Thycotic debunks top Privileged Access Management myths
.jpg)
Article by Thycotic chief security scientist and CISO Joseph Carson
Cybercriminals have an arsenal of tools at their disposal and an almost endless variety of system vulnerabilities they can exploit to breach their targets.
In most cases, however, security incidents can be traced back to the use of compromised user accounts.
The Verizon 2018 Data Breach Investigations Report, for example, found that 81% of data breaches involved the use of stolen or weak passwords.
Another report from Gartner revealing its Top IT Security Projects for 2019 listed Privileged Access Management (PAM) – which locks down and monitors access to user accounts, among other things – as the number one project.
Organisations have traditionally protected their networks with firewalls, VPNs, access controls, IDS, IPS, SIEMs, email gateways and so forth, building multiple levels of security on the perimeter.
Technologies like cloud, mobile and virtualisation, however, now make the security boundaries of an organisation blurry and the traditional security perimeter is no longer such an effective cybersecurity control.
With a limited budget, IT security staff are continuously searching for ways to protect the data they have been entrusted with while looking to add value to the business.
Privileged Access Management is proving to be the new cybersecurity perimeter and an effective solution to reduce organisations’ business risks from cyber-attacks.
Privileged Access encompasses access to computers, networks and network devices, software applications, digital documents and other digital assets that upper management, IT administrators and service account users have.
This access allows more rights and permissions than those given to standard business users.
‘Standard’ business users often have more rights than they really need – something PAM also addresses.
Privileged access is the access most often targeted by cybersecurity threats because this access leads to the most valuable and confidential information, such as customer identities, financial information and personal data.
So why does Gartner also estimate that only 40% of organisations have implemented Privileged Access Management practices for all enterprise use cases?
The reason is PAM’s complex past and a number of misconceptions that have sprung up as a result.
Misconception #1: Implementing PAM is too complex
A complex reputation for PAM solutions dates back to an earlier time.
Legacy PAM software was often overly complicated, leading to needlessly difficult implementations.
Installations could take several months to finish, with some cases taking years or simply remaining incomplete.
These older iterations could also be extremely resource-heavy, requiring the efforts of multiple expensive specialists.
Many IT teams decided that PAM was not worth it, while those that persevered are still bitter about all the grief the process caused them.
Of course, most of these experiences stem from a different era of security, where organisations could more comfortably rely on their firewall to keep attackers away from their networks and privileged accounts.
While many IT veterans may still bear well-earned grudges against early PAM tools, they can no longer afford to shun the approach in the current security climate.
The good news is that PAM solutions have evolved to become much easier to implement and use.
Many are now designed for out-of-the-box deployment, enabling IT teams to get them up and running quickly without the need for expensive specialists.
The best tools are also built to be flexible and scale with the organisation as it grows and its security needs change.
Misconception #2: PAM makes things harder for users
This misconception also dates back to the days before the advent of easy-to-use PAM solutions with features like password management aimed at improving user experience.
Cybersecurity has never been a positive security experience for most employees.
In many organisations there is tension between employees and the cybersecurity team due to the negative impact that many solutions have on productivity, resulting in employees looking for ways around them and increasing risk.
Many employees suffer from cyber fatigue – the frustration experienced in juggling scores of online accounts with multiple (and supposedly strong) passwords.
In many cases, individuals feel so frustrated that they give up trying to manage things safely and default to using the same passwords for multiple accounts, sharing passwords with family members, and logging on to the Internet using their social media accounts.
IT security staff should be looking for ways for employees to have a better experience with security, and the best way to do this is to implement PAM solution.
This will help remove one of the biggest causes of cyber fatigue and will generate new passwords and rotate them when they are stolen or compromised, which these days could be as often as every week.
Misconception #3: PAM is just another cost to the business
Because they only reduce risk, most organisations spend valuable budget on cybersecurity solutions that typically add no additional business value.
However, the right PAM solution actually makes employees more productive by giving them access to systems and applications faster and more securely.
