sb-nz logo
Story image

Unprotected machine identities costing firms billions - report

03 Mar 2020

Organisations worldwide could recover a collective total of between US$51 billion to as much as US$72 billion just by repairing their poorly protected machine identities.

Those figures are just some of the statistics from a new report by Venafi and AIR Worldwide, which illustrates that proper management of machine identities could prevent billion-dollar losses.

According to the two companies, machines are critical to the fundamental operation of a business and the flow of many different data types.

Cybercriminals target these machines because organisations don’t take the time to protect these machines and their machine identities properly.

“When machine identities are poorly managed and weakly protected, they become prime targets for cyber attackers who can use them to gain and maintain unauthorised access to network assets and data, impersonate trusted machines and applications, hide malicious activities and exfiltrate stolen data while remaining undetected. Any of these activities by cyber attackers can result in economic damage to organisations,” the report claims.

Of the largest companies with revenues more than US$2 billion, as much as 25% of cyber losses could be due to machine identity compromise. Amongst smaller companies (revenues less than $2 billion), machine identities could account for as much as 16% of cyber losses.

Venafi’s vice president of security strategy and threat intelligence Kevin Bocek says that many businesses still rely on processes and techniques from 20 years ago. These processes are terrible at protecting machine identities and can cause billions of dollars in losses.

“Digital transformation is dependent on cloud, microservices and APIs, and all of this requires the authentication and privacy that machine identities provide. Cybercriminals understand that breaking this link means hitting the jackpot.”

AIR Worldwide used a combination of cyber event datasets, including event datasets, filmographic datasets, and technographic datasets to produce its findings.

The research also assessed more than 100,000 firms for their performance in various cybersecurity areas, such as SSL/TLS certificates, user behaviour (for example, file sharing services and torrents) and indicators of compromise (for example, communications to any botnet command and control servers).

Estimating the financial impacts of cybersecurity practices is always a challenging problem, requiring a combination of data, models, and subject matter expertise. We were able to leverage our experience when we developed a model estimating the impact of cybersecurity practices on data compromise event frequency. The results of this study show that there are very real costs when failing to adequately protect machine identities,” says AIR Worldwide senior scientist Eric Dallal.

The report points out that organisations depend on secure machine-to-machine connections and communications. These, in turn, rely on machine identities for authentication and encryption. As such, organisations should adopt a strong machine identity protection program as part of their overall cybersecurity programs.

Story image
Advanced threat actors engaged in cyberespionage up their game
"This recent activity signals a major leap in their abilities."More
Story image
Combine endpoint privilege management with these tools for maximum protection
By integrating an EPM solution with additional technologies, teams can manage the entire security tool stack more easily and enhance each component’s effectiveness.More
Story image
Kroll completes Redscan acquisition, expands cyber risk portfolio
With the addition of Redscan and its extended detection and response (XDR) enabled security operations centre (SOC) platform, Kroll expands its Kroll Responder capabilities to support a wider array of cloud and on-premise telemetry sources.More
Story image
IT leaders prioritising automation, Zero Trust and API-based security investments
"The study shows that a cocktail of multiplying threats, the proliferation of hybrid and cloud architectures, blended with a pandemic-fuelled explosion in distributed and remote work has created a perfect storm for network security teams."More
Story image
Dell Technologies unveils new data protection innovations for hybrid cloud workloads
The Dell EMC PowerProtect Backup Service, powered by Druva, is designed to deliver SaaS app protection without increasing IT complexity.More
Story image
ThreatQuotient hits $22.5m in new financing, continues growth streak
“Since we first invested in ThreatQuotient in 2017, their team has continued to prove to the market that there is a critical need for cybersecurity solutions aimed at security operations."More