Category: News

Why Privileged Access Management Must Be Part of Your Overall IAM Strategy

This article is written by Patrik Horemans (IBM) Source: Security Intelligence.

In the past, the urgent need to secure privileged accounts has led organizations to implement a privileged access management (PAM) solution as a standalone track. Many companies have invested or are investing in products to help them secure access, get usage under control, provide detailed audit trails and implement processes.

Securing the use of these accounts is, and will remain, a good security practice. After all, a recent survey from Centrify revealed that more than 70 percent of breaches involved the abuse of privileged accounts in one way or another.

Today, however, companies are starting to understand that the management of access to privileged accounts should be an integral part of their overall identity and access management (IAM) strategy. This means it should be built into core IAM processes such as provisioning, deprovisioning, access risk mitigation and segregation of duties. Furthermore, the implementation of such a solution should be integrated into company security processes to gain visibility into risks across the landscape of both privileged and nonprivileged users, and be part of the business’s overall security monitoring and risk mitigation strategy as well.

A Life Cycle for Privileged Account Access

When you implement a PAM solution as a standalone project, you will often face the same challenges that you had before.

In other words, granting access to privileged accounts is not necessarily better than the manual process you had before, and will result in collecting more and more access rights over time, leaving you again in a vulnerable state with too much access. Administrators, developers and third parties need certain access levels to do their jobs, but PAM solutions alone age poorly through the life cycle of giving, maintaining and revoking access to privileged accounts. In fact, they rely on external processes, such as adding the right people to the right groups, either in the PAM solution or directories such as Active Directory.

There has to be a process around the PAM solution to manage the hygiene of access. Companies that do not have the proper automated processes in place will face an issue they had before: permission scope creep, or the expanding collection of access to privileged accounts over time by a user as a result of changing roles, jobs, departments, etc. The challenges these security teams had before with shared passwords and the management of personal administrative accounts are now moved to the access model for privileged accounts. This is why it’s crucial for organizations to implement an automated life cycle process for privileged account access.

Avoid Toxic Access Combinations That Lead to Risk

PAM solutions give you a simple way to know who can access and use privileged accounts. However, the combination of access to systems, devices and applications, as well as any related privileged accounts, often presents a risk to the enterprise.

For example, a user has access to an application that uses a database to store its data. That same user also has access to the privileged account to manage the database. As such, he or she will be able to change things in the database, circumventing the business and authorization controls from the application. If they also have access to the privileged account that manages the operating system, they could clear audit traces. This could be a toxic combination of access that should be avoided from a security and compliance perspective.

Toxic access combinations related to PAM solutions usually fall into three categories:

  1. Combinations related to the PAM solution itself, for example, the capability to create access to a privileged account and the capability to approve.
  2. Combinations related to the privileged account, for example, the capability to manage a server and the application running on it.
  3. Combinations related to business services and privileged accounts, such as in the example described above.

To avoid these toxic combinations of access, security teams should implement segregation of duties (SoD) controls. But these can only be implemented when you have adequate visibility into the access for both privileged and nonprivileged accounts. PAM solutions typically don’t have SoD enforcement capabilities and therefore another system, such as an identity governance tool, should be implemented.

To be able to implement SoD controls, you need visibility across privileged access and normal business user access. You will need a solution that can read and combine information from both sources.

Optimize Recertification Campaigns With Identity Governance Tools

Another area to consider, both as part of the access life cycle for privileged accounts and for compliance reasons, is the capability to recertify access to privileged accounts on a regular basis. PAM solutions typically don’t have this capability. Some companies use manual processes with spreadsheets and emails. While this might work, it is a cumbersome and error-prone process. It also provides little context on why someone would still need that access.

Integration with identity governance solutions can provide capabilities to automate regular recertification campaigns in an understandable business language so that approvers understand clearly what they are approving. Recertification campaigns will help companies to prove compliance as well. Proving compliance and maintaining clean and healthy access requires a solution that can automate recertification campaigns in an optimal way. Integrating campaign results with life cycle automation also improves efficiency and consistency.

By integrating a PAM solution with identity governance and administration (IGA) tools, you will get a holistic view across your enterprise over privileged and nonprivileged users. This will allow you to introduce processes across both domains and manage access seamlessly. It will help to analyze access and permissions, find anomalies, understand risk and consolidate audit and reporting capabilities. Risks such as segregation of duties can also be mitigated.

Integrating a PAM solution with an IGA tool will accomplish the following:

  • Access life cycle to avoid scope creep and good access hygiene.
  • Recertification campaigns to prove compliance.
  • SoD controls to avoid risks across privileged accounts and business infrastructure and applications.

Secure Your Privileged Access Management Solution by All Means

Finally, events related to privileged access should be processed by a security information and event management (SIEM)platform to compare indicators of compromise with other real-time threats to prioritize alerts by risk. User behavior analytics (UBA) can also help organizations flag unusual activity, such as high-risk behaviors or the granting of uncommon access levels.

On last consideration is the area of secured access to the PAM interface. Think about it: A PAM solution contains all the keys to the kingdom. A PAM user can access a whole bunch of privileged accounts during his or her work day. This also means that if a PAM user’s credentials are stolen, the thief has access to these privileged accounts and could have total control of the environment.

Therefore, it’s crucial to secure access to your privileged access management solution with capabilities such as multifactor authentication (MFA) and risk-based access controls. You want to avoid malicious access to your PAM solution — as well as your identity and access management system as a whole — by any and all means.

Source: Security Intelligence.

Learn more and join our Round Table on the 25th of September!

CyberArk wins a Fortress Cyber Security Award

The Business Intelligence Group announced the winners of the 2019 Fortress Cyber Security Awards on the 5th of June. We are happy to see that CyberArk is one of those winners. Congratulations are in order!

The business award program sought to identify and reward the world’s leading companies and products that are working to keep our data and electronic assets safe among a growing threat from hackers. Working executives from the cybersecurity and information technology fields volunteered to judge the program using a proprietary scoring methodology.

“The security of our online identities and data is rapidly becoming as important as our physical security,” said Maria Jimenez, Chief Nominations Officer, Business Intelligence Group. “We are proud to recognize all of our winners who are working to prepare, defend and respond to this growing threat. Congratulations to everyone.”

Read the whole story, including the winners, on Fortress

Zero Trust: Why Your Most Privileged Users Could Be Your Biggest Security Weakness

Your security infrastructure is there to protect your organization from malicious threats. That much is obvious, but what happens when a user’s credentials are compromised and threat actors access your systems? This could expose your company to a data breach and all the reputational damage, operational downtime and financial costs that come with it. But all access is not created equal. What would happen to your organization if one of your privileged users had their identity compromised? Privileged account management (PAM) helps protect against the most dangerous data breaches because it enables you to closely monitor your most sensitive accounts.

Protecting Your Privileged Users Is Paramount

The majority of security breaches involve the compromise of user and privileged accounts via attack vectors such as phishing, malware, and other means. Once the attacker establishes a foothold in the network, the next step is to find and hijack a privileged account, enabling the actor to move laterally across the network while appearing as a legitimate user. At this point, the malicious activity can begin. Attackers often search compromised networks for valuable data such as personally identifiable information (PII), intellectual property and financial data. Such sensitive information enables threat actors to commit financial fraud as well as other crimes. The bottom line is that protecting critical data means protecting your most valuable users. That’s why Gartner recognized privileged account management in its “Top 10 Security Projects for 2019,” along with detection and response, cloud security posture management, business email compromise, and more. The research firm also placed PAM on its 2018 list. Further demonstrating the criticality of PAM is a Centrify survey that revealed 74 percent of data breaches involve unauthorized access to a privileged account. If privileged access is the most fruitful point of attack for cybercriminals, why are so many companies still not taking even basic steps to prevent this abuse? For the full article please visit the following link. Source: Zero Trust: Why Your Most Privileged Users Could Be Your Biggest Security Weakness

SecurIT Europe: Our 2018 in review

2018 was a beautiful year for SecurIT in Europe.

  • We realized an 18% growth within our European resource pool 
  • Our innovation power was proven by completing over thirty certification pathways. 
  • With over 90 successful projects, we substantially extended our customer base. 
  • 2 new partnerships were added to our portfolio with market leader vendors in the Identity and Access Management (IAM) space: Okta and Omada 
  • Last but not least, we went global in 2018 by acquiring U.S. based Palmetto Security Group in Greenville, South Carolina almost doubling our staff and our services across the ocean 

Hard work pays off they say, by the end of 2018 SecurIT was ranked 2nd in the category security and 73rd overall in the MT1000, the most extensive survey among business decision makers on the quality and popularity of business service providers in the Netherlands.  

All of the above are exciting reasons for us to look back on a successful 2018!!  

Our growth  
18% growth of our resource pool 

Completed over thirty certification pathways 

New partnerships with Okta and Omada 

Project delivery  
Extension of customer base 

Delivered over 90 successful projects 

Going global  
Acquired U.S. based company, Palmetto Security Group

Next level Privileged Account Management Protect Privileged Accounts from hackers and insider threats

Round table IBM/SecurIT, 25 september 2018, Woerden Privileged Accounts bieden vaak onbeperkte toegang tot systemen en data en dat brengt risico’s met zich mee. Volgens Forrester kunnen 80% van alle breaches gerelateerd worden aan Privileged Accounts. Succesvol Privileged Account Management (PAM) is daarmee een behoorlijke uitdaging. Beheerders hebben Privileged Accounts nodig, bijvoorbeeld voor het installeren van software-updates en het resetten van wachtwoorden. Helaas zijn de gebruikers van Privileged Accounts steeds vaker het doelwit van cyberaanvallen. De beheerders zelf zijn meestal niet het probleem; het zijn hun gewilde inlogaccounts die niet altijd aan een persoon zijn gekoppeld, die een gevaar zijn. En als accounts onbeheerd blijven, kunnen onbevoegden volledige controle over computersystemen krijgen. Veel organisaties kampen met dezelfde vragen op het gebied van Privileged Accounts. Tijdens de rondetafel in Woerden konden zij sparren en discussiëren met vakgenoten en hun kennis en ervaringen op dit gebied delen. Privileged Account Management ontwikkelt zich snel. Is het efficiënt geregeld of is er ruimte voor verbetering? Om de snelle ontwikkeling van Privileged Accounts Management toe te lichten, geeft SecurIT een presentatie. Doel: de belangrijkste problemen op dit gebied in kaart brengen. De presentatie zorgt voor veel herkenning bij de deelnemers; verouderde wachtwoorden kent iedereen. Opgemerkt wordt ook dat het beveiligingsprobleem niet alleen speelt binnen het serverpark, maar zeker ook op werkstations van individuele kantoormedewerkers. Iedereen is zich ervan bewust dat er veel ruimte voor verbetering is. Voor sommigen is de stap naar PAM gewoonweg nog te groot: “Alle processen eromheen: dat is gewoon teveel op dit moment.” Daarop wordt opbouwend gereageerd: “Als je weet wat de eerste stap is, is dat ook al heel wat.” Diverse deelnemers hebben in hun eigen organisatie al analyses uitgevoerd om het probleem in kaart te brengen (en niet alleen op de OS-laag): bij clouddiensten, hosted services, in SAP-omgevingen. Er worden stappen gezet, proof of concepts opgezet, maar het afdwingen en naleven van policies, ook in samenspraak met externe leveranciers, blijft lastig. Waar zit het grootste risico? Welke problemen zijn er? Bij beveiliging is het altijd een afweging van risico’s, zo is de consensus. Zomaar alles aanwijzen als ‘insecure’ is niet werkbaar. Te strikte securitymaatregelen werken averechts. “Je moet aanmerken waarmee je echt onderuit kunt gaan. Met te strenge maatregelen maken ‘security-theoretici’ hun eigen zaak kapot. Soms is er alleen in theorie een probleem.” Zo kun je nu eenmaal niet elke uitzendkracht die een lopende band in werking moet zetten, een eigen account geven. In zo’n geval kun je bijvoorbeeld zoneringen aanbrengen, zodat je jezelf beschermt tegen schades door buitenstaanders. Dat kan echter weer conflicten met beheerders veroorzaken, omdat zij niet via een beheerzone willen werken. En soms, zo wordt gesteld, kun je dingen het best op een manier regelen die in theorie ‘niet klopt’, omdat bijvoorbeeld een productieproces niet stil mag komen te liggen. Dit kan zelfs zover gaan als geen wachtwoord toekennen, of het wachtwoord delen met collega’s. Toegang geven en samenwerking met vendors is ander een heikel punt, zo onderkennen de deelnemers. Waartoe autoriseer je hen? Hoe bepaal je wanneer en waartoe zij toegang hebben? Sommige organisaties hebben te maken met honderden externe leveranciers waarvoor dit allemaal moet worden geregeld, bijvoorbeeld voor het doen van onderhoud. Tijdens de discussie worden nog diverse andere problemen gesignaleerd, zoals:
  • Hoe ga je om met het aanvragen van rechten op software van externe leveranciers als je die echt nodig hebt? Vanuit de leverancier is vaak een domain-admin-account vereist, anders vervalt de support, terwijl zo’n account niet altijd technisch noodzakelijk is.
