By Arthur Capella.
As cyber attacks continue to evolve, identity compromise is positioned as hackers’ preferred method to gain access to organizations’ critical infrastructure and networks. According to a report from the Cybersecurity and Infrastructure Security Agency (CISA), identity breach accounts for 90% of initial access to critical infrastructure.
In these incidents, when a hacker gains access to a system through stolen credentials, they can move laterally within the network, accessing other sensitive systems and collecting valuable data over time.
In many cases, the attacker can go undetected for months and quietly leak information before launching a full-scale attack, as we saw in the Colonial Pipeline case, the largest publicly disclosed cyberattack against critical infrastructure in the United States.
While protecting critical infrastructures from cyber attacks is often designed with network segmentation and OT (operational technology) security, ongoing breaches mean these methods alone are not enough.
The problem with almost all endpoint security tools is that they do not have a comprehensive, integrated view of entity, identity, and risk relationships across the entire attack surface.
In the case of OT security tools, for example, they rarely provide visibility into IT assets and identities in the OT environment, increasing vulnerabilities that can be exploited with the possibility of compromising critical infrastructure systems.
It is these cross-domain relationships that enable initial access, lateral movement, and privilege escalation. Without them, there is no way to effectively separate large amounts of isolated alerts from actual risks that could disrupt the integrity and continuity of critical infrastructure.
Risk prioritization is the way to do this
Companies need to adapt to new concepts and new tools to protect their infrastructure. Resilience in the fight against cybercrime is not a static goal; It’s an ever-changing goal that requires vigilance, innovation, and an organization-wide commitment to security.
By adopting a horizontal protection approach that emphasizes end-to-end visibility, contextual risk assessment, and prioritization of actual risk exposure, organizations can improve their security posture, increase efficiency, and better protect critical infrastructure against evolving threats.
In this context, vulnerability management is a vital component of any organization’s cybersecurity strategy. With a comprehensive approach to vulnerability management, organizations will not only strengthen their defenses, but also demonstrate commitment to governance, security and resilience in the digital environment.
Surveillance, technology and awareness must work hand in hand in the fight to protect identity. The responsibility falls on individuals and organizations to take identity security seriously, ensuring that cybercriminals always face strong, strategic defenses.
****
General Manager of Tenable in Brazil since June 2019. Capella, who has more than 20 years of experience in the cybersecurity industry, was responsible for opening and managing Palo Alto Networks in Brazil and previously operating IronPort in the country. He also held management and business development roles at IBM, Xerox and Embratel. The manager holds a Business Administration degree from UFRJ and an MBA in Marketing and Strategies from the same institution.
Source: Tec Mundo
I am a passionate and hardworking journalist with an eye for detail. I specialize in the field of news reporting, and have been writing for Gadget Onus, a renowned online news site, since 2019. As the author of their Hot News section, I’m proud to be at the forefront of today’s headlines and current affairs.
