Smart services and smart technologies – Part One
A series designed to address state-of-the-art services and technologies that can be used by business to Eliminate Inefficiency.
In 2021, cyber-attacks are much more than a threat to business continuity. They are increasingly a threat to business survival. Research by Arcserve published in late 2020 found that 59% of buyers are likely to avoid suppliers that they believe have suffered a cyber-attack – with 25% suggesting they would abandon the product favouring a competitor. This finding is of particular concern in 2021 – given a 60% increase in business email scams, alone, in the last twelve months.
Numerous factors, including the coronavirus pandemic, have contributed to an increase in cyberattacks in the past 12 months. The cost of Ransomware damages are expected to reach US$20 billion in 2021, and some 94% of malware is now polymorphic, meaning that it can continuously modify its code to avoid detection. It is estimated that 6.85 million accounts get hacked every day or 158 every second – many of which could be avoided if passwords were managed more effectively.
It is estimated that:
- 33% of hacks involve phishing. and
- 28% of data breaches involve malware.
- 80% of hacking-related breaches leverage compromised passwords.
The first question businesses need to ask themselves in 2021 is:
- ‘Are the practices of our staff increasing the risk of phishing, malware or other password related breaches?’
The second question businesses need to be asking is:
- ‘How can we reduce the threat of password-related data breaches in 2021?’ This missive addresses both questions.
Our experience and volumes of research suggest that the answer to the first question is, for most businesses – ‘yes’. And we can prove it.
Wolfe Systems is currently undertaking tests of the password and email practices of staff within client organisations. The results have been both alarming and instructive. They have been alarming because we have frequently found:
- Passwords listed for sale on the dark web.
- Staff opening email that is for all intents and purposes malware.
These findings are consistent with those of research where it was found that:
- 51% of employees have not changed their passwords.
- 50% of employees reuse an average of five passwords.
These findings have been instructive, and answer the second question above in that they have enabled Wolfe Systems to implement strategies for clients that reduce future risks.
In response, clients have implemented policies to:
- Develop passwords with random numbers, letters and symbols that cannot be guessed.
- Adopt different complex passwords for each business unit and each user.
- Change passwords frequently and avoid the reuse of any passwords.
- Use a password manager or random password generator – such as RANDOM.ORG.
- Educate employees about the threats of passwords and malware breaches.
- Review all breaches and attempted breaches to identify upgrade opportunities.
- Implement multi-factor identification to provide an added level of security.
Wolfe Systems is also recommending that our clients use Passly, software developed by Kaseya. Passly protects data by ensuring that only authorised people are given secure access to sensitive applications and information. Developed in response to the growing numbers of remote workers, increased dependency on cloud applications, and explosive increases in cyber breaches, Passly is available for both SME and enterprise applications, facilitating:
- The protection of all applications.
- Secure access and multi-factor identification.
- Streamlined efficiencies with a single sign-on (SSO).
- Network and infrastructure access protection.
In short, this very smart technology makes security easy and affordable. This is leading-edge technology that will improve security without high costs or effort. Passly even facilitates the auditing of security systems and practices identifying issues requiring attention.
I recommend all businesses Install Passly secure identity and access management software without delay.
If you want to know more, please give me a call or email me.
0488 445 044