Data breach reporting regulations are becoming commonplace in many countries including Australia and as a result, organisations need to increase their identity and access management (IAM) maturity.
According to Centrify, the risks arising from breaches and breach reporting can be reduced if organisations take action.
Reported data breaches could damage both shareholder and customer loyalty – you only need to look at how Verizon slashed its offer to acquire Yahoo.
“A breach can wipe out company value, as we saw it with Yahoo!’s acquisition price devaluation of $350 million after its data breaches were announced,” comments Centrify’s senior director of APAC sales, Niall King.
“A recent Ponemon research study found that stock prices fall an average of five per cent and customer churn can increase as much as seven per cent after a data breach is disclosed. The stakes for properly securing access to corporate resources and handling security incidents couldn’t be higher.”
Another study by Forrester Consulting found that two thirds of organisations have been breached in the last five years. Those without a mature IAM approach experienced twice as many breaches and around $5 million more in costs.
To help organisations improve their cybersecurity defences, Centrify outlines seven best practices:
- Consolidate identities: According to Verizon, 80 per cent of breaches are due to compromised credentials. It’s critical to develop a holistic view of all users and strengthen and enforce password policy, or eliminate passwords, where possible
- Enable Single Sign-On (SSO): Single Sign-On to enterprise and cloud apps, combined with automated cloud application provisioning and self-service password resets, cuts helpdesk time and cost, and improves user efficiency
- Implement Multi-Factor Authentication (MFA) everywhere: Multi-Factor Authentication, including third parties and the Virtual Private Network (VPN) that adapts to user behaviour, is widely acknowledged as one of the most effective measures to prevent threat actors from gaining access to the network and navigating to target systems
- Audit third party risk: Outsourced IT and third party vendors are a preferred route for hackers to access corporate networks. Conduct audits and assessments to evaluate the security and privacy practices of third parties
- Enforce least-privilege access: Role-based access, least-privilege and just-in-time privilege approval approaches protect high-value accounts, while reducing the likelihood of data loss from malicious insiders
- Govern privileged sessions: Logging and monitoring of all privileged user commands makes compliance reporting a trivial matter and enables forensic investigation to conduct root cause analysis, and
- Protect the inside network: Network segmentation, isolation of highly sensitive data and encryption of data at rest and in motion provide strong protection from malicious insiders and persistent hackers once inside the firewall.