What is Privileged Access Management and why it’s growing at 32% CAGR
Privileged Access Management refers to a class of solutions that help secure, control, manage and monitor privileged access to critical systems. A privileged user has administrative access to these critical assets.
For example, admin accounts have such a huge breadth of access they need to be extra secure. PAM puts these admin accounts inside a secure repository and access must go through the PAM system to be authenticated. Access is logged and reset each time to ensure access is always made through the PAM system. This isolates the use of these privileged accounts and so reduces the risk of those credentials being stolen.
Passwords universe growth
As the total universe of passwords is likely to grow from approximately 90 billion today to 300 billion by 2020, organisations across the world face a massively growing cyber security risk from hacked or compromised user and privileged accounts, according to research by Cybersecurity Ventures.
95 credentials and passwords are stolen every second
The research notes that more than 3 billion user credentials/passwords were stolen in 2016. That breaks down to 8.2 million credentials and passwords stolen every day or 95 credentials and passwords stolen every second.
Losing user passwords causes serious concerns but losing passwords to privileged accounts can be catastrophic. A privileged account can be human or non-human; they exist to allow IT professionals manage applications, software and server hardware.
Privileged accounts provide administrative or specialised levels of access based on higher levels of permissions that are shared. Some types of non-human privileged accounts are application accounts used to run services requiring specific permissions. The ultimate goal of any hacker is to obtain privileged access so that they can essentially do whatever they want.
200 days to detect a breach
When attackers compromise a privileged account, they can perform malicious activity, steal sensitive information and commit financial fraud. They can often remain undetected for weeks or months at a time. Most cybersecurity breaches go undetected for more than 200 days.
The danger is obvious, but it’s important to understand how cybercriminals and malicious insiders can compromise any end-user or privileged account and “escalate” their privileges to steal information and damage the reputation of any organisation.
80% of breaches involve compromised accounts
Industry analysts estimate that from 60% to 80% of all security breaches now involve the compromise of user and privileged account passwords. Yet, traditional methods of identifying and managing privileged accounts still rely on manual, time-consuming tasks performed on an infrequent or ad-hoc basis.
Privileged Access Management
Privileged Identity Management is a software solution used to manage the identity and access rights of privileged users and outsourced IT vendors to prevent internal cyber threats. The solution has also been enhanced in recent times to provide privileged access rights to regular employees - termed as privilege elevation - as and when the situation demands.
Privileged users can be IT staff and managers who have administrative access to critical systems. The solutions help protect, manage and monitor privileged accounts and access and helps with regulatory and compliance needs.
With proper privileged access Management, an organisation can prevent insider and outsider security threats, cut down business cost and enhance its information security posture.
The overall Privileged Access Management market is expected to grow from $922 million in 2016 to $3,792.5 million by 2021 - a Compound Annual Growth Rate (CAGR) of 32.7%. The constant pressure of managing data breaches along with the need to improve productivity and reduce costs has led enterprises of all sizes to adopt privileged identity management solutions for critical credentials management.
Zinopy provides Privileged Access Managed Service (PAMaaS) as part of our inSIght Managed Security Intelligence Service.