CRN Pipeline Channel Conference 2022 will be held in Queensland on 23-26 August!

'PAM' protects keys to the kingdom

Privileged Access Management emerges as frontline defence against criminals as Commonwealth cracks down on corporate cybersecurity.

Content sponsored by Beyond Trust.

The rise cybercriminal attacks on Australian critical infrastructure has hit businesses hard.

The Commonwealth is so concerned that it will mandate impacted Australian organisations deemed to be ‘critical infrastructure providers’ report cyber incidents and empower the Australian Signals Directorate to step in to secure assets. It has also recently expanded the list of critical infrastructure providers to include sectors such as healthcare, food and grocery, and higher education. So very many Australian businesses will now be caught within the compliance net.

The reasons for expanding what is critical infrastructure are clear. In 2020, bad actors ripped off $128m in payment redirection scams; even businesses buying personal protective gear for staff lost $3.9m to scammers at the height of the pandemic. And SMBs tend to be the worst affected, each losing on average $33,000 last year.

The Australian Government Cybersecurity Centre now recognises ransomware as “one of the most significant threats” to Australian businesses.

And it’s by stealing user login credentials through spearphishing and elevating access levels that criminals do the most damage.

Privileged Access Management (PAM) technology offers a solution to help Australian organisations of all sizes harden their systems against attack and comply with the more stringent federal laws. Simon Hickson, Beyond Trust regional sales manager, says cybercriminals and other bad actors are keen to steal Australians’ “keys to the kingdom”.

“There is a large regulatory driver [because] stolen and weak credentials are where 80% breaches are found,” says Hickson.

CRN research commissioned by PAM vendor Beyond Trust found that while 80% of responding Australian enterprises are considering PAM, about a third perceived it to be difficult to deploy and/or use. The biggest perceived benefits were:

  • Secure remote access (68%)
  • Password management (64%)
  • Access control (62%)
  • Collaboration with third parties (50%)
  • Work-from-home employees (60%)

CRN assembled channel experts Craig Somerville, Founder & MD, Somerville Group; Amit Singh, Technical Director, 3Columns; Tristan Warner, CIO & Co-founder, eNerds; and Gergana Winzer, APAC Industry Director Cybersecurity, Unisys to explore how trusted advisers in the ICT channel can help their customers straighten their cybersecurity posture.

In this roundtable we discussed why PAM was critical to digital transformation initiatives such as work from home and how channel partners can integrate PAM into a holistic offering for customers. Other topics we discussed were:

  • How to educate customers about PAM’s importance
  • How PAM fits into the Internet of Things, operational technology, and Zero Trust
  • How channel partners can start on their own PAM journeys.

Partners also expressed the complexity in managing customer environments where they may not have complete control or access. eNerds co-founder and Chief Information Officer Tristan Warner suggests automating such systems.

“We’re in the tricky situation where we’re a third-party IT provider looking after [a customer] environment and we’re responsible for security but they give access to a third party that we’re not privy to; it’s nigh on impossible to do so effectively,” Warner says.

To learn more about Privileged Access Management, visit Beyond Trust and download CRN’s research into customer attitudes.

Sponsor Zones