Beyond Cybersecurity Awareness Month: Achieving identity security all year long

by | Oct 19, 2022 | Technology

Did you miss a session from MetaBeat 2022? Head over to the on-demand library for all of our featured sessions here.

Checking work email at home, home email at work. Launching Zoom meetings on phones, tablets or personal laptops. Opening messages (even if they’re suspicious). Using the same passwords across work and personal emails and accounts (because it’s just way simpler to remember them that way, right?).

These all happen every day — millions upon millions of times — all around the world. And it puts both people, and the organizations they work for, at significant risk.

To draw attention to this — and, ideally, action around it — the theme of this year’s Cybersecurity Awareness Month is “See Yourself in Cyber.” Hosted by the National Cybersecurity Alliance (NCI) and taking place through October, the event emphasizes four key practices: enabling multifactor authentication (MFA), using strong passwords and a password manager, updating software, and recognizing and reporting phishing.

“Not all security challenges require a technological solution,” said Julie Smith, executive director of the Identity Defined Security Alliance (IDSA). “The greatest challenges to security are almost always people.”

Low-Code/No-Code Summit
Join today’s leading executives at the Low-Code/No-Code Summit virtually on November 9. Register for your free pass today.

Register Here

The human problem

It’s becoming increasingly clear that human behavior accounts for the majority of cybersecurity issues: 95% according to the World Economic Forum; 82% per Verizon’s 2022 Data Breach Investigations Report. 

The IDSA’s 2022 Trends in Securing Digital Identities report found that 84% of organizations experienced identity-related breaches in the last year. Among those, 96% reported the breaches could have been prevented or minimized simply by implementing identity-focused tools like MFA and privileged access reviews. 

“It’s clear that hackers are continuing to utilize the simple login to access corporate data rather than deploying sophisticated techniques,” said Smith. 

Just look to the recent Uber incident that granted “full access” to a hacker who successfully exploited a contractor’s two-factor authentication. The hacker posted to a company-wide Slack channel and reconfigured Uber’s OpenDN …

Article Attribution | Read More at Article Source

Share This