_small.png){kind=logo}
When a cybercriminal network hit a major oil pipeline system, forcing the company to shut down critical multiregional infrastructure for days on end last May, some observers were shocked that the company forked over close to $5 million in Bitcoin to free its systems. But perhaps more shocking was that this devastating security breach came through a single compromised password.
And in early July, an IT solutions provider was attacked by another cybercriminal gang, setting off a cascade of ransomware and shutdown attacks on systems all over the world, paralyzing up to 1,500 companies that were clients of 50 managed service providers using the solution provider’s products. In this case, the hackers gained access through authentication bypass on the company’s US web interface.
Even as the past two years of global pandemic brought unimagined levels of unpredictability to organizations the world over, record-smashing security breaches and ransomware demands have erupted from focused attacks that capitalize on weak and exposed passwords. Such events have become all too common as bad actors successfully steal personal identifiable information and infiltrate companies’ networks. The consequences can be dire.
Absent a stronger emphasis on cybersecurity strategy right now, business leaders cannot claim with confidence that their organizations are effectively protecting their own digital identities.
No Time Like the Present
Why the sense of doom?
First, during the pandemic, in order to avoid interrupting essential business activities, many companies rushed to set up their workforces with remote access to systems and applications. As a result, many employees adopted new tools and apps to increase their productivity, often bypassing technology sanctioned by the company’s IT team. This invited unknown risks into the business—risks that are only just now becoming apparent.
Second, spurred by their digital transformation efforts, companies have increasingly moved the bulk of their work to cloud environments, in which their employees, contractors, and business partners access most of their systems remotely. A typical large enterprise may now have thousands to millions of identities—human and nonhuman—accessing critical business information across hundreds to thousands of access points, often with very little oversight. And cybercriminals know it.
On top of that, more individuals than ever share their personal and sensitive information with third-party platforms. This is especially risky today, as many organizations have moved their employees and contractors from BYOD (bring your own device) to BYOE (bring your own environment) workflow. This blurs the line between the devices and platforms people leverage for their work versus their personal use, providing additional access points for bad actors.
Considering all the accounts any given individual maintains for their personal and business applications, it’s no shock that credentials are often duplicated across this border. The upshot: Once cybercriminals get access to personal applications—which are usually less secure than corporate IT-sanctioned apps—they have an easy gateway to enterprise data. According to a recent report, 61 percent of breaches stem from leveraged credentials.
So, when we read the details behind the latest headline of a breach, it’s no surprise to learn the story started with compromised worker identities falling into the wrong hands. And, cybercriminals don’t stop at merely stealing our digital identities; they use them to impersonate us on a variety of platforms and applications, gaining further access.
While attackers stealing credentials to breach a company is nothing new, the speed and volume at which organizations and individuals adopted new approaches to stay operational during the pandemic made stealing identities significantly easier for bad actors. To combat this, companies must redouble their focus on identity security: making sure the right people gain access to the right information at the right time—and the wrong people don’t.
Investing in Identities
For modern enterprises, securely connecting the right people to the right technology is incredibly complex. In recent years, with the explosion of new SaaS applications, increased churn in workforces (especially since the onset of the pandemic) and the advent of nonhuman identities, the scale of this challenge has moved well beyond human capacity. Large companies today have more than 1,000 applications in use on average, according to a report, often supporting tens or even hundreds of thousands of identities.
Without a single view into all identities and their access rights, or the ability to manage them through automation, organizations are needlessly exposed to business, brand, and financial risk brought on by the explosion of technology that underpins their operations. Still, companies typically rely on people-intensive manual tasks and processes as the primary means of securing corporate identity information.
This does not have to be the case. By harnessing the power of artificial intelligence and machine learning with an identity security offering, businesses can ensure they are securely connecting the right people to the right technology, and doing so in a way that matches the scale and dynamic nature of today’s enterprise.
After all, secure control over identity and access data is the thread that connects people to technology safely and efficiently. When this is made foundational to enterprise security, it’s far harder for attackers to do their jobs. And at the end of the day, that should be the primary goal of every kind of cyber defense. If organizations give the appropriate focus to protecting their most vulnerable assets—their identities—they can minimize risk as they confidently and securely enable their workforce to propel the business forward.
To learn more about SailPoint’s Identity Platform, visit: SailPoint.com
This story was produced by WIRED Brand Lab for SailPoint.
