by Rebeca | Dec 7, 2022 | cybersecurity, soffid
Cybersecurity Trends in 2023
According to a report recently published by the insurer Hiscox, cyberattacks in Spain have an average cost per company of 105.000 euros, almost double compared to 2020, which was 55,000 euros. The cost per company reaches, on average, 78,000 euros worldwide.
The reputational damage must be added to the economic cost, becouse a security breach can cause reluctance or fear among users and clients when hiring their services.
Today we share the trends in cybersecurity in 2023.
Cybersecurity Culture
Businesses will continue to fight phishing, ransomware, and DDoS. Remote work is here to stay, along with the security risks that come with it. Unshielded home networks, untrained employees, and the absence of a cybersecurity culture will pose a serious threat to organizations unless they take the proper precautions. A new geopolitical reality. The ongoing war, coupled with the energy crisis, may result in attacks on critical energy infrastructure.
Security Practices improvement
The CISO is responsible for setting the strategy, but cannot implement that strategy if there is no buy-in from other areas of the organization. It is up to the members of each department to apply the controls that the security team recommends or requires. This disconnect between the expectations of the security team and the actual implementation is where things fall apart. In 2023, organizations will look to solve this problem and place more departmental emphasis on implementing security best practices.
Zero-Trust Architecture
Businesses will address ransomware threats from several ways, from improving cyber skills by working with the security team, to the right security tools such as multi-factor authentication, and training courses. Zero-trust architecture investment to validate access and improve security will increase.
Transparent Cybersecurity with customers
The way companies interact and communicate with their customers will need to change in 2023 as the public becomes increasingly aware of ransomware threats and data privacy issues.
As data breaches become increasingly public, rather than trying to downplay or hide the incident, organizations will need to admit the problem and provide details about the steps they are taking to mitigate the problem and prevent future breaches.
Customers will appreciate this honesty and will be more likely to do business with companies that are open and transparent about their cybersecurity practices.
Visibility and security of connected devices
Leading organizations will target connected device cyber practices by establishing or updating related policies and procedures, updating inventories of their IoT connected devices, monitoring and patching devices, refining device acquisition and disposal practices with security in mind , correlating IoT and IT networks, monitoring connected devices more closely to further secure those endpoints, manage vulnerabilities, and respond to incidents.
Supply chains threats
Today’s hyper-connected global economy has led organizations to rely heavily on their supply chains, with threats evolving in complexity, scale, and frequency, so organizations will continue the drive to innovate and mature their transformation capabilities. risk and security.
Organizations are focusing on implementing and operating identity and access management (IAM) and Zero Trust capabilities that better enforce authorized third-party access to systems and data, and reduce the consequences of a compromised third party.
Shall we talk?
Fuentes:
- Spiceworks.com
- Venturebeat.com
by Rebeca | Nov 30, 2022 | cybersecurity, soffid
Today is the International Computer Security Day
Every November 30th is International Computer Security Day. The holiday started in 1988 when technological progress brought new concerns about privacy and security; thus, the day is dedicated to keeping your online data safe and secure.
In a world in which the Internet is totally essential, the massive use of the network has caused a 26% cyberattacks increase in Spain in 2021, making our country the third most attacked country in Europe.
Companies are in the crosshairs of cybercriminals, attacking their servers and platforms in search of relevant information which provides them huge economic benefits. The good news is that, according to an IDC study, it estimates that 2022 will close with an average investment of 7.7% in cybersecurity by companies, representing a total expenditure of 1,749 million euros.
Information is the main asset of companies and, therefore, its protection against possible leaks, whether due to attacks, carelessness or not having good habits, is crucial to guarantee its security and so that the development of its activity is perform normally.
According to figures from the National Institute of Cybersecurity (Incibe), the loss of data due to computer attacks or simple human errors can mean losses of between 2,000 and 50,000 euros for SMEs, and 3.6 million on average for large companies, according to IBM.
The most serious threat to an information system is people, so their training and awareness is one of the fundamental objectives that are pursued with the implementation of a cybersecurity culture program.
But an IAM framework enables IT to control user access to critical information within their organizations. IAM products offer role-based access control, which lets system administrators regulate access to systems or networks based on the roles of individual users within the enterprise.
In this context, access is the ability of an individual user to perform a specific task, such as view, create or modify a file. Roles are defined according to job, authority and responsibility within the enterprise.
IAM systems should do the following: capture and record user login information, manage the enterprise database of user identities, and orchestrate the assignment and removal of access privileges.
That means systems used for IAM should provide a centralized directory service with oversight and visibility into all aspects of the company user base.
Shall we talk?
Fuentes:
- Directivosygerentes.es
- ITresellers.es
- Incibe
- IBM
by Rebeca | Nov 24, 2022 | cybersecurity, News, soffid
In September, ridesharing company Uber disclosed that hackers had stolen the personal information of about 57 million customers and drivers. The days following the attack were full of speculation around how the attacker – allegedly a 17 year old – was able to gain access to the systems.
