SlideShare a Scribd company logo

Cyber 101: An introduction to privileged access management

Download as PPTX, PDF
S
seadeloitte

Privileged access management (PAM) is the combination of tools and technology used to secure, control, and monitor access to an organization's critical information and resources. PAM solutions typically include an access manager to control employee access, a session manager to monitor privileged user actions, and a password manager to protect and enforce password policies. PAM is important because the majority of data breaches start with privileged credential abuse, and it can help organizations comply with regulations, recover from attacks faster, and save both time and money.

Services
1 of 10
Downloaded 12 times
1
2
3
4
5
6
7
8
9
10
An introduction to privileged access management March 2020
Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 2 What is it? Privileged access management https://www.netprotocol.net/gartner-privileged-access-management-is-the-1-cyber-security-priority/ http://blog.wallix.com/what-is-privileged-access-management-pam http://blog.wallix.com/privileged-access-management-features-pam-features https://www.beyondtrust.com/resources/glossary/privileged-access-management-pam What does it comprise? While PAM solutions vary in their design, most of them consist of these three components: • Access Manager – Manage all employee access from a single portal • Session Manager – Monitor all privileged user actions in real-time • Password Manager – Protect passwords and enforce password policies Session Manager Password Manager Access Manager T e x t Privileged Access Management Gartner has named privileged access management the #1 cyber security priority for organisations. But what exactly does privileged access management entail? ‘Privileged access’ encompasses access to critical systems - computers, networks and network devices, software applications and other digital assets. Privileged access management (PAM) is thus, the combination of tools and technology used to secure, control and monitor access to an organisation’s critical information and resources.
Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 3 An overview Key components of PAM http://blog.wallix.com/privileged-access-management-features-pam-features The Session Manager provides real-time monitoring of privileged users to prevent and detect suspicious activity. It tracks and creates an audit trail of actions taken during a privileged account session. The Password Manager helps with controlling passwords and enforcing password policies. This allows regular rotation and revocation of passwords while maintaining them in a centralised and encrypted vault. The Access Manager helps security teams to manage all employee access on a single portal, from which: - Privileged user can request access, and - Administrators can disable a privileged user’s access
Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 4 Overview Why do organisations need PAM? 74% of data breaches start with privileged credential abuse (Source: Centrify) of healthcare employees would sell confidential data for just USD500 to USD1000 (Source: Accenture) of employees know of someone who has sold privileged credentials to outsiders (Source: Accenture) 18% 24% A standard data breach can cost and organisation an average of USD3.92 million. Enterprises that prioritise privileged credential security are able to ensure that their operations will not be interrupted by a breach, hence by creating a formidable competitive advantage over their peers in time and costs.
Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 5 Benefits of PAM Why do organisations need PAM? Powerful security solution • PAM is a powerful security solution that can be used to improve insights into vulnerability assessments, IT network inventory scanning and identity governance, among other things. This enhancement of cyber security serves as a deterrence to many cyber criminals. Saves time and money • Most cyber security solutions only reduce risk but bring no additional business value. However, employing the right PAM solution can increase productivity by giving employees access to systems and applications faster and more securely. This enables CISOs to get more done with the same budget. Fast track to compliance • With strong security control recommendations, PAM develops a good baseline of policies that can help to fast-track your compliance standards to align with industry and government regulations. Quick recovery from cyber-attacks • A PAM solution enables you to quickly audit privileged accounts that have been used recently, identify passwords that have been changed, and determine which applications have been executed. https://www.netprotocol.net/gartner-privileged-access-management-is-the-1-cyber-security-priority/
Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 6 Case study: Capital One Bank How breaches could have been prevented with PAM Read more: The New York Times One of the most high profile cases of 2019 was the data breach of Capital One Bank, of which over 100 million customer accounts and credit card applications were exposed. How the breach occurred: Paige Thompson, former Amazon AWS employee (Capital One’s cloud hosting service), took advantage of misconfigurations in Capital One’s cloud services and firewalls. She bypassed the firewalls, used web application firewall credentials to obtain privilege escalation and gained access to more and more sensitive data. Consequences: As a result of the breach, the following were stolen from Capital One’s database: - More than 140,000 social security numbers - 1 million Canadian Social Insurance numbers - 80,000 pieces of banking and credit information - Undisclosed number of names, addresses, credit scores, and more
Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 7 Case study: Facebook How breaches could have been prevented with PAM Read more: Cnet In October 2019, global social media giant, Facebook, encountered yet another data breach when hackers took over a single account belonging to one of its biggest data partners. How the breach occurred: Hackers commandeered the personal account of a LiveRamp employee who had privileged access to advertising accounts on Facebook. Using that personal account, hackers gained access to the company’s Business Manager account, allowing them to run ads with LiveRamp’s customers’ money. Consequences: Using that access, hackers ran a series of ads on LiveRamp’s customer accounts on Facebook. They spent thousands of those victims’ dollars to trick viewers into buying fake products. One of the ads had been viewed more than 60,000 times and directed visitors to a page designed to steal people’s credit card numbers.
Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 8 Case study: Marriott International How breaches could have been prevented with PAM Read more: CSO Online In late 2018, hotel chain Marriott International discovered unauthorised access within Starwood’s reservation system, a subsidiary Marriott acquired in 2016. Internal investigation determined that Starwood’s network was compromised in 2014, which meant that there had been unauthorised access for 4 years into Starwoods’ systems by the time it was found out. How the breach occurred: Attackers managed to take control of a user account with privileged access to make a database query. The user credentials were stolen using a Remote Access Trojan (RAT) along with Mimikatz, a tool used to find out username/password combos in system memory, that were placed onto the server. Consequences: Up to 500 million guest records were stolen, including extremely sensitive information like credit card and passport numbers.
Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 9 How breaches could have been prevented with PAM How PAM might have helped 1. Real-time session monitoring could have caught and detected the suspicious activities of hackers, terminated such sessions, and alerted the security teams, preventing an incident from happening. 2. The segmentation of user privileges could have prevented hackers from bouncing from one resource to another. 3. Besides multi-factor authentication (MFA), PAM also checks for circumstances surrounding privileged access (e.g. time and IP location). If caught as unauthorised, access would be denied even if credentials were otherwise valid. 4. A strong PAM solution would have hidden the very existence of sensitive resources to users who do not have privileged access. If hackers were in the system with credentials that have no database access, they would not even be able to see personal information, much less query against it and retrieve it. http://blog.wallix.com/biggest-data-breaches-2019
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (“DTTL”), its global network of member firms, and their related entities. DTTL (also referred to as “Deloitte Global”) and each of its member firms and their affiliated entities are legally separate and independent entities. DTTL does not provide services to clients. Please see www.deloitte.com/about to learn more. Deloitte is a leading global provider of audit and assurance, consulting, financial advisory, risk advisory, tax & legal and related services. Our global network of member firms and related entities in more than 150 countries and territories (collectively, the “Deloitte organisation”) serves four out of five Fortune Global 500® companies. Learn how Deloitte’s approximately 312,000 people make an impact that matters at www.deloitte.com. Deloitte Asia Pacific Limited is a company limited by guarantee and a member firm of DTTL. Members of Deloitte Asia Pacific Limited and their related entities, each of which are separate and independent legal entities, provide services from more than 100 cities across the region, including Auckland, Bangkok, Beijing, Hanoi, Ho Chi Minh City, Hong Kong, Jakarta, Kuala Lumpur, Manila, Melbourne, Osaka, Shanghai, Singapore, Sydney, Taipei, Tokyo and Yangon. About Deloitte Singapore In Singapore, services are provided by Deloitte & Touche LLP and its subsidiaries and affiliates. This communication contains general information only, and none of Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively, the “Deloitte Network”) is, by means of this communication, rendering professional advice or services. Before making any decision or taking any action that may affect your finances or your business, you should consult a qualified professional adviser. No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person who relies on this communication. © 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd

More Related Content

PPTX
Identity and Access Management Introduction
Aidy Tificate
 
PPTX
Zero Trust Model
Yash
 
PDF
Identity and Access Management 101
Jerod Brennen
 
PPTX
Vulnerability assessment and penetration testing
Abu Sadat Mohammed Yasin
 
PPTX
Cloud security and security architecture
Vladimir Jirasek
 
PDF
Cloud Computing Risk Management (IIA Webinar)
Brian K. Dickard
 
PPTX
Intel IT's Identity and Access Management Journey
Intel IT Center
 
PPTX
Azure security and Compliance
Karina Matos
 
Identity and Access Management Introduction
Aidy Tificate
 
Zero Trust Model
Yash
 
Identity and Access Management 101
Jerod Brennen
 
Vulnerability assessment and penetration testing
Abu Sadat Mohammed Yasin
 
Cloud security and security architecture
Vladimir Jirasek
 
Cloud Computing Risk Management (IIA Webinar)
Brian K. Dickard
 
Intel IT's Identity and Access Management Journey
Intel IT Center
 
Azure security and Compliance
Karina Matos
 

What's hot (20)

PDF
CHFI v10
SagarNegi10
 
PPTX
Identity Access Management 101
OneLogin
 
PDF
introduction to Azure Sentinel
Robert Crane
 
PPTX
Identity and Access Management (IAM): Benefits and Best Practices 
Veritis Group, Inc
 
PDF
Microsoft Zero Trust
David J Rosenthal
 
PPT
Building an Effective Identity Management Strategy
NetIQ
 
PPTX
Cloud Security
AWS User Group Bengaluru
 
PPT
The Gartner IAM Program Maturity Model
Sarah Moore
 
PPTX
cloud security ppt
Devyani Vaidya
 
PPTX
Identity & access management
Vandana Verma
 
PDF
Cloud security
BikashPokharel3
 
PDF
Overview of the Cyber Kill Chain [TM]
David Sweigert
 
PDF
Microsoft Azure Cloud Services
David J Rosenthal
 
PPTX
SABSA overview
SABSAcourses
 
PDF
Introduction to Microsoft Azure Cloud
Dinesh Kumar Wickramasinghe
 
PPTX
Azure role based access control (rbac)
Srikanth Kappagantula
 
PDF
AWS Cloud Practitioner Tutorial | Edureka
Edureka!
 
PDF
Cloud computing understanding security risk and management
Shamsundar Machale (CISSP, CEH)
 
PPTX
Zero Trust
Boaz Shunami
 
PPTX
Secure SDLC Framework
Rishi Kant
 
CHFI v10
SagarNegi10
 
Identity Access Management 101
OneLogin
 
introduction to Azure Sentinel
Robert Crane
 
Identity and Access Management (IAM): Benefits and Best Practices 
Veritis Group, Inc
 
Microsoft Zero Trust
David J Rosenthal
 
Building an Effective Identity Management Strategy
NetIQ
 
Cloud Security
AWS User Group Bengaluru
 
The Gartner IAM Program Maturity Model
Sarah Moore
 
cloud security ppt
Devyani Vaidya
 
Identity & access management
Vandana Verma
 
Cloud security
BikashPokharel3
 
Overview of the Cyber Kill Chain [TM]
David Sweigert
 
Microsoft Azure Cloud Services
David J Rosenthal
 
SABSA overview
SABSAcourses
 
Introduction to Microsoft Azure Cloud
Dinesh Kumar Wickramasinghe
 
Azure role based access control (rbac)
Srikanth Kappagantula
 
AWS Cloud Practitioner Tutorial | Edureka
Edureka!
 
Cloud computing understanding security risk and management
Shamsundar Machale (CISSP, CEH)
 
Zero Trust
Boaz Shunami
 
Secure SDLC Framework
Rishi Kant
 
Ad

Similar to Cyber 101: An introduction to privileged access management (20)

PDF
How LoginRadius CIAM Enhances Developer Experience: 5 Key Benefits
Kevin Mathew
 
PDF
A smarter way to manage identities
Matthew Zielinski, CISSP, CBCP
 
PPT
Dr K Subramanian
eletseditorial
 
PDF
Cyber Security Privacy Brochure 2015
sarah kabirat
 
PDF
Intro To Secure Identity Management
Product Marketing Services
 
PDF
Understanding Identity Management and Security.
Chinatu Uzuegbu
 
PDF
How Sigma Solve Resolves Cybersecurity Challenges
Sigma Solve Inc.
 
PDF
TOP SAILPOINT INTERVIEW QUESTION
Infosec Train
 
PDF
Cyber-Security-Whitepaper.pdf
Anil
 
PDF
Cyber-Security-Whitepaper.pdf
Anil
 
PDF
Identity Access Management(IAM) - Government Market Report
ResearchFox
 
PPTX
2017 october supplementary_reading
seadeloitte
 
PDF
Securing Your Intellectual Property: Preventing Business IP Leaks
Hokme
 
PDF
How Sigma Solve Resolves Cybersecurity Challenges.pdf
Sigma Solve Inc.
 
PPT
Information security management v2010
joevest
 
PDF
Cybersecurity through the Deloitte lens
aakash malhotra
 
PDF
IDENTITY ACCESS MANAGEMENT
Prof. Jacques Folon (Ph.D)
 
PDF
Top 5 Cybersecurity Threats and How Managed IT Services Can Help You Combat T...
Exinent LLC
 
PDF
How to build a highly secure fin tech application
nimbleappgenie
 
PDF
Fortify Your Business with Data Security Services: Protect Your Assets with M...
basilmph
 
How LoginRadius CIAM Enhances Developer Experience: 5 Key Benefits
Kevin Mathew
 
A smarter way to manage identities
Matthew Zielinski, CISSP, CBCP
 
Dr K Subramanian
eletseditorial
 
Cyber Security Privacy Brochure 2015
sarah kabirat
 
Intro To Secure Identity Management
Product Marketing Services
 
Understanding Identity Management and Security.
Chinatu Uzuegbu
 
How Sigma Solve Resolves Cybersecurity Challenges
Sigma Solve Inc.
 
TOP SAILPOINT INTERVIEW QUESTION
Infosec Train
 
Cyber-Security-Whitepaper.pdf
Anil
 
Cyber-Security-Whitepaper.pdf
Anil
 
Identity Access Management(IAM) - Government Market Report
ResearchFox
 
2017 october supplementary_reading
seadeloitte
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Hokme
 
How Sigma Solve Resolves Cybersecurity Challenges.pdf
Sigma Solve Inc.
 
Information security management v2010
joevest
 
Cybersecurity through the Deloitte lens
aakash malhotra
 
IDENTITY ACCESS MANAGEMENT
Prof. Jacques Folon (Ph.D)
 
Top 5 Cybersecurity Threats and How Managed IT Services Can Help You Combat T...
Exinent LLC
 
How to build a highly secure fin tech application
nimbleappgenie
 
Fortify Your Business with Data Security Services: Protect Your Assets with M...
basilmph
 
Ad

More from seadeloitte (20)

PPTX
Celebrating our people – Marites Landicho
seadeloitte
 
PPTX
Celebrating our people - Bobby Christian
seadeloitte
 
PPTX
Celebrating our people - Jill Lim
seadeloitte
 
PPTX
Celebrating our people - Joe M. Arnett
seadeloitte
 
PPTX
Celebrating our people – Melissa Delgado
seadeloitte
 
PPTX
Celebrating our people - Muhammad Ashik Ishak
seadeloitte
 
PPTX
Dtc event slide share
seadeloitte
 
PPTX
Kids edu event slide share
seadeloitte
 
PPTX
Celebrating our people - Joanne Loh
seadeloitte
 
PPTX
Celebrating our people - Thomas Chan
seadeloitte
 
PPTX
Celebrating our people - Daniel Ng
seadeloitte
 
PPTX
Celebrating our people - Vergel Hoe Bantoc
seadeloitte
 
PPTX
Celebrating our people - Ellisa Tanara
seadeloitte
 
PPTX
Celebrating our people - Anthony Loh
seadeloitte
 
PPTX
Celebrating our people - Annalisa Nawawi
seadeloitte
 
PPTX
Celebrating our people - Roy D. Kiantiong
seadeloitte
 
PPTX
Celebrating our people - Wimolporn Boonyusthian
seadeloitte
 
PPTX
Celebrating our people - Madam Thanh Ha Thu
seadeloitte
 
PPTX
Celebrating our people - Pachanan Rattanagowin
seadeloitte
 
PPTX
Celebrating our people - Nguyen Kim Lien
seadeloitte
 
Celebrating our people – Marites Landicho
seadeloitte
 
Celebrating our people - Bobby Christian
seadeloitte
 
Celebrating our people - Jill Lim
seadeloitte
 
Celebrating our people - Joe M. Arnett
seadeloitte
 
Celebrating our people – Melissa Delgado
seadeloitte
 
Celebrating our people - Muhammad Ashik Ishak
seadeloitte
 
Dtc event slide share
seadeloitte
 
Kids edu event slide share
seadeloitte
 
Celebrating our people - Joanne Loh
seadeloitte
 
Celebrating our people - Thomas Chan
seadeloitte
 
Celebrating our people - Daniel Ng
seadeloitte
 
Celebrating our people - Vergel Hoe Bantoc
seadeloitte
 
Celebrating our people - Ellisa Tanara
seadeloitte
 
Celebrating our people - Anthony Loh
seadeloitte
 
Celebrating our people - Annalisa Nawawi
seadeloitte
 
Celebrating our people - Roy D. Kiantiong
seadeloitte
 
Celebrating our people - Wimolporn Boonyusthian
seadeloitte
 
Celebrating our people - Madam Thanh Ha Thu
seadeloitte
 
Celebrating our people - Pachanan Rattanagowin
seadeloitte
 
Celebrating our people - Nguyen Kim Lien
seadeloitte
 

Recently uploaded (20)

PDF
Bisleri vs Coca Cola.pdf intellectual property rights
taehyungkimthv201295
 
PDF
Expert Medical Coding Services for Faster Reimbursements.pdf
curesmedical
 
PPT
From India to the World How We Export Eco-Friendly Holi Colours Globally.ppt
holicolor
 
PPTX
Why Outsourcing Debt Collection Saves Time and Money.pptx
Williams Rush & Associates
 
PDF
The New Drive_ How the Transportation Business is Reinventing Itself by Ednei...
Edneil Bonet
 
PDF
Top 7 Cybersecurity Companies in Abu Dhabi
10Pie
 
PDF
NAV to Microsoft Dynamics 365 Business Central Upgrade in London UK (1).pdf
Trident information system
 
PDF
Sustainable Fire Safety How AMCs Contribute to a Greener Future.pdf
abhilashaxontec
 
PDF
Understanding LA's Zero Waste Initiative
Easy Waste Management
 
PDF
Choosing the Right SIRA-Approved Access Control Systems for Your Dubai Busine...
abhilashaxontec
 
PDF
2025 Electrician Marketing Trends Report | Destiny Marketing Solutions
Destiny Marketing Solutions
 
PPTX
Social Media Marketing Services in USA | Boost Your Brand
Digital Hub Solution
 
PDF
Leveraging Earth Observation Data to Improve Wildfire Prevention and Manageme...
Monika Von Hofmann
 
PDF
Investhill_Report OCD (2007-2024)_2025-1.pdf
Investhill
 
PDF
Best Private Bba Colleges | Galgotias University
Galgotias University
 
PPTX
Precision Mapping with Scan to BIM Services
Silicon EC UK LTD
 
PDF
Looking to Work Abroad_ Here’s Why Canada is a Great Option.pdf
Salma377031
 
PPTX
The Rise of Work-from-Home Internships.pptx
indianzero91
 
PDF
Management Colleges In Delhi Ncr | Galgotias University
Galgotias University
 
PPTX
Unlocking-Business-Potential-Power-BI-Development-Services.pptx
Data Analytics Services Company - X-Byte Analytics
 
Bisleri vs Coca Cola.pdf intellectual property rights
taehyungkimthv201295
 
Expert Medical Coding Services for Faster Reimbursements.pdf
curesmedical
 
From India to the World How We Export Eco-Friendly Holi Colours Globally.ppt
holicolor
 
Why Outsourcing Debt Collection Saves Time and Money.pptx
Williams Rush & Associates
 
The New Drive_ How the Transportation Business is Reinventing Itself by Ednei...
Edneil Bonet
 
Top 7 Cybersecurity Companies in Abu Dhabi
10Pie
 
NAV to Microsoft Dynamics 365 Business Central Upgrade in London UK (1).pdf
Trident information system
 
Sustainable Fire Safety How AMCs Contribute to a Greener Future.pdf
abhilashaxontec
 
Understanding LA's Zero Waste Initiative
Easy Waste Management
 
Choosing the Right SIRA-Approved Access Control Systems for Your Dubai Busine...
abhilashaxontec
 
2025 Electrician Marketing Trends Report | Destiny Marketing Solutions
Destiny Marketing Solutions
 
Social Media Marketing Services in USA | Boost Your Brand
Digital Hub Solution
 
Leveraging Earth Observation Data to Improve Wildfire Prevention and Manageme...
Monika Von Hofmann
 
Investhill_Report OCD (2007-2024)_2025-1.pdf
Investhill
 
Best Private Bba Colleges | Galgotias University
Galgotias University
 
Precision Mapping with Scan to BIM Services
Silicon EC UK LTD
 
Looking to Work Abroad_ Here’s Why Canada is a Great Option.pdf
Salma377031
 
The Rise of Work-from-Home Internships.pptx
indianzero91
 
Management Colleges In Delhi Ncr | Galgotias University
Galgotias University
 
Unlocking-Business-Potential-Power-BI-Development-Services.pptx
Data Analytics Services Company - X-Byte Analytics
 

Cyber 101: An introduction to privileged access management

  • 1. An introduction to privileged access management March 2020
  • 2. Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 2 What is it? Privileged access management https://www.netprotocol.net/gartner-privileged-access-management-is-the-1-cyber-security-priority/ http://blog.wallix.com/what-is-privileged-access-management-pam http://blog.wallix.com/privileged-access-management-features-pam-features https://www.beyondtrust.com/resources/glossary/privileged-access-management-pam What does it comprise? While PAM solutions vary in their design, most of them consist of these three components: • Access Manager – Manage all employee access from a single portal • Session Manager – Monitor all privileged user actions in real-time • Password Manager – Protect passwords and enforce password policies Session Manager Password Manager Access Manager T e x t Privileged Access Management Gartner has named privileged access management the #1 cyber security priority for organisations. But what exactly does privileged access management entail? ‘Privileged access’ encompasses access to critical systems - computers, networks and network devices, software applications and other digital assets. Privileged access management (PAM) is thus, the combination of tools and technology used to secure, control and monitor access to an organisation’s critical information and resources.
  • 3. Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 3 An overview Key components of PAM http://blog.wallix.com/privileged-access-management-features-pam-features The Session Manager provides real-time monitoring of privileged users to prevent and detect suspicious activity. It tracks and creates an audit trail of actions taken during a privileged account session. The Password Manager helps with controlling passwords and enforcing password policies. This allows regular rotation and revocation of passwords while maintaining them in a centralised and encrypted vault. The Access Manager helps security teams to manage all employee access on a single portal, from which: - Privileged user can request access, and - Administrators can disable a privileged user’s access
  • 4. Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 4 Overview Why do organisations need PAM? 74% of data breaches start with privileged credential abuse (Source: Centrify) of healthcare employees would sell confidential data for just USD500 to USD1000 (Source: Accenture) of employees know of someone who has sold privileged credentials to outsiders (Source: Accenture) 18% 24% A standard data breach can cost and organisation an average of USD3.92 million. Enterprises that prioritise privileged credential security are able to ensure that their operations will not be interrupted by a breach, hence by creating a formidable competitive advantage over their peers in time and costs.
  • 5. Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 5 Benefits of PAM Why do organisations need PAM? Powerful security solution • PAM is a powerful security solution that can be used to improve insights into vulnerability assessments, IT network inventory scanning and identity governance, among other things. This enhancement of cyber security serves as a deterrence to many cyber criminals. Saves time and money • Most cyber security solutions only reduce risk but bring no additional business value. However, employing the right PAM solution can increase productivity by giving employees access to systems and applications faster and more securely. This enables CISOs to get more done with the same budget. Fast track to compliance • With strong security control recommendations, PAM develops a good baseline of policies that can help to fast-track your compliance standards to align with industry and government regulations. Quick recovery from cyber-attacks • A PAM solution enables you to quickly audit privileged accounts that have been used recently, identify passwords that have been changed, and determine which applications have been executed. https://www.netprotocol.net/gartner-privileged-access-management-is-the-1-cyber-security-priority/
  • 6. Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 6 Case study: Capital One Bank How breaches could have been prevented with PAM Read more: The New York Times One of the most high profile cases of 2019 was the data breach of Capital One Bank, of which over 100 million customer accounts and credit card applications were exposed. How the breach occurred: Paige Thompson, former Amazon AWS employee (Capital One’s cloud hosting service), took advantage of misconfigurations in Capital One’s cloud services and firewalls. She bypassed the firewalls, used web application firewall credentials to obtain privilege escalation and gained access to more and more sensitive data. Consequences: As a result of the breach, the following were stolen from Capital One’s database: - More than 140,000 social security numbers - 1 million Canadian Social Insurance numbers - 80,000 pieces of banking and credit information - Undisclosed number of names, addresses, credit scores, and more
  • 7. Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 7 Case study: Facebook How breaches could have been prevented with PAM Read more: Cnet In October 2019, global social media giant, Facebook, encountered yet another data breach when hackers took over a single account belonging to one of its biggest data partners. How the breach occurred: Hackers commandeered the personal account of a LiveRamp employee who had privileged access to advertising accounts on Facebook. Using that personal account, hackers gained access to the company’s Business Manager account, allowing them to run ads with LiveRamp’s customers’ money. Consequences: Using that access, hackers ran a series of ads on LiveRamp’s customer accounts on Facebook. They spent thousands of those victims’ dollars to trick viewers into buying fake products. One of the ads had been viewed more than 60,000 times and directed visitors to a page designed to steal people’s credit card numbers.
  • 8. Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 8 Case study: Marriott International How breaches could have been prevented with PAM Read more: CSO Online In late 2018, hotel chain Marriott International discovered unauthorised access within Starwood’s reservation system, a subsidiary Marriott acquired in 2016. Internal investigation determined that Starwood’s network was compromised in 2014, which meant that there had been unauthorised access for 4 years into Starwoods’ systems by the time it was found out. How the breach occurred: Attackers managed to take control of a user account with privileged access to make a database query. The user credentials were stolen using a Remote Access Trojan (RAT) along with Mimikatz, a tool used to find out username/password combos in system memory, that were placed onto the server. Consequences: Up to 500 million guest records were stolen, including extremely sensitive information like credit card and passport numbers.
  • 9. Cyber 101© 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd 9 How breaches could have been prevented with PAM How PAM might have helped 1. Real-time session monitoring could have caught and detected the suspicious activities of hackers, terminated such sessions, and alerted the security teams, preventing an incident from happening. 2. The segmentation of user privileges could have prevented hackers from bouncing from one resource to another. 3. Besides multi-factor authentication (MFA), PAM also checks for circumstances surrounding privileged access (e.g. time and IP location). If caught as unauthorised, access would be denied even if credentials were otherwise valid. 4. A strong PAM solution would have hidden the very existence of sensitive resources to users who do not have privileged access. If hackers were in the system with credentials that have no database access, they would not even be able to see personal information, much less query against it and retrieve it. http://blog.wallix.com/biggest-data-breaches-2019
  • 10. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (“DTTL”), its global network of member firms, and their related entities. DTTL (also referred to as “Deloitte Global”) and each of its member firms and their affiliated entities are legally separate and independent entities. DTTL does not provide services to clients. Please see www.deloitte.com/about to learn more. Deloitte is a leading global provider of audit and assurance, consulting, financial advisory, risk advisory, tax & legal and related services. Our global network of member firms and related entities in more than 150 countries and territories (collectively, the “Deloitte organisation”) serves four out of five Fortune Global 500® companies. Learn how Deloitte’s approximately 312,000 people make an impact that matters at www.deloitte.com. Deloitte Asia Pacific Limited is a company limited by guarantee and a member firm of DTTL. Members of Deloitte Asia Pacific Limited and their related entities, each of which are separate and independent legal entities, provide services from more than 100 cities across the region, including Auckland, Bangkok, Beijing, Hanoi, Ho Chi Minh City, Hong Kong, Jakarta, Kuala Lumpur, Manila, Melbourne, Osaka, Shanghai, Singapore, Sydney, Taipei, Tokyo and Yangon. About Deloitte Singapore In Singapore, services are provided by Deloitte & Touche LLP and its subsidiaries and affiliates. This communication contains general information only, and none of Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively, the “Deloitte Network”) is, by means of this communication, rendering professional advice or services. Before making any decision or taking any action that may affect your finances or your business, you should consult a qualified professional adviser. No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person who relies on this communication. © 2020 Deloitte & Touche Enterprise Risk Services Pte Ltd