How Critical Access Management Protects Government Entities From Cyber Threats
Every 11 seconds, a company is the victim of a ransomware attack. Compromised protected personal data resulted in 1.8 HIPAA privacy breaches per day in 2020. The cost of global cyber attacks in 2021, according to Cybersecurity Ventures, is expected to cost $ 20 billion.
These numbers add to a big problem for government entities, which are more online than ever, connected to more third parties than ever before, and are a major target for cyber attacks.
Headlines highlight what’s to come
Just grab the paper and you’ll see that cyber threats aren’t going to go away anytime soon. The Russian hackers behind the SolarWinds attack – the one that saw 18,000 customers (including various government organizations) download an affected version of their software – are back. According to Microsoft researchers, the group has targeted more than 140 companies since May, with 14 successful breaches. Many of these companies are government agencies and think tanks adjacent to government. In addition, the Ukrainian group FIN7 has just set up a bogus company to recruit software engineers who would unwittingly participate in hacking and ransomware programs. Even a 10% success rate for Russian hackers is too high, and the Ukrainians’ project is of great concern. With cybercriminals taking more deceptive action than ever before, government entities need to be on their guard.
Third parties remain a major risk for government entities
Third-party access points are one of the most vulnerable attack vectors. Fifty-one percent of violations, in fact, come from a third party. You can’t trust who you don’t know, and third parties are opaque and are not part of an organization’s internal HR system. A single third party can have access to many aspects of an organization, so if they are hacked and the access point to your organization is not secure, it is a recipe for disaster.
Take the SolarWinds hack, for example. The company was a third-party supplier to several government agencies, including the Treasury Department, Homeland Security, and the State Department. This singular third-party incident could have wreaked havoc on huge national government agencies if more recipients had opened the suspicious email. The total damage from that hack is still understood over a year later, according to the New York Times. Of course, that doesn’t even include all state and local government agencies that also use SolarWinds. These small agencies are even more vulnerable due to reduced staff, budget and educational resources.
The vast third-party connections of a single government organization function as a technology supply chain. As soon as a hacker enters, the possibilities are endless. As these headlines show, hackers are getting smarter and government entities, like any organization, are at higher risk.
How Critical Access Management Can Protect Against Cyber Attacks
The greatest vulnerability for an organization is the access point. Government entities are particularly vulnerable here because they have a large number of access points connected to a multitude of third parties and internal systems. Protecting these hotspots, and the assets beyond them, is the best way to stop cybercriminals in their tracks.
Critical access management, or the management and security of high-risk identities, assets, and privileges, can help complex government entities stay secure. Merely protecting the setting is no longer an option, especially since lateral movement is touted as a key factor in hacks (60% of hacks involve lateral movement), so focus on these three aspects of the hack. access is the key to security.
Best practices for access governance, access control and access monitoring
Critical access management has three parts, and applying each other’s best practices (especially for large third-party access points of a government organization) is the most comprehensive way to stay protected.
Access governance: The systems and processes in place to ensure that the access policy is followed as closely as possible.
Access control: Mechanisms to reduce risk, increase visibility and increase friction when it comes to granting or authorizing access rights and privileges.
Access monitoring: Proactively or reactively observe and analyze what happened while a user was logged in.
Each aspect protects an organization in a different way. Access governance helps an organization implement best practices such as least privilege access when defining access policies, linking HR systems and access rights, and performing ‘regular access reviews, which will strengthen any access policy. Access control can prevent access creep – a major risk – as well as set limits to prevent users from accessing critical points or assets. Access monitoring mitigates insider threats by observing sessions and can help an organization debrief and develop better policies after an attack.
It depends on the organization and its needs on how best to implement these three prongs, but the more security and checkpoints the better. A bank safe doesn’t just have a keypad to protect it – it has multi-factor authentication, video cameras installed on top of it, and is only accessible by certain people at certain times. The same should apply to internal systems, networks or databases within a government organization. And with cybercrime estimated to cost the world trillions of dollars by 2025, the price of doing nothing is just too high.
This article was originally published on GovTech.
The article How critical access management protects government entities from cyber threats first appeared on SecureLink.
*** This is a syndicated Security Bloggers Network blog from SecureLink, written by Isa Jones. Read the original post at: https://www.securelink.com/blog/critical-access-management-protects-government-entities/