple, yet effective, framework for applying the best security strategy for any environment.


“The role of privileged access in headline-grabbing security breaches is undeniable and has pushed the management of these accounts to the top of every CISO’s priority list, yet few understand how to address the problem beyond compliance mandates”


Privileged accounts are exploited every day, highlighted by the data leaks by NSA systems administrator Edward Snowden and the recent U.S. tax return crime wave, yet smaller-scale attacks occur daily. The cost of doing nothing to protect these accounts is routinely displayed in the stream of reports detailing compromise after compromise effecting businesses across the globe. Correspondingly, security frameworks such as the Council on Cyber Security Top 20 Critical Security Controls and NIST have always maintained the importance of protecting, managing and monitoring privileged accounts, however, there remains much confusion over how to manage this critical security layer.


“The role of privileged access in headline-grabbing security breaches is undeniable and has pushed the management of these accounts to the top of every CISO’s priority list, yet few understand how to address the problem beyond compliance mandates,” said John Worrall, chief marketing officer, CyberArk. “This guide will serve as a starting point for the many organisations left wondering, ‘What are privileged accounts?’ ‘Where do they exist on my organisation?’ ‘How do I protect them?’ ‘How do I manage these accounts moving forward?’”


In this new paper, CyberArk simplifies the process of identifying, securing and managing these powerful accounts for organisations, detailing key phases of privileged account security, including:
· Defining a Privileged Account: These accounts exist in many forms across an organisation – employee accounts, hard-coded into applications, in every technology connected to a network and even industrial control systems – in typical volumes of double or triple the number of employees. Each poses significant security risks if not protected, managed and monitored. Understanding what these accounts are and where they exist is the first step towards closing a critical security gap
· Best Practice Maturity Model: Each organisation’s environment and needs are different, and determining the most effective approach to secure privileged accounts requires a blend of process changes, policy and technology. The practice of securing privileged accounts should be on-going with continuous evaluation to improve security. This maturity model lays out best practices for baseline, medium and highly effective security, addressing the process changes as well as the tools and solutions necessary to continuously protect and monitor privileged accounts

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Trend Micro has released new research detailing the murky cybercrime supply chain behind much of...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...
State of Industrial Cybersecurity report reveals only 21% of organizations achieved full maturity...