TL;DR
- Insurance companies host large amounts of sensitive data (PII, PHI, etc.) and often have complex environments due to M&A and divestitures
- Most breaches start with human error
- Fortune 500 companies rely on Microsoft Active Directory as a backbone for Identity and Access Management
- Attackers target Active Directory to move laterally and escalate privilege
- An Attack Path Management solution can proactively find and remove attack paths
Insurance companies collect sensitive data — think medical history or credit card information — to fully understand the value of what they’re insuring and the risk they’re taking on. The same risk then applies to the protection and storage of sensitive data.
In the hands of a bad actor, it’s a treasure trove for data brokerage on the dark web.
Compounding the problem is that insurance industries are embracing digital transformation, creating apps that collect data and giving every policyholder a login to access their information. As they should! Insurance companies need to stay agile with the latest technology to speed up internal business processes and increase customer satisfaction. But the hard truth is that 68% of data breaches start with someone either falling for a social engineering scheme or leaking data by mistake.
Keeping a bad actor at bay in Active Directory
Many organizations rely on Active Directory to manage user access to other important company systems and resources. Misconfigurations and technical debt within Active Directory combine over time to create attack paths. These attack paths can allow adversaries to move through the environment with ease and blend in with administrative behavior.
One of the most efficient ways to mitigate the risk of a breach is by proactively mapping and removing these attack paths. Insurance companies should focus on removing all attack paths to Tier 0 and other critical assets.
A good Attack Path Management solution will prioritize Tier Zero attack paths, provide detailed remediations and continuously monitor to protect agai
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: