Page 75 - Cyber Defense eMagazine September 2022
P. 75
2. Control endpoint privileges. No regular user should ever have standing administrative rights on
their device. At the same time, administrators shouldn’t be allowed to log on to end-user devices.
That way, even if an attacker gains access to an endpoint, they won’t have the privileged
credentials they need to expand the scope of their attack.
3. Minimize standing privilege. Built on the principle of least privilege, Zero Standing Privilege
(ZSP) is a new approach coined by Gartner that aims to eliminate all standing privilege and deliver
only the minimum privilege required for the minimum amount of time. Adopting a Zero Trust
Privileged Access model that includes ZSP and JITA can mitigate the risks of golden ticket
attacks.
With geopolitical tensions at its height, critical infrastructure and supply chain organizations in particular
need to be vigilant in containing the risk of stolen credentials and privilege abuse. In fact, the 2022 IBM
Cost of a Data Breach Report found that almost 80% of critical infrastructure organizations studied don’t
adopt zero trust strategies, even as “concerns over critical infrastructure targeting appear to be increasing
globally over the past year.” Of the breaches against critical infrastructure organizations, 28% were
ransomware and destructive attacks aimed at disrupting global supply chains. From standing privilege
granted to internal users to access given to partners and other third parties, you can open yourself up to
not only compromised credentials, but lateral attacks once attackers gain access to your environment.
Looking ahead, organizations need to take the proper steps to eliminate standing privilege and cut off
attackers’ ability to move about their environment, as it may be our best move for tamping down
increasingly bold attacks.
About the Author
David Levine CISSP, has over 20 years of experience in technology and
cybersecurity and has published articles and blogs in these fields. David
has held information security leadership roles at public traded companies,
SMB’s, and startups.
David is currently the Director of Solution Architects at Remediant, in this
role he leads Remediant’s Sales Engineering team and works closely with
both the sales and engineering teams. He is responsible for the adoption
and implementation efforts that secure and protect lateral movement and
privileged access which is of utmost importance to both corporations and its
customers. David has held many networking and ethical hacking certifications (sadly due to time
constraints, some have expired).
Cyber Defense eMagazine – September 2022 Edition 75
Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.