Improving your business resilience with Privileged Access Management (PAM) – What a CISO needs to know

As defined in Nixu's Turning Cybersecurity Challenges into Business Resilience whitepaper, business resilience is the ability of an organization to withstand and recover quickly from disruptions while at the same time maintaining business operations. It is necessary for any business in any industry to safeguard its operations, people, assets, brand, and reputation. It is a critical component of any business’s long-term success. Investing in business resilience has several benefits and protects the bottom line.

Nixu published the second Cybersecurity Index survey in late 2023 by conducting an extensive survey and interviews for 370 organizations operating in Northern Europe. A notable result was that 81% of the respondents stated business resilience as the foremost reason for their cybersecurity investments. More precisely, the top findings were:

1. Business resilience drives investments in four out of five organisations
2. AI is everywhere, and it introduces unprecedented security concerns
3. Top priorities 2024: Security monitoring, Security awareness, and Identity and Access Management

This is understandable considering several things, such as:

1. The geopolitical situation: Unpredicted threats are rising as the political tension is growing worldwide. Especially here in the Nordics, Finland and Sweden joining NATO naturally creates friction.
2. Rise in cyberattacks: The Nordics have experienced a surge in cyberattacks targeting various sectors, from government agencies to healthcare organizations, financial institutions, and critical infrastructure. The National Cybersecurity Centre Finland predicts that the threat level will stay elevated in 2024 (The National Cyber Security Centre Finland’s weekly review – 12/2024).
3. A new era of more sophisticated threats: The rise of generative AI, as highlighted in the CrowdStrike 2024 Global Threat Report, is not just a technological advancement, but a potential game-changer for adversaries. It could significantly lower the barrier of entry for low-skilled attackers, enabling them to launch more sophisticated and rapid attacks. The outdated legacy technologies are no longer a match for the speed and sophistication of the modern adversary.
4. Rise of identity-based attacks: Continuation of identity-based attacks take center stage, as adversaries focus on social engineering attacks that bypass multifactor authentication (CrowdStrike 2024 Global Threat Report).

What does a CISO need to know?

As the world around us becomes more and more digital, it is obvious that the significance of cyber security becomes even more important in the battle against cybercriminals. But what should you invest in to maximize the impact of it?

Stolen credentials play a significant role in cyberbreaches. The percentage varies, but e.g., in Google Cloud´s 2023 Threat Horizon report, it was stated that 86% of breaches involved stolen credentials. Based on this, it is great to see that Nordic organizations have realized the importance of IAM in improving security posture and business resilience. In the Cybersecurity Index, 40% of the respondents highlighted the significance of IAM. In addition, 35% of the respondents identified IAM as one of the most critical capabilities and one of the top priorities in development plans. At the same time, depending on the country, the number of respondents thinking that this capability is managed well varied between only 14 and 23 %. In conclusion, we can say that more needs to be done.

How does all this boil down to PAM, then? Up to 80% of all security breaches involve the compromise of privileged credentials, meaning the accounts of administrators and other users with elevated rights. By getting access to such credentials an attacker can cause a lot of harm to the company through lateral movement, granting themselves rights to operate freely in the IT environment. PAM focuses on securing those credentials.

In our newly published whitepaper “Reinforced Business Resilience through Privileged Access Management”, based on academic research, Nikita Sizov has delved into the relation of cyberattacks and PAM. Nikita has investigated popular cyberattacks and their attack patterns. Additionally, he has mapped PAM mechanisms to these patterns to provide a comprehensive understanding of how Privileged Access Management can mitigate such attacks. More precisely, how can the most common cyberattacks be avoided and mitigated by using PAM?

The whitepaper underscores the power of PAM as an effective tool and how it can help a CISO to have a good night´s sleep, mitigating one likely and extremely harmful attack vector. While improving business resilience is a collective effort between different departments, the CISO plays a pivotal role in facilitating it – particularly from the information security perspective. Inevitably, improving business resilience requires a lot of different actions, also on the cyber domain, but by adding PAM to the toolbox, you are one big step closer.

Way forward

Our driver at Nixu is to deliver and empower business resilience by improving operational efficiency, enhancing security, and helping our customers achieve compliance. Nixu, a DNV company, has a wealth of experience in delivering PAM advisory and solutions for companies that need to protect their privileged credentials and business-critical assets, eventually improving their business resilience.

How to get started, then? An easy way to form an understanding is to conduct a PAM Roadmap, starting with investigating the current state, defining the target state, and building a roadmap to reach the target. There are several ways to implement a PAM capability, either as a project or PAM as a Service. The latter one is a turn-key solution, perfect for companies who want to get the benefits of PAM fast and easy; no need to build and maintain a PAM organization and skills in-house; just buy as a service and let us handle all. Feel free to contact us for more detailed information and assistance.