Forty-four percent of data breaches in the last year involved privileged identity according to global Balabit research report

Only 41 percent of privileged accounts are assigned to permanent employees of the business with the majority being made up of contractors, third-party vendors and resellers – indicating IT has less visibility of privileged account access

LONDON, May 17, 2018 (GLOBE NEWSWIRE) -- Nearly half (44 percent) of data breaches in the last year involved privileged identity, according to a research report from Balabit, a One Identity business and a leading provider of Privileged Access Management and Log Management solutions. The report titled, “IT Out of Control,” also revealed that only two out of five (41 percent) of these privileged accounts are assigned to permanent employees with the majority being made up of contractors, vendors and third parties. This is a problem that is getting worse, with 71 percent of businesses saying the number of privileged accounts in their network grew last year, and 70 percent expect the number of accounts to grow even more this year.

The “IT Out of Control” eGuide is part of the Unknown Network Survey, which was conducted in the U.K., France, Germany and the U.S., and reveals the attitudes of 400 IT and security professionals surrounding their concerns over IT security and their experience of IT security breaches, their understanding of how and when breaches occur, and how they are trying to combat hackers and privileged account misuse.

Trust but verify – are businesses losing control?

When privileged accounts are misused in a data breach, often a malicious insider has misused their access, or a criminal hacker has hijacked the account through social engineering methods. Subsequently, finding the identity of the criminals is an impossible task. It should come as no surprise that IT teams have low confidence when it comes to having visibility of what is going on in their networks, with only 48 percent believing they can account for all permanent staff’s privileged access and the data they have access to. Only a further 44 percent believed they could account for all third-party vendors’ privileged access and the data they have access to.

This has led to 58 percent of respondents saying their company must take security threats related to privileged accounts more seriously. Worryingly, 67 percent of respondents say it’s quite possible that former employees retain credentials and can access their old organization’s network.

This highlights the urgent need for the board to recognize the risks of privileged account misuse. More privileged accounts have led to increased risks for organizations. Simultaneously, it has become increasingly difficult for IT managers to keep track of who is accessing what data files and applications. As a result, ensuring that trust is validated and verified has become an overwhelming undertaking. In the same way that trusted employees can turn on a business, so can a vetted outsider.

“Privileged Identity Theft is a widespread technique in some of the largest data breaches and cyber-attacks. A wide range of organizations have fallen victim to sophisticated, well-resourced cyber criminals but often these attacks are easy to carry out, through the use of social engineering techniques such as a simple phishing email,” said Csaba Krasznay, Security Evangelist, Balabit.  “Measures exist to mitigate the risks of the attack. Relatively straightforward process improvements combined with the correct technologies such as session management and account analytics can help detect compromised privileged accounts and stop attackers before they are able to inflict damage on organizations.”

Solutions such as privileged access management (PAM) can help. Unlike traditional security systems, which see IT managers relying on manual methods of privileged user management, PAM provides replicable processes to track and manage privileged credentials. 

When it comes to an effective security strategy, there are three pillars of defense that need to be taken into account. The first line of defense should be Password Management tools which protect privileged credentials. The second should be Privileged Session Management, which continuously monitors privileged accounts to identify anomalous activity. The third pillar should then be Privileged Account Analytics, a continuous verification of users, based on behavior. Security teams can then identify whether a privileged account has been hijacked or if a trusted insider has turned malicious.

Nowadays, cyber breaches are coming from all directions. Businesses must be able to protect themselves from threats at home as well as those from the unknown corners of the internet. But with the proliferation of third-party partners, contract workers, remote working and BYOD policies protecting an organization is now a borderless challenge.

For more information and to download your copy of “IT Out of Control,” please visit:

Survey methodology

The Balabit Unknown Network Survey was undertaken on behalf of Balabit by independent market research company Loudhouse to examine the changing attitudes towards security in business in October/November 2017. This research explores businesses’ concerns over IT security and their experience of IT security breaches, with a particular focus on privileged accounts and the insider threat.

The research was run among 400 senior IT people with responsibility or visibility for network security.

About Balabit

Balabit, a One Identity Business, is a leading provider of Privileged Access Management (PAM) and Log Management solutions that help businesses reduce the risk of data breaches associated with privileged accounts.

Balabit’s integrated PAM solution protects organizations in real-time from threats posed by the misuse of high risk and privileged accounts. Solutions include Privileged Session Manager and Privileged Account Analytics, which together help organizations prevent, detect, and respond to cyber attacks involving privileged accounts, including both insider threats and external attacks using hi-jacked credentials. Working in conjunction with existing security tools, Balabit Privileged Access Management enables a flexible and people-centric approach to improving security without adding additional constraints to working practices.

Founded in 2000, Balabit has a proven track record, with 25 Fortune 100 customers and more than 1,000,000 corporate users worldwide. The company operates globally with offices across the United States and Europe, together with network of reseller partners.

For more information, visit, read the Balabit blog, or follow on Twitter via @balabit, LinkedIn or Facebook.

Media Contacts:

Andrea Ipolyi
Balabit/One Identity PR

Ali Mapplethorpe
Highwire PR for Balabit/One Identity