Businesses in the UK and US are failing to properly implement privileged access management, leaving them at risk of data breaches, ransomware and malware attacks.
This is according to a new report from Forcepoint, based on a poll of more than 1,000 workers, which states that the situation is the same across private and public sectors.
According to Forcepoint, many employees have access to sensitive data that is not needed to perform their jobs effectively.
Some respondents claimed they had needed privileged access in the past, but access was not revoked when no longer necessary. In many other cases, meanwhile, staff received privileged access “for no apparent reason”.
Employees with privileged access not only risk their company’s cybersecurity posture unknowingly, but could also abuse their access to deliberately access materials they shouldn't or to lift company data.
While some will access privileged data out of sheer curiosity, others may be “pressured into sharing the access” with other companies.
“To effectively understand the risk posed by insiders, it takes more than simply looking at logs and configuration changes,” said Nico Popp, Chief Product Officer at Forcepoint.
“Incident-based security tools yield too many false positives; instead IT leaders need to be able to correlate activity from multiple sources such as trouble tickets and badge records, review keystroke archives and video, and leverage UEBA tools. Unfortunately, these are all areas where many organizations fall short."