Nine out of ten; that's how many hackers believe that it's as easy or even easier to steal privileged account credentials today compared to two years ago. The numbers, published in Thycotic's 2015 Hacker Survey, may seem shocking considering how much money companies are throwing at cybersecurity. Almost half of the 200 hackers surveyed agreed that they go after privileged account credentials as the number one target.
Apparently "privileged" credentials aren't so privileged, as 94% of hackers said they've found them stored in unsecure places, like spreadsheets.
Bullseye
You could say that the healthcare industry is the cash cow for hackers. Considering that medical records sell for more than credit card numbers, it's not surprising that hackers name the healthcare industry the number one target. Not only does the industry offer the biggest payouts, but the survey also found that hackers consider it the most vulnerable (comforting, isn't it?). If you need proof, look no further than Bitglass' 2016 Healthcare Breach Report. The report found that 1 in 3 Americans fell victim to a healthcare data breach in 2015, the number is up an astounding 80%.
Coming in as the second and third biggest targets are the Financial Industry and Government. The two are basically dead-locked for second.
People are the problem
To get cybersecurity back on track, first take a long look at all privileged accounts. Most of the time companies have accounts floating around that they don't even know about. It's also just as important to regularly make sure credentials are not stored in public places like spreadsheets. Privileged account information should always be stored in encrypted vaults. Once everything is cleaned up, it will be easier to manage and monitor accounts. As redundant as this stuff sounds, it could make the difference in losing millions of dollars to a data breach.
Money and resources are nice, but security boils down to the fact that a network is only secure as the employees using it.
