9 April 2015

CyberArk: Sharing your network with third parties can let the hackers in

CyberArk, which protects organisations from cyber attacks, has released a new security brief discussing the danger of providing third party vendors with access to the corporate network.

Source: CyberArk. View the complete infographic here.

“It’s no secret that attackers target the weakest links in IT security, which are often found in accounts provisioned to third-parties for network access,” said John Worrall, Chief Marketing Officer, CyberArk. “Often, these smaller third-party organisations have less sophisticated security policies and controls than the target companies, providing an open backdoor for attackers. With the proper privileged account security controls in place, organisations can provide the network access required for business efficiency while maintaining consistent security across all types of accounts – internal and external.”

According to CyberArk, hackers often target third-party vendors and supply chain partners in their quest to attack a particular target. Organisations in every industry provide network access to third-party vendors, which range from services companies and suppliers to external consultants. Attackers target these less-secure partners to compromise remote access points, steal and exploit privileged credentials, and gain access to targeted networks. From here, attackers can completely circumvent the targeted company’s defences.

The brief, Securing Remote Vendor Access with Privileged Account Security, can be downloaded here.