This year, worldwide spending on cybersecurity is estimated to be over $120 billion yet research shows over 80% of data breaches are caused by stolen, weak or default passwords. It raises the question as to why some many organizations are investing heavily in protecting their perimeter and then leaving their front door open. A well-implemented Identity and Access Management (IAM) strategy is essential if you’re trying to minimize your risk of expensive and damaging data breaches.
Let’s be honest. For almost every organization, public and private, the likelihood that someone will attempt to hack you is extremely high. Whether state-sponsored or not, hackers are getting more sophisticated and more determined.
A 2018 report into data breaches found that over a third of US organizations had been hacked in the past year and—most worryingly—74% of those hacked didn’t even know it had happened. When you consider that another data breach report in 2018 showed almost 70% of breaches go undetected for months or longer, you begin to understand the scale of the havoc one successful hack can cause.
Data breaches: The stakes are just too high
It seems like a new high profile data breach hits the headlines every week. For commercial organizations it exposes information such as personal data, financial details and intellectual property. This is far more than an expensive PR disaster; for some, it can be an extinction level event.
Yet, it continues to happen. Recently, Facebook revealed that a data breach had led to 30 million of its accounts being compromised. According to Forbes, hackers used the ‘view as’ feature in Facebook to gain access to user authentication tokens that not only gave access to personal details on that user but also, through them, their friends.
Another social media service, Reddit, also announced a serious data breach this year. The personal data of users was exposed when hackers managed to compromise the accounts of some Reddit executives. The company appears to have had a two-factor authentication solution using SMS to confirm identity. This proved to be the weak link leaving the service to ruefully admit: “We learned that SMS-based authentication is not nearly as secure as we would hope”.
According to latest figures, the average cost of a data breach in the UK is just under $4 million, but a breach on the scale of Facebook could reach as much as $350 million. That’s a level of loss that even the largest company is going to find difficult to sustain.
However, we live in a connected world and the security breaches of corporate enterprises is only one area of concern—dare I say, not the major one. Quirky stories of security testing companies turning your Google Alexa into a bug may give pause for thought, but much more serious is the threat of malicious hackers gaining access to medical devices such as pacemakers and MRIs. Although there are no reported cases of hackers actually penetrating devices, some medical researchers have recently demonstrated how devices from Medtronic can be compromised.
The thought of critical equipment in hospitals being vulnerable is horrific. The same is true of connected and autonomous vehicles. There is, according to Medium, a 15 year history of car hacking—most notably when a Jeep Cherokee was breached in 2016 with the hackers able to take control of its steering.
In today’s world, we have to be aware that human beings are one player connecting to your network. The growing number of IoT devices all need secure connections, as does the number of systems that are talking directly to other systems, talking to people and gathering data from the connected devices. It takes a comprehensive IAM platform to ensure authentication and control for organizations where connectivity has to be granted, managed and rescinded far beyond your firewall.
IAM: The first line of defense
I read something recently that said that most of the culprits involved weren’t ‘hacking ninjas,’ and that’s absolutely correct. They don’t have to be because there is so much low hanging fruit for them to go after.
There are some many poorly organized password schemes or worse systems that only rely on a single password for access. There are so many people that still respond to phishing emails. One report suggest that as many as 4% of people will click on any given phishing email! Many devices are operating today using their hard coded passwords and factory settings.
You must move quickly to secure the identities of every actor on your network. While many IAM solutions simply provide single sign-on (SSO) for internal users, an enterprise IAM platform must be able to manage, automate, and govern the complex network of external identities for people, devices and systems that need access to your applications and resources. It’s so much more than SSO. Multi-factor authentication that is as basic as a single password is inadequate and Reddit proves that even two-factor authentication may prove ineffective in some cases. And these are the problems with the easy solutions; as alluded to above, customer and business-to-business identity management, and managing identities for internet-enabled devices, all need to be considered with the perspective of connecting an ecosystem.
The platform must be able to monitor the activity of all actors on your network and quickly identify significant changes in behavior and anomalies to detect a potential breach as soon as it happens – as well as deliver a complete audit trail for future investigation and compliance. While most IAM platforms have a much wider feature set, these two capabilities will deter the vast majority of data breach attempts that happen today.
If you’d like to know more about how an effective IAM strategy can help you dramatically reduce your risk from data breaches, please contact us and ask to learn more about identity and access management.
