97 percent of senior security executives say attackers are increasingly trying to steal one or more types of credentials, a CyberArk survey reveals.
As organizations move assets to the cloud, increase third-party access to corporate resources, and enable sustained remote work models, attackers are targeting non-traditional user populations that may not be adequately protected.
A marked shift in spear-phishing and impersonation attack patterns
- The most widely reported group facing increased attacks is end-users – including business users with access to sensitive data. A majority of respondents (56 percent) report such users as being increasingly targeted by attackers.
- Attacks are also on the rise against senior leadership (48 percent), third-party vendors and contractors (39 percent), and DevOps and cloud engineers (33 percent).
- Widespread increases in credential theft attempts were reported for personal data (70 percent) and financial systems and data (66 percent). This is clear evidence of attackers’ interest in gaining “high-value” access – access to highly sensitive systems that are often held by end-users rather than administrators for example.
Security leaders embracing zero trust identity security
In response to these shifting attack patterns, security leaders are embracing zero trust models:
- 88 percent of respondents said adopting more of a zero trust approach is “very important” or “important.”
- To implement a zero trust model, the top priority was controls focusing on identity and access management (IAM), chosen by 45 percent of respondents.
- Several types of IAM controls were favored to protect access to sensitive systems. Just-in-time access controls were highly valued, with 87 percent of respondents saying reducing standing privileges is an “important” or “very important” aspect of zero trust.
A need for security solutions that work despite internal constraints
Because attackers recognize the value of non-IT identities and are exploiting weaknesses in protecting these identities because of operational challenges, there is a need for security solutions that work despite internal constraints:
- Endpoint security remains an operational challenge for 94 percent of respondents – 46 percent said that installing and maintaining agents made endpoint security challenging.
- 86 percent said user experience optimization is “important” or “very important,” highlighting a need for security tools and policies that will not be bypassed or ignored due to security fatigue.
“Reverberations from the SolarWinds attack continue to underscore the need to protect privileged credentials and break the attack chain to organizations’ most valuable assets,” said Mike O’Malley, Sr VP, Global Marketing, CyberArk.
“As new identities multiply across the enterprise, this survey emphasizes the importance of a zero trust-based approach to identity security. For security leaders seeking to mitigate the risks of spear-phishing, impersonation attacks and other forms of compromise, we believe the peer experiences captured in the CISO View reports will serve as an invaluable tool, no matter where their organization is on the zero trust maturity curve.”