1. Any systems accessible from Internet must be fully patched. If a system have a visible of IP address OR you do it statics map OR even with password protected must be patched.
2. Any systems have access from Internet never contain any critical data.
Digital Transformation challenges :-
Expanded Ecosystem => Evolving perimeter => Unmanaged privileged => RISK.
94% of organization are engaged in a digital transformation project.
93% of companies experienced a Business impacting cyberattacks.
Example of Data breach like ( Marriott Hotel)
1. 99,2 Millions Pounds Fines.
2. Hacker enter in Starwood Servers since(2014/2016/2018). they discover since 2014 that they have been hacked.
3. On 30/07 stole 339 Millions Records.
”Whenever a hacker breach and stole the data and it is well encrypted that data is useless for him/her.”
2 Reasons to encrypt badly.
A. All data encrypted wit the same key.
B. The keys are in plain text on the server.
Here you always separate the keys on different servers. That is why the organization are not well implement and not well secure on the server. In most organization have prevent system but without Detection systems to control the damage. Without the Detection
system you have nothing. It is a must.
Now, ow cybercriminals compromise your Privileged Accounts:-
It is up to 80% of breaches resulting from stolen OR weak password credentials, the path to compromising privileged Accounts is pretty simple. Most cybercriminals preferred path way to privilege exploitation is as follow:-
1. Compromise an end-user Account.
2. Capture a privileged Account.
3. Go anywhere on the Network.