Active Directory (AD) is involved in over 90% of cyberattacks in some way, shape or form.
As the number of breaches increases, organizations need to pay more attention to AD security.
speaks with Derek Melber
, chief technology and security strategist at Tenable
- The status quo of AD
- Zero trust as it relates to AD
- How testing can help
Active Directory (AD) will be coming up on its 22nd birthday in February of 2022.
To put it another way, AD is seasoned, and because of that, people assume it’s secure.
“Many think that we know Active Directory, so it has to be secure,” Derek explains, “and it’s not.”
That assumption is one reason why AD security is often overlooked.
Another reason is that many organizations are making the move to the cloud, and so the focus is on securing that rather than legacy pieces.
“When you have something that's new, and something that's not new, you give the attention to the new thing, and not the thing that's older,” Derek says.
Whatever the reasons, Derek believes we are dangerously behind on AD security.
“We are behind the eight ball with these attacks,” he says. “The attackers know AD is there, they know they’re going to find something, and they do, and they leverage it.”
In fact, according to Derek, over 95% of organizations running an AD have misconfigured settings that can be exploited.
“I think organizations are so scared that they’re just running around trying to do the best they can,” he says.
In Derek’s opinion, there needs to be a change in the way we think about AD security.
“If we assume breach, why are we spending so much time on detecting attacks?” he explains. “We’ve already been attacked. We already have backdoors in the environment.”
His solution is prevention.
“We need to make sure that we secure whatever is available to be attacked and exploited right now,” he says. “We have to get to a point where we trust our environments.”
After the security foundation is secured, then we can move on to attack detection.
“That’s kind of where AD fits within zero trust is we have to secure it and then monitor it from that point forward,” he explains.
If you take one thing away from this, Derek hopes it’s the importance of testing.
“I always challenge admins in organizations, go pick three to five things and test them,” he says. “If a little bit is wrong, then most likely some other stuff is wrong, and we really need to go in and take a look.”
For more information, contact Ian Bast
or visit Solutions for Zero Trust
To join the discussion, follow us on Twitter @IngramTechSol #B2BTechTalk
Listen to this episode and more like it by subscribing to B2B Tech Talk on Spotify, Apple Podcasts, or Stitcher. Or tune in on our website.