Implementing a PAM solution secures access to sensitive systems and reduces the risk of getting compromised by disclosed passwords on the dark web. PAM also reduces cyber fatigue and simplifies the process of rotating and generating new complex passwords.
All of these save valuable employee time which translates directly into cost savings for the business.
One of the major reasons that Privileged Access Management has been listed as the number one security project for organisations is that it saves them time and money – both of which can go back into their cybersecurity efforts – enabling cybersecurity teams to get more done with the same budget.
Although some IT veterans may still feel compelled to delay PAM, choosing the right solution will enable them to gain full control over their privileged accounts without reliving the pain they may have experienced in the past.
source securitybriefeu
Industry: Cyber Security News
Latest Jobs
-
- Account Manager - IT Services
- Germany
- €90000 plus OTE and Car
-
Are you a deal closer with a hunter mindset? Do you know how to uncover business pain points, and turn them into long-term digital transformation partnerships? Our Client are growing their sales force across Germany and looking for an ambitious, straight-talking Account Manager to take the lead on new client acquisition. You’ll focus on mid-sized to large enterprises across Germany helping to shape their digital future with tailored IT solutions in Workplace, Cloud, and Security. • Drive Growth: Own the full sales cycle for new business across your region. • Solution Sell: Build bespoke offers in Security, Digital Workplace and Cloud solutions • Build Relationships: Establish a solid pipeline through smart prospecting, marketing-driven leads, and your own network. • Represent a brand known for trust, delivery, and tech excellence—with 4,000 employees globally and a growing team within Germany. What You Bring • Proven new logo sales experience in the IT services space (not hardware!) • Deep knowledge in one or more of: Cybersecurity, Digital Workplace, or Cloud • Confidence to lead enterprise deals and pitch directly to senior stakeholders • Fluent German and good English skills Sind Sie ein Abschlussprofi mit Hunter-Mentalität? Wissen Sie, wie man geschäftliche Pain Points identifiziert und in langfristige Partnerschaften zur digitalen Transformation verwandelt? Unser Kunde baut derzeit sein Vertriebsteam in ganz Deutschland aus und sucht eine ambitionierte, ehrliche Persönlichkeit als Account Manager, die den Lead bei der Neukundengewinnung übernimmt. Ihr Fokus liegt auf mittelständischen bis großen Unternehmen in Deutschland, denen Sie mit maßgeschneiderten IT-Lösungen in den Bereichen Workplace, Cloud und Security den Weg in die digitale Zukunft ebnen. Ihre Aufgaben • Wachstum vorantreiben: Verantwortung für den gesamten Vertriebszyklus im Neugeschäft Ihrer Region. • Lösungsorientierter Vertrieb: Entwicklung individueller Angebote in den Bereichen Security, Digital Workplace und Cloud-Lösungen. • Beziehungen aufbauen: Aufbau einer stabilen Pipeline durch gezielte Ansprache, marketinggenerierte Leads und Ihr eigenes Netzwerk. • Marke repräsentieren: Werden Sie Teil eines Unternehmens mit 4.000 Mitarbeitenden weltweit und einem stark wachsenden Team in Deutschland – bekannt für Vertrauen, Verlässlichkeit und technologische Exzellenz. Was Sie mitbringen • Nachgewiesene Erfahrung in der Neukundenakquise im Bereich IT-Services (kein Hardwarevertrieb!) • Fundiertes Wissen in mindestens einem der Bereiche: Cybersecurity, Digital Workplace oder Cloud • Selbstbewusstes Auftreten im Umgang mit Enterprise-Deals und Entscheidungsträgern auf Top-Level • Verhandlungssichere Deutschkenntnisse und gute Englischkenntnisse
-
- Senior SOC Analyst Level 3. Microsoft Security stack | Ability to achieve SC Clearance
- London
- To attract the right person
-
