Earlier this month, the Identity and access management provider, Forgerock, released its 2021 Consumer Identity Report, looking at the nature of data breaches in 2020 across the globe – with a particular focus on the US.
The report is well worth a read for business and IT leaders. It will help you gain a deeper understanding of what types of data hackers are after, and how you can bolster your defenses.
But, as with most vendor reports, it’s also pretty long.
So, we’ve done the reading for you! Here are the major takeaways from the Forgerock Consumer Identity Report.
Fewer breaches, more damage
The report shows that cybercriminals changed their focus in 2020. Rather than going after anyone and everyone, they pivoted to focus on more valuable industries – like healthcare and education – that store more lucrative data. In line with this, data breaches revealing usernames and passwords rose by 450% from 2019 to 2020, enabling attackers to use these credentials for more stealthy, strategic attacks.
With a more targeted focus, the number of breaches declined – but the financial impact of breaches soared, especially for organizations with remote employees. We can speculate this is because of a lack of data-centric identity and access management controls.
Compliance ups the stakes!
In 2020, GDPR fines rose by 40% to a whopping €158.5M. The report notes that most of these fines were dished out due to companies having inadequate security controls in place (AKA DLP!).
At the same time, there was a big rise in data breach lawsuits – with 25 class-action lawsuits filed in the US in 2020 for factors like a lack of data protection and negligence.
Types of attacks
So, how do cybercriminals get their hands on this data? The three most common attack methods are unauthorized access, phishing and malware. It’s worth noting that, in most phishing attacks, the attacker aimed to get their hands on user credentials, which were then used for a second phase of the attack. This means that unauthorized access essentially accounts for more than half of data breaches in 2020.
Types of data compromised
It’s easy to see how unauthorized access has climbed the ranks as a go-to attack method when we look at the types of data that are being leaked in data breaches. Information like names, addresses, DOB and SSNs can be used as the basis for fraud – be it logging into a person’s bank account or their work email address.
Actions to take
Organizations need to take urgent action to combat credentials compromise attacks and unauthorized access.
While it might seem like a large task, taking a strategic approach to identity and access management is crucial for protecting sensitive data and avoiding costly breaches.
Here’s our advice on what to do:
- Stop using static, simple passwords: Static passwords are a credentials compromise attack waiting to happen. Passwords like 12345 and qwerty are a cybercriminal’s dream. Enforce multi-factor authentication and single-sign-on for all accounts.
- Audit your privileged accounts and implement granular access controls: Put in place a strategy to dynamically authenticate and authorize users as they interact with corporate resources. Make special considerations for privileged accounts within your IAM framework. They will need more rigorous monitoring, vetting and controls to prevent account compromise.
- Embrace Zero Trust: Zero Trust architecture (ZTA