  • Eigenaarschap in de organisatie is een ander pijnpunt. Wie weet hoe je het wachtwoord kunt wijzigen? Als daar geen helder antwoord op is, wordt een wachtwoord niet gewijzigd, met alle risico’s van dien.
  • Hoe controleer je wat een externe persoon of organisatie op je netwerk heeft gedaan? Niet altijd worden bewegingen gelogd en de logfiles worden vaak ook niet lang bewaard.
  • Niet alle admin-accounts worden geregistreerd en meegenomen in het IAM-systeem, bijvoorbeeld SAP service accounts.
  • Multi-factor authenticatie is niet het ei van Columbus, maar het zorgt wel voor awareness bij medewerkers.
  • Een deel van de aanwezigen heeft problemen om PAM ingevoerd te krijgen in hun organisatie. Het blijkt voor een deel kennisafhankelijk. Zo goed mogelijk informeren blijkt een goede manier om PAM te stimuleren. Zichtbaar zijn en uitleggen ook, want: “Als je alleen maar iets afpakt, wordt het per definitie vervelend.”
Wat zou een best practice zijn voor Privileged Account Management? Op deze open vraag komen na de koffie verschillende suggesties, waaronder:
  • Zonering in tiered service-modellen: ‘Dat hebben we samen met Microsoft gedaan en het werkt erg goed voor ons. Iedereen went er snel aan.’
  • Per systeem een eigen log-in.
  • ‘We zijn begonnen met terug te werken vanuit de end-points, omdat we de grootste risico’s zien in medewerkers die niet zijn opgeleid als IT’er.’
  • Ga ervan uit dat alle externe devices insecure zijn. Houd de toegang gewoon dicht.
  • Houd het klein, voer een POC (proof of concept) uit. En leer daarvan. Gaat het fout, doe het dan nog een keer.
  • Ook voor de fysieke wereld kunt je per zonering verschillende policies maken: Maak keuzes aan de hand van de verdeling open/kantoor/critical en businesscritical.
  • Zorg ervoor dat je al snel iets kunt laten zien, bijvoorbeeld een POC. Dat helpt bij het overtuigen van mensen.
Wat neem je mee naar huis? Aan het einde van de bijeenkomst wordt de balans opgemaakt. Er zijn – uiteraard – veel verschillende maturity-levels. Niet te hard van stapel lopen, lijkt het devies: “Wees niet te ambitieus; kijk naar de fase waarin je organisatie zit en zet één stapje tegelijkertijd.” “Maak een tussenstap, of zet het op de roadmap 20-30.” Toch zijn diverse deelnemers ook gestimuleerd om met ‘echte’ PAM-tooling aan de slag te gaan: “Alleen een wachtwoordkluis is toch niet genoeg.” Next-level PAM blijkt dus heel situatie-afhankelijk: Het hangt af van de organisatie en bestaande processen of een PAM-oplossing succesvol wordt, ook van hoe sterk de organisatie zich maakt voor implementatie. Vaak geven organisaties bij gebrek aan draagvlak en visie de volgende stap snel op. “PAM wordt als een bedreiging gezien, maar het is eerder een excuus om geen stappen te zetten.” 15 opvallende uitspraken:
  • ‘Bij een bedrijf van 2000 kantoormedewerkers vonden we 7371 Privileged Accounts op 343 servers. Ook waren er 833 PA-hashes en 43.787 administrator hashes. Dat was een eyeopener voor de klant.’
  • ‘Het password was al 11 jaar niet gewijzigd. Is dat erg?’
  • ‘Het begint bij het liquideren van het aantal domain-admins.’
  • ‘Het ligt vaak niet aan technische mogelijkheden tot ingrijpen, maar aan discipline binnen de organisatie.’
  • ‘We hebben er vier jaar over gedaan om een IAM-systeem in ons IT-landschap te brengen. Geen gedeelde accounts meer. Enorme ruzies zijn daarmee gepaard gegaan.’
  • ‘Het leek ons wel veilig om een account te hebben dat niet door PAM wordt gemanaged.’
  • ‘Uiteindelijk wordt het altijd fysiek, je moet naar die server toe en er moet een stekker in het netwerk.’
  • ‘Wij hebben bring your own device de nek omgedraaid.’
  • ‘Als je kwaad wilt, dan lukt dat. Altijd.’
  • ‘Een gevoelig account is niet per definitie een privileged account. Zo’n account kan weer heel andere beveiligingsmaatregelen vereisen, veel procesmatiger of fysieker.’
  • ‘Als je een laag risico hebt, ga je niet iets heel ingrijpends aan je organisatie opleggen.’
  • ‘Maakt geautomatiseerd beheer PAM minder bedreigend?’
  • ‘Beheerders van systemen zijn de moeilijkste groep om mee te krijgen met PAM: ze overschatten zichzelf en zijn zich niet bewust van alle problemen.’
  • ‘IAM wordt al langer gezien als een business enabler. Dat zal PAM ook worden, maar daar zijn we nog niet.’
  • ‘Ik heb nog nooit in de praktijk integratie van IAM- en PAM-tooling werkend gezien.’

Okta Named a Leader in the Gartner Magic Quadrant for Access Management

This week, Gartner released its second Magic Quadrant for Access Management, Worldwide, and Okta was once again named a Leader. They placed highest in “ability to execute” in the report, a recognition Okta also held last year. Gartner’s recognition follows continued momentum for Okta, including its recent customer conference, Oktane18, where the company launched Sign In with Okta, Project Onramp, API Products for One App and ThreatInsight. At Oktane18, Okta also unveiled new partnerships with VMware’s Workspace ONE and Workplace by Facebook. Okta also continues to expand globally, recently announcing that it will be doubling the size of its San Jose office and opening new offices in Washington, D.C., Paris and Stockholm. According to Gartner, “Access management applies to technologies that use access control engines to provide centralized authentication, single sign-on (SSO), session management and authorization enforcement for target applications in multiple use cases (e.g., B2E, B2B and B2C). Target applications may have traditional web application architectures, native mobile architectures or hybrid architectures. Increasingly, target systems include APIs. Smart or constrained devices with or without human operators may be incorporated as well. Applications may run on the customers’ premises or in the cloud.” You can read the details and download the full report here. Gartner Magic Quadrant Access Management 2018

Privileged Account Management is #1 Security Project in 2018 for CISO’s says Gartner

At the beginning of this month Gartner had their annual Security & Risk Management Summit. The event is always a valuable opportunity to learn from top CISOs and security and risk management professionals, to explore leading-edge research and to discuss emerging cyber security trends. Although there were a number of excellent presentations throughout the week, one in particular stood out based on its pragmatic guidance and actionable takeaways. Also, organizations have long term strategic security programs, but they need to demonstrate quick wins along the way. In his talk, “Top 10 Security Projects for Security and Risk Management Organizations,” Gartner VP and Distinguished Analyst Neil MacDonald outlined the top 10 security projects for 2018, based upon a number of criteria: the emerging technologies that support the project are not yet mainstream; the project helps deliver against the CARTA (continuous adaptive risk and trust assessment) approach; and the project has high risk reduction versus resources required as compared to alternatives.**  MacDonald identified privileged account management (PAM) as the #1 focus for organizations. In our opinion, strategic privileged account management projects should be expanded into a longer term program. Comprehensive privileged account management that extends protections to other users and applications across the enterprise, in the cloud, at the endpoint and throughout the DevOps pipeline, will take an integral project to the next level. Ready to get started?  Start by prioritizing the implementation of controls for protecting privileged credentials to drive tangible results quickly. A CyberArk report, “Rapid Risk Reduction: A 30-Day Sprint to Protect Privileged Credentials,” outlines a proven framework for an intensive sprint of approximately 30 days to help reduce risk and achieve quick wins. Don’t stop there. After demonstrating the value of protecting privilege across high-risk areas to key stakeholders, it’s time to take a phased approach to expand coverage to new areas, evolving these projects into long-term, business-critical cyber security programs.  For guidance, we encourage you to download the CyberArk  Privileged Access Security Hygiene whitepaper. *Gartner, Smarter with Gartner, Gartner Top 10 Security Projects for 2018, June 6, 2018 **Gartner, Gartner Security & Risk Management Summit 2018 agenda, Source:

SecurIT’s participation at Heliview IAM congress 2018

We look back at a successful day at the Heliview IAM congress 2018 . A combination of inspiring sessions about what’s hot in the IAM landscape. The day was divided in three different themes: Getting the basics right and get in control, IAM scalability and flexibility in different IAM infrastructures (hybrid, cloud and on-prem), Future ready IAM. For our presentation we focused on the second theme. Peter Giervield, Security Architect at SecurIT was one of the speakers. Our presentation was about “Getting the Cloud under control” and SecurIT’s Best Practices. SecurIT’s best practices (SBP) is a method we use to help our clients with the whole IAM project. It’s basically a basic installation based of all the previous expertise, where 90% is preset and 10% can be customized. It speeds up the process to get to the first actual production deployment. It’s optional, custom projects will always be possible, they just require more time. He also talked about the cloud, and how “the cloud” doesn’t exist, as in one single cloud. There are many different cloud solutions such as Private, Public or Hybrid clouds. But also, IaaS/PaaS/SaaS/FaaS/MSaaS and XaaS with all kinds of different deployment models. Currently we notice that clients mostly look at the following vendors: Amazon (AWS), Google (Google Cloud), Microsoft (Azure), IBM (IBM Cloud), Digital Ocean etc. On the exhibition floor there were many different IAM solution providers pitching their solutions. We were able to tell people about our company as implementation partner of different IAM solutions. And how we differentiate ourselves from other implementation partners. Mainly by having a permanent staff in a business where knowledge sharing is key and the 18 years experience we bring with us. We hope to see you at our next events. Got any questions? Give us a call.

We look back at a successful Round Table on IAM by SecurIT and IBM

Yesterday on May 3rd we invited some IAM professionals to discuss different IAM issue’s and current trends in the Identity & Access Management landscape. This gave us the opportunity to learn from each other and share some customer stories as knowledge partner at the table. For this round table we selected Kasteel Woerden as location. We look back at a successful day where everyone received plenty food for thought. A short summary below on some of the topics that we discussed. The first topic we discussed was how we currently deal with the automated life cycle management. This means the whole onboarding/off-boarding process and giving people the right access from begin to end. It became clear that for most it’s currently only partly automated and a lot is still done by hand. Which means there is a lot of time to win and this gets more important everyday with the lack of good security resources. Another topic was scalability of the IAM services within an organization and how people thought about moving from on premise solutions to the cloud. Many pro’s and con’s regarding the cloud came by. The most important concern was trust. How can you be sure the cloud supplier has the same high security requirements as you do, or where is the data stored? One of the ways you can check this is by looking at their certification. Not just everyone can walk into their datacenters. Most agreed that for the time being there will be many hybrid solutions, with part cloud and part on premise. We also talked about Identity Management and how you can use context to gain trust and when to force a second authentication, when trust us low. For example, if the same person logs on from a new location a 2-factor-authentication might be required. But it goes even further than that, for example how quickly you type in your password. These can all be triggers to ask for the extra verification. Resources, specially how to use them productively, was touched during many topics, but very specific during the cloud discussion. If you move your IAM functions to the cloud, would you still need all these security resources on-premise? How much of the responsibility are you willing to give away? It became clear that you will always need your security resources on-premise to manage these new cloud solutions. Knowledge is power and it can be too risky to depend only on third parties for this. The last topic we discussed was how to handle privileged accounts and how to make sure they are secured. Many different solutions can help with this, but it became clear most of the professionals prefer to store the credentials in a vault. From there you can secure the way the organization works with the most sensible credentials. If a change has to be made this can be requested by sending a change request. This way you will always know who and why is inside your system. You can even shield some of the privileged functions and only give access to the ones that are required and for a limited period. We are looking forward to the next one. Didn’t get invited or where you unable to attend this one? Let us know and we will keep you updated on when the next one takes place. Got urgent questions? Give us a call.

Less than 30% can prevent ransomware attacks

Less than 30 percent of IT security executives who responded to a recent survey reported that they would be able to prevent large-scale ransomware attacks. Despite this, SolarWinds MSP’s new report, “The 2017 Cyberattack Storm Aftermath,” found that IT security executives have a high level of knowledge of crypto-malware. More than two-thirds (69 percent) of respondents said they were deeply familiar with ransomware attacks such as WannaCry, which infected hundreds of thousands of endpoints within 48 hours earlier in May 2017, and Petya, which affected systems in dozens of countries in June 2017. This familiarity led approximately three-quarters of survey participants to rate the risk of both WannaCry and Petya as very high, but it didn’t translate to better protection against this type of incident. While most respondents indicated that they would be able to detect WannaCry (72 percent) and Petya (67 percent), only 28 percent and 29 percent, respectively, said they would be able to prevent these attacks. For the full article please visit the following link. Source: Less Than 30 Percent of IT Security Executives Can Prevent Ransomware Attacks, Survey Reveals