Job Title: Senior SOC Analyst Level 3. Microsoft Security stack | Ability to achieve SC Clearance Location: Hybrid remote | London / Berkshire Overview: Senior SOC Analyst Level 3 to join a specialist Managed Security Services business. You will be responsible for advanced threat hunting / triage, incident response etc with a strong focus on the Microsoft Security Stack. Key Responsibilities: Lead and resolve complex security incidents / escalations Conduct advanced threat hunting using the Microsoft Security Stack. Build, optimise and maintain workbooks, rules, analytics etc. Correlate data across Microsoft 365 Defender, Azure Defender and Sentinel. Perform root cause analysis and post-incident reporting. Aid in mentoring and upskilling Level 1 and 2 SOC analysts. Required Skills & Experience: The ability to achieve UK Security Clearance (SC) – existing clearance ideal. (Sorry no visa applications) Current experience working with a SOC environment Microsoft Sentinel: Development and tuning of custom analytic rules. Workbook creation and dashboarding. Automation using Playbooks and SOAR integration. Kusto Query Language (KQL): Writing complex, efficient queries for advanced threat hunting and detection. Correlating data across key tables (e.g., SignInLogs, SecurityEvent, OfficeActivity, DeviceEvents). Developing custom detection rules, optimising performance, and reducing false positives. Supporting Sentinel Workbooks, Alerts, and Playbooks through advanced KQL use. Deep understanding of incident response, threat intelligence and adversary techniques (MITRE ATT&CK framework). Strong knowledge of cloud and hybrid security, particularly within Azure. Additional Requirements: Must hold or be eligible to achieve a minimum of Security Clearance (SC) level. Nice to have certifications (e.g., SC-200, AZ-500, GIAC) are desirable. Strong problem-solving and analytical skills. Excellent communication for clear documentation and team collaboration. Please follow Wheaton’s Law.
-
- New Business Sales Hunter | Cyber Security (UK Based)
- London
- To attract the right person
-
New Business Sales Hunter needed | Cybersecurity (UK Based) Are you looking for uncapped commission, a fun and sociable team that drives success with no politics? If so...You must Be UK based - and able to achieve UK SC clearance. (sorry no visas) Have a demonstrable history of sales success in Cyber Security Follow Weatons law. The role: Seeking a proven New Business Sales Hunter to join an established, successful and expanding cyber security firm. New business focused - £1m GP year one target (ramped). Sell a blend of security services & professional services. Ideal experience selling some or all of the following Cyber strategy & risk management Managed detection & response (MDR) Penetration testing Compliance & audit support You: Strong cybersecurity/IT services sales track record. Confident selling into mid-market & enterprise. UK based - London commutable 1x per week. Hunter mindset, full sales cycle ownership. Don't just send an email to apply give me a call on 07884666351
-
- CyberArk Architect
- London
- Upto £110,000 plus bonus and benefits
-
Are you ready to lead from the front and drive innovation in the Identity & Access Management (IAM) space? We’re looking for a seasoned CyberArk Architect who has CDE-CPC ideally or experience with privilege Cloud, someone who can lead with vision, execute with precision, and inspire teams to deliver excellence. As a key leader in our organisation, you’ll bring your strong business acumen and a technology-focused, innovative mindset to the table. You’ll be driving strategic initiatives, shaping transformation programs, and empowering teams to think big and deliver even bigger. Acting as a subject matter expert in CyberArk Leading strategic transformations in: Identity Governance Privileged Access Management (PAM) Access Management Customer Identity and Access Management (CIAM) Building and maintaining strong, collaborative relationships within the team Communicating clearly and confidently — both written and verbal — to deliver updates, raise potential issues, and share insights If you are interested in the above position we are looking for people with: deep expertise and a successful track record in IAM strategy, delivery, or assurance with CyberArk Hold relevant certifications such as CDE in Privileged Cloud or Guardian Have experience in a client-facing role (preferred, but not essential) Thrive in a hybrid working environment and are available to work from our or client London office three days a week Lead with clarity, communicate with impact, and adapt quickly to changing priorities