Inside Out Defense Takes Aim

Inside Out Defense Takes Aim

Unauthorized access to credentials is number one threat vector

  • By Venkat Thummisi
  • Aug 11, 2023

Although the focus of the new SEC cyber rulings are publicly traded companies, most organizations are not prepared to comply with the new reporting guidelines. In the final rule, organizations will be required to disclose processes for assessing, identifying and managing material risks from cybersecurity threats. This puts additional pressure on IT teams and CISOs to update their security posture immediately.  

The number one cybersecurity threat vector is unauthorized access via unused, expired or otherwise compromised access credentials. Most organizations have a challenge regulating this because of the complexities of their infrastructure, apps, business workflows and the third-party eco-system. The downstream impact of improper credential decommissioning, which accounts for 54% of all attacks is testimony to the amount of residual footprint of excess privileged users lurking within organizations in the form of hidden accounts and activities.  

Effectively managing an organization’s access entitlements without an automated solution is time-consuming and error-prone, leaving the door open to hackers. This is why access abuse is the number one threat vector for hackers.  

Irrespective of the modus operandi and manifestation of most cyber breaches, credentials are a key pillar contributing towards privilege abuse leading to organizational disruption. The sophistication of cyberattacks is perpetrated through unused, old, expired and otherwise mismanaged access credentials are increasing by the minute, at the same time as it’s becoming challenging to respond to these attacks in an organized and timely manner.   

According to Cybersecurity and Infrastructure Security Agency (CISA), valid account credentials are the root of most successful threat actor intrusions of critical infrastructure networks as well as state and local agencies.  

Organizations can act now and get ahead the number one hacker threat vector by implementing available tools that discover all user footprint across all the organizations to build the context and lineage behind every user to derive the intent behind who, what and why. Doing so will help alleviate pressure on IT teams, making it possible to closely monitor and manage access privileges in real-time across all environments.

About the Author

Venkat Thummisi is the co-founder and CTO, at Inside Out Defense.

Featured

  • Security Industry Association Announces the 2026 Security Megatrends

    The Security Industry Association (SIA) has identified and forecasted the 2026 Security Megatrends, which form the basis of SIA’s signature annual Security Megatrends report defining the top 10 factors influencing both near- and long-term change in the global security industry. Read Now

  • The Future of Access Control: Cloud-Based Solutions for Safer Workplaces

    Access controls have revolutionized the way we protect our people, assets and operations. Gone are the days of cumbersome keychains and the security liabilities they introduced, but it’s a mistake to think that their evolution has reached its peak. Read Now

  • A Look at AI

    Large language models (LLMs) have taken the world by storm. Within months of OpenAI launching its AI chatbot, ChatGPT, it amassed more than 100 million users, making it the fastest-growing consumer application in history. Read Now

  • First, Do No Harm: Responsibly Applying Artificial Intelligence

    It was 2022 when early LLMs (Large Language Models) brought the term “AI” into mainstream public consciousness and since then, we’ve seen security corporations and integrators attempt to develop their solutions and sales pitches around the biggest tech boom of the 21st century. However, not all “artificial intelligence” is equally suitable for security applications, and it’s essential for end users to remain vigilant in understanding how their solutions are utilizing AI. Read Now

  • Improve Incident Response With Intelligent Cloud Video Surveillance

    Video surveillance is a vital part of business security, helping institutions protect against everyday threats for increased employee, customer, and student safety. However, many outdated surveillance solutions lack the ability to offer immediate insights into critical incidents. This slows down investigations and limits how effectively teams can respond to situations, creating greater risks for the organization. Read Now

Most   Popular

New Products

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.