Data breaches and the number of records exposed has steadily increased over the last six years. In the United States, the number of data breaches has doubled and the number of records exposed has more than tripled.
What’s leading to these breaches? According to Verizon’s 2019 Data Breach Investigations report, the top causes of breaches were:
Verizon noted a key element in these attacks is email. In fact, 94 percent of the time, malware was delivered by phishing emails. And 60 percent of the time, the web application compromised was the front-end to a cloud-based email server.
Given that these methods were a factor in a majority of data breaches, what’s making companies vulnerable? Here are three common mistakes that open the door to attack.
You may not be on top of security updates and patches. But cyber criminals are definitely on top of what needs patching. Word spreads quickly in hacker networks about vulnerabilities. And they are poised to take advantage of them.
So it’s somewhat mind-boggling that so many companies fail to keep their software and systems up to date. Staying on top of your security updates is a simple step that every company should take.
Phishing attacks and more sophisticated spear phishing remain a mainstay of cyber crime. Why? Because employees and users still regularly fall victim to these types of attacks. In 2018, 32 percent of breaches involved phishing. Phishing opens the door to your data. Employees click a link and accidentally install malware (or backdoor programs) or provide usernames and passwords (stolen credentials) that can then be used to infiltrate the organization.
Admittedly, it’s hard to stop employees from making these mistakes. You can reduce the likelihood by educating and training them. That includes annual, required training on how to recognize illegitimate emails, implementing a system for reporting them, and regularly sending phishing emails to employees to test and remind them about the problem.
That fact is, 81 percent of hacking-related breaches involved stolen or weak passwords. Poor passwords are one issue. Another is the fact that over 70 percent of employees reuse passwords, making a credential stuffing attack more likely to be successful.
If you aren’t addressing the password problem, you’re making yourself a target for cyber criminals.
In keeping with a Zero Trust mentality, you need to assume that credentials have been compromised and use a never trust, always verify approach even inside the firewall. Address mistake #3 by solving the password problem.
Two steps companies are taking: reducing passwords through Single Sign-On (SSO) so users can log in once to the corporate portal (or their desktop) and then have access to all their cloud and on-prem apps without having to log in again. And adding Multi-Factor Authentication (MFA), to require that users enter additional information when logging in, beyond their username and password.
While SSO and MFA help with the password problem, security experts agree that the real solution is to eliminate passwords. They recommend replacing traditional passwords with one-time passwords, biometrics, and trusted certificates. That’s why companies are adopting protocols like OAuth and OpenIDConnect that enable passwordless authentication.
The newest authentication systems use User and Entity Behavior Analytics (UEBA) to build profiles of users and their behavior, then compare the user’s login attempts with that profile to create a risk score for each login. Anomalies, like logging in from a new location or on a new device, flag the login attempt as higher risk.
These cutting-edge systems adapt the authentication experience based on the risk level. A low-risk login might not require any additional information from the user A higher risk login might require the user to answer a security question. A very high risk login might require a one-time password sent via push notification plus the user’s biometrics.
Hackers will continue to attack. Companies will have to avoid the three mistakes above in order to keep their organizations safe. Ultimately, they’ll need to move beyond passwords, eliminating that weak link, and use AI authentication tools to provide secure access in a smart, frictionless way.
OneLogin’s Identity and Access Management solution secures access through Vigilance AI, SmartFactor Authentication, and Contextual Login Flows. These tools work together to provide end users with fast, easy authentication while providing IT with the security and visibility needed to protect corporate users and data.
Powered by artificial intelligence and machine learning, Vigilance AI ingests and analyzes large volumes of data and leverages User and Entity Behavior Analytics (UEBA) to build a profile of typical user behavior. It identifies and communicates anomalies in real-time for advanced threat defense.
SmartFactor Authentication delivers a context-aware authentication methodology based on AI/ML insights into user behavior. It determines the optimal authentication process for a given login attempt, based on the Vigilance AI risk score
Contextual Login Flows are auto-configured authentication flows determined by the risk analysis. The authentication process adapts and changes to require the appropriate authentication factors and order, using MFA, certificates, and biometric factors.