What happened?
1st. By obtaining access to login information for Uber’s VPN infrastructure, the attacker was able to enter its IT environment.
2nd. This contractor most certainly did not have elevated or unique access rights to critical resources, but he or she did have access to a network share, much like other Uber employees. Either this network share was accessible or the broad read ACL setting was set incorrectly. As a result, the hacker located a PowerShell script with hard-coded privileged credentials for Uber’s PAM solution within the network share.
3rd. The attacker was able to further elevate privileges by harvesting the hard-coded admin credentials for the privileged access management system.
4th. The attacker ultimately obtained “elevated permissions to a number of tools,” according to Uber’s most recent update. The potential for harm was high by accessing privileged access management solution secrets: According to reports, the hacker gained access to the SSO, consoles, and cloud management console, which Uber uses to store confidential customer and financial information.
5th. The attacker “downloaded some internal Slack communications, as well as accessing or downloaded information from an internal application our finance team uses to track some bills,” according to Uber, which is still looking into the matter.
Zero-trust strategy
Proactive security demands defence-in-depth, or a combination of complementary security layers that are in support of a zero-trust strategy. The absence of embedded credentials in the first place may be of importance in this situation.
In order to effectively manage these accounts, the Soffid product has the necessary logic to Identify accounts, classify them according to the level of risk and its scheme of use, distribution and assignment to responsible users, automatic and planned password change process, passwords delivery process to authorized users and automatic injection of passwords, when this injection applies and makes sense.
Shall we talk?
Sources: Technative.io
by Rebeca | Nov 16, 2022 | News, Release, soffid
We are proud to have been identified as one of the most representative Identity and Governance Administration vendor by Gartner in the Gartner Market Guide for Identity Governance and Administration (IGA).
According to this Gartner Market Guide for Identity Governance and Administration (IGA) Soffid is:
- one of the most representative Identity and Governance Administration vendors worldwide.
- one of the few vendors with a convergent strategy. Gartner says that by 2025, 70% of new access management, governance, administration and privileged access deployments will be converged identity and access management platforms.
- the only spanish native language vendor and it’s one of the four Europeans. Access to local professional services with experience of particular tools and of local or regional regulations, customs and ways of working is a key consideration.
The identity governance and administration landscape has evolved significantly over the years in lock step with the increasingly dynamic nature of today’s enterprise.
Gartner recommends that security and risk management leaders should include ease of deployment and operation in any assessment. They also assert that organizations should identify their key use cases early in any review process to quickly eliminate from consideration any IGA tool that cannot meet their organization’s needs. Mandatory capabilities for a complete IGA suite to meet a typical organization’s needs are:
- Identity life cycle management
- Entitlement management
- Support for access requests
- Workflow orchestration
- Access certification (also called “attestation”)
- Provisioning via automated connectors and service tickets
- Analytics and reporting
This Market Guide is an aid to anticipating future trends, features and integration capabilities in the IGA market.
Market Guides as Gartner’s is useful to understand how the status of an emerging market aligns to your future plans in IGA and survey the types of provider options in the market and understand how offerings are likely to evolve.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.”
by Rebeca | Nov 9, 2022 | soffid
Webinar “Beneficios de la Gestión de Identidades a través de una Plataforma Convergente”
La implantación de una plataforma convergente de gestión de identidades ayuda a reducir gastos operativos, requiere menos recursos administrativos y permite un despliegue más rápido y efectivo.
Según Gartner, para 2025, el 70 % de las nuevas implementaciones de gestión de acceso, gobierno, administración y acceso privilegiado serán plataformas convergentes de gestión de acceso e identidad. Para 2024, las organizaciones que adopten una arquitectura de malla de ciberseguridad reducirán la cantidad y el alcance de los incidentes de seguridad y el 90 % de su impacto financiero.
¿Qué es Soffid y Cómo funciona?
Soffid es una plataforma IAM convergente que reúne la Gestión de Acceso (AM), el Gobierno de Identidad (IGA), el riesgo y Cumplimiento de Identidad (IRC) y la Gestión de Cuentas Privilegiadas (PAM) en una plataforma integral.
En Soffid llevamos años trabajando en la Gestión y Gobernanza de accesos e identidades de organizaciones públicas y privadas tanto a nivel nacional como internacional (en más de 25 países de los 5 continentes).
Compartiremos esta experiencia en nuestro próximo Webinar “Beneficios de la Gestión de Identidades a través de
una Plataforma Convergente”, que impartirá nuestro CTO y Fundador, Gabriel Buades, el Jueves, 24 noviembre 2022 a las 16.00h.
Reserva, Plazas e Inscripción
La disponibilidad de plazas es limitada, por lo que, si está interesado en acompañarnos, le rogamos que formalice su inscripción lo antes posible desde aquí.
¡Le esperamos!
