Towards the end of March 2022, President Biden released a statement about U.S. security. Considering the threat posed by Russia to the U.S., Biden opens with “This is a critical moment to accelerate our work to improve domestic cybersecurity and bolster our national resilience.”
Considering the key themes in the text for Digital Journal, including the impending risk of cyberattacks, is cybersecurity evangelist and privileged access management expert Raj Dodhiawala, president of Remediant.
Dodhiawala sees that many organizations are becoming victims of cyber espionage attacks via state-sponsored agencies and organized cybercrime groups. In addition, Dodhiawala finds a large number of attack surfaces lie unprotected and vulnerable to breaches, allowing a majority of today’s attackers to accomplish their mission by leveraging privilege (or administrative) account sprawl.
Considering the words from the U.S. head of state, Dodhiawala says: “President Biden’s statement on our nation’s cybersecurity is the latest evidence that criminals are searching for opportunities to breach highly-classified information, take down critical infrastructure and much more.”
From this, industry needs to take note opines Dodhiawala: “It’s concerning, but most importantly, it cannot be ignored by the private and public sectors. Organizations — both small and large — need to prepare and bolster their security postures, right now.”
In terms of the main lessons, Dodhiawala says: “The most critical aspect of strengthening cybersecurity defenses is reducing the attack surface, as the majority of today’s attackers accomplish their mission by leveraging privilege (or admin) account sprawl — a very large attack surface. Once an attacker is inside any infrastructure or system, for example, elevating privileges and moving laterally to find crown jewels become relatively straightforward. From there, they can encrypt data to execute a ransomware attack.”
It is also important that businesses look forwards and consider what types of technologies will be necessary for futureproofing. Dodhiawala advises: “Looking ahead, organizations must prioritize protecting their assets against lateral movement by maintaining zero standing privilege (ZSP). This includes protecting admin authorization, and protecting organizations against the discovery of admin credentials, hashes or secrets from inside the network.”
Dodhiawala’s final recommendation is: “Organizations need to develop an incident response plan that you’ve practiced a few times. Being resilient is necessary in today’s cyber world. Being agile and resilient, however, is even better.”
