2.  Control endpoint privileges. No regular user should ever have standing administrative rights on
                   their device. At the same time, administrators shouldn’t be allowed to log on to end-user devices.
                   That  way,  even  if  an  attacker  gains  access  to  an  endpoint,  they  won’t  have  the  privileged
                   credentials they need to expand the scope of their attack.


               3.  Minimize standing privilege. Built on the principle of least privilege, Zero Standing Privilege
                   (ZSP) is a new approach coined by Gartner that aims to eliminate all standing privilege and deliver
                   only  the  minimum  privilege  required for the minimum  amount  of time. Adopting  a  Zero  Trust
                   Privileged  Access  model  that  includes  ZSP  and  JITA  can  mitigate  the  risks  of  golden  ticket
                   attacks.

            With geopolitical tensions at its height, critical infrastructure and supply chain organizations in particular
            need to be vigilant in containing the risk of stolen credentials and privilege abuse.  In fact, the 2022 IBM
            Cost of a Data Breach Report found that almost 80% of critical infrastructure organizations studied don’t
            adopt zero trust strategies, even as “concerns over critical infrastructure targeting appear to be increasing
            globally  over  the  past  year.”  Of  the  breaches  against  critical  infrastructure  organizations,  28%  were
            ransomware and destructive attacks aimed at disrupting global supply chains. From standing privilege
            granted to internal users to access given to partners and other third parties, you can open yourself up to
            not only compromised credentials, but lateral attacks once attackers gain access to your environment.

            Looking ahead, organizations need to take the proper steps to eliminate standing privilege and cut off
            attackers’  ability  to  move  about  their  environment,  as  it  may  be  our  best  move  for  tamping  down
            increasingly bold attacks.





            About the Author

                                        David Levine CISSP, has over 20 years of experience in technology and
                                        cybersecurity and has published articles and blogs in these fields.  David
                                        has held information security leadership roles at public traded companies,
                                        SMB’s, and startups.

                                        David is currently the Director of Solution Architects at Remediant, in this
                                        role he leads Remediant’s Sales Engineering team and works closely with
                                        both the sales and engineering teams.  He is responsible for the adoption
                                        and implementation efforts that secure and protect lateral movement and
                                        privileged access which is of utmost importance to both corporations and its
            customers.  David  has  held  many  networking  and  ethical  hacking  certifications  (sadly  due  to  time
            constraints, some have expired).









            Cyber Defense eMagazine – September 2022 Edition                                                                                                                                                                                                         75
            Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.