Whether a multinational giant like Amazon, or a more regionalized company like Safeway, retail systems are ubiquitous around the world. But just as ubiquitous are cyberattacks – and many of those attacks are aimed directly at retail systems, with 64% of retailers reporting an attempted attack on a monthly basis.
Everyone has heard the aphorism that “What you don’t know can’t hurt you.” Of course, the expression is patently false in a wide variety of contexts – and it’s especially false when it comes to hidden cybersecurity threats, some of which are capable of inflicting damage far more severe than data breaches and identity theft. One such cyberthreat that could potentially hurt millions, not just financially but physically, is the malware known as Triton.
In complex, complicated networks, privileged access is a fact of life – and privileged access management (PAM) is a necessity. The need for PAM stems from the fact that users will need varying levels of privileged access at different times and under different circumstances: In-house DBAs will need access to database servers to perform their daily work, for example, while network engineering consultants will need a completely different set of privileges in order to accomplish certain tasks for which they’ve been retained.
Corporate network environments are typically large, with many points of access that can potentially be exploited to gain unauthorized entrance to the network, and to the resources and data within that network. In attempting to lock down systems against unauthorized access, cybersecurity teams will often use a “defense in depth” strategy whereby the system as a whole is protected by using multiple layers of defense that seek to ensure the protection individually of each of its components.
The cybersecurity challenges confronting healthcare providers are immense. Patient data must be constantly secured, and large numbers of connected devices must operate consistently and securely in an environment where patients, doctors, non-medical staff, the IT department, and outside contractors all require varying levels of system access. When one takes the challenges of securing such an environment together with the high value of patient data – in which a typical electronic health record (EHR) for an individual can contain their name, their social security number, their medical history, their banking and credit card information, the names of their relatives, and much more of value to hackers – it’s easy to see why healthcare is the industry most often targeted by hackers.