Henry Ford once famously said, “Most people spend more time and energy going around problems than in trying to solve them.” This isn’t an indictment of today’s security practitioners, but rather the reality they’re forced to live with. Competing and conflicting business priorities, industry fads, and general misconceptions drive attention and funding to the wrong priorities. As a result, data breach occurrence continues to rise, as does the level of devastation they cause.
Sadly, while attackers continue to improve upon the ease and speed in which they can achieve their objectives, the general techniques or underlying principles they exploit remain very much the same – and it’s largely about Active Directory. If you’re thinking that’s too simple or too narrow, think again. You needn’t look too far or search too hard to find that Active Directory is a target – if not the target – of virtually every advanced threat actor, from nation-states to modern ransomware variants and everywhere in between.
So, if Active Directory is the common denominator, why is there so much focus on seemingly everything but AD itself? It’s clear that Active Directory needs to be prioritized, but what are the clear priorities for protecting AD and thus everything connected to it?
Read this white paper to learn why Active Directory security should be a priority for your organization and ways to mitigate against a data breach.