Thycotic Research Reveals Where Hackers and Security Professionals Agree and Where They Differ
Thursday, September 12, 2019
Black Hat 2019 Survey Report Highlights Service Account Vulnerabilities
WASHINGTON, Sept. 12, 2019 /PRNewswire/ -- Thycotic, provider of privileged access management (PAM) solutions to more than 10,000 organizations, including 20 percent of the Fortune 100, today released research results in a new report entitled, "Hackers & Security Professionals at Black Hat 2019: Where They Agree and Where They Differ." The report finds service accounts are a favored target of hackers, yet 35 percent of passwords never get changed or are changed only after a security incident.
The report is based on interviews with nearly 300 hackers (49 percent) and security professionals (51 percent) in attendance at the Black Hat 2019 annual conference in Las Vegas.
Both hackers and security pros strongly agree that service accounts are an attractive target because hackers can easily elevate privileges and gain access to sensitive information. And, they are in near identical agreement on the best ways to protect a service account from compromise. In many software installations, the password for service accounts either remains the default vendor password (easily found on the internet) or it exists only in the memory of the consultant who installed the software.
"Service accounts can pose a significant risk to organizations because they are so difficult to manage and secure properly, especially across multiple accounts for different services, tasks, and other applications," said Joseph Carson, Chief Security Scientist at Thycotic. "Service account passwords are also a challenge because administrators can't safely change a service account password if they don't know where it's used without risk of bringing down other applications."
The report had three main themes between hackers and security professionals:
1. Get control of your service accounts or face the consequences
2. Hackers don't discriminate when targeting privileged accounts: on prem,
cloud and in hybrid environments
3. Security professionals and hackers need to close a "trust gap"
Hacker respondents surveyed consider themselves as helping improve security and a valuable resource for reducing risks from cyberattacks, with more than half saying they would disclose vulnerabilities responsibly. However, nearly 50 percent of security pros believe hackers would sell stolen sensitive data for profit and only 10 percent think hackers would disclose it responsibility.
In another survey finding, a significant number of security pros (36%) and hackers (22%) did not feel any of the major providers such as AWS, Microsoft or Google were especially good at protecting their IT environments from threats. Hackers seemed to have a better opinion of AWS (32%) followed by Google (22%) and Microsoft Azure (20%). Security pros rated AWS (30%) ahead of both Microsoft (18%) and Google (15%).
Download a complimentary copy of the full survey report: "Hackers & Security Professionals at Black Hat 2019: Where They Agree and Where They Differ."
About Thycotic
Thycotic is the leading provider of cloud-ready privilege management solutions. Thycotic's security tools empower over 10,000 organizations, from small businesses to the Fortune 100, to limit privileged account risk, implement least privilege policies, control applications, and demonstrate compliance. Thycotic makes enterprise-level privilege management accessible for everyone by eliminating dependency on overly complex security tools and prioritizing productivity, flexibility and control. Headquartered in Washington, DC, Thycotic operates worldwide with offices in the UK and Australia.
For further information, please contact:
Steve Kahan
Jacqueline Velasco
Thycotic
Lumina Communications
T: 202-802-9399
T: 408-680-0564
E: steve.kahan@thycotic.com
E: thycotic@luminapr.com
--- ---
View original content to download multimedia:http://www.prnewswire.com/news-releases/thycotic-research-reveals-where-hackers-and-security-professionals-agree-and-where-they-differ-300916594.html
SOURCE Thycotic
|
|
|
|
|
 |
Indusface redefines WAAP user experience with industry-first innovations in AppTrana | Mar 28, 2025
|
|
EXECUTIVE PRODUCER BRADLEY COOPER'S FILM CAREGIVING TO PREMIERE ON PBS FOR NATIONWIDE BROADCAST JUNE 24 STREAMING BEGINS MAY 27 | Mar 28, 2025
|
|
Trend Micro Launches Voice-Enabled ScamCheck Capability to Help Protect Consumers from the Rising Threat of Global Scams | Mar 28, 2025
|
|
Splitit Unveils First Fully Embedded White-Label Installment Solution for Shopify Merchants | Mar 28, 2025
|
|
/C O R R E C T I O N -- Bell Canada (MTL)/ | Mar 28, 2025
|
|
Keeper Security Unveils Latest WearOS App for Seamless Password Management | Mar 28, 2025
|
|
Leading Endpoint Protection Solutions for Combatting Cyberthreats Identified in Info-Tech Research Group's New Emotional Footprint Report | Mar 28, 2025
|
|
Hornetsecurity named Top Player in Radicati's Secure Email - Market Quadrant 2025 | Mar 28, 2025
|
|
Ontinue Research Reveals Ransomware Attacks Surged 132% Despite 35% Drop in Payments | Mar 28, 2025
|
|
Identity Theft After a Data Breach? Legal Action May Recover Your Losses | Console & Associates | Mar 28, 2025
|
|
|
