There has been an intensifying changing of the guards in the IT security community, as more experts continue to urge businesses, consumers and public sector entities to modernize their protective frameworks in light of current threats. It has been a slow battle for the most part, with the majority of enterprises still relying upon antiquated password and credential systems, and failing to even use these ineffective strategies properly.
However, new solutions are available that are intuitive, affordable and tackle many of the most common risks of Internet utilization in one fell swoop, most notably multi-factor authentication. As more businesses and consumers begin to use these tools over time, the frequency and damage of breaches in North America and abroad will likely start to drop in the right direction, rather than continuing to spread rapidly throughout industries and regions.
New study points to intelligent security
Verizon recently released its 2014 Data Breach Investigations Report, which sought to discover patterns related to information exposure, compromised systems and other threats to security. It is important to note here that Verizon is one of the more active companies in cybercrime investigations, working on major cases such as the December breach of Target and countless others in the past few years.
According to the research, 92 percent of the 100,000 breaches studies were caused by nine basic patterns, which are generally consistent per each industry, and that they were relatively simple.
"After analyzing 10 years of data, we realize most organizations cannot keep up with cybercrime – and the bad guys are winning," Wade Baker, principal author of the Data Breach Investigations Report series, explained. "But by applying big data analytics to security risk management, we can begin to bend the curve and combat cybercrime more effectively and strategically. Organizations need to realize no one is immune from a data breach. Compounding this issue is the fact that it is taking longer to identify compromises within an organization – often weeks or months, while penetrating an organization can take minutes or hours."
The report went on to explain that three separate patterns accounted for nearly three-quarters of the total sum of breaches, with financial services companies falling victim to distributed denial of service, card skimming and Web application threats most frequently. Finally, the researchers noted that stolen or misused credentials are the most common cause of breach, accounting for 66 percent of the study pool, and subsequently suggested that multi-factor authentication might be the best way forward.
Identity and access management should be high priorities for the average corporate decision-maker considering the high cost and indirect reputation damage that come along with breaches. With multi-factor authentication, data and systems will be more accurately protected, while the user experience with these types of security frameworks are almost always more positive than traditional passwords and credentials.
Network authentication can be used to avoid DDoS attacks, while other types of the solutions will cover the various storage systems and access points in a given IT framework.