Cyber Defense eMagazine June 2021 Edition
Cyber Defense eMagazine June Edition for 2021 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine June Edition for 2021 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Not only are third-parties becoming an increasingly popular attack vector, but in a new study produced<br />
by SecureLink and the Ponemon Institute, there’s an alarming disconnect between an organization’s<br />
perceived threat to third-party access and the security measures it employs.<br />
In surveying 627 security professionals, this latest study, “A Crisis in Third-Party Remote Access<br />
Security,” found that within the past 12 months, 44% of organizations have experienced a breach with<br />
74% saying that it was the result of giving too much privileged access to third parties. What’s more, 51%<br />
say their organizations are not assessing the security and privacy practices of all third-parties before<br />
granting them access to sensitive and confidential information.<br />
The solution, thankfully, is simply to start putting resources behind vetting third-parties and implementing<br />
security measures that go beyond just inherent trust. Here are three starting points for assessing and<br />
shoring up your own third-party access security.<br />
Prioritizing Network Transparency<br />
Before implementing any changes or added measures, the first step is to assess your exposure and take<br />
inventory of your current vendor access. Of those surveyed in the report, only 46% say that they have<br />
comprehensive inventory of third parties with permitted network access. Shockingly, nearly two-thirds<br />
(63%) say they don’t have any visibility into vendor access and their network permissions.<br />
An initial inventory of vendor access can make the transition to a third-party vendor management system<br />
much more straightforward, which can significantly mitigate the risk of a third-party breach. A platform<br />
designed to manage vendor access not only offers the ability to easily see who has access and how<br />
much, but also can log who accessed your systems, when they did it, and what they did. As they say,<br />
knowing is half the battle.<br />
Zero Trust Network Access<br />
Not only is an accurate inventory of access difficult for a majority of those surveyed, but 60% say that<br />
they are unable to provide the appropriate amount of access to their vendors. More often than not, most<br />
err on the side of giving vendors too much access, and then trusting that their vendor doesn’t suffer a<br />
breach of their own. With third-party breaches on the rise, trusting your vendors to limit breaches into<br />
your own systems just isn’t enough anymore.<br />
Implementing a third-party vendor management platform, however, allows for the implementation of a<br />
much more secure Zero Trust Network Access model. Inherent trust in a vendor is replaced with multifactor<br />
verification and privileged access management. Any time a vendor needs access to your systems,<br />
they must verify who they are, and once verified, only have access to exactly what they need. Trust can<br />
be abused; verification cannot.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>June</strong> <strong>2021</strong> <strong>Edition</strong> 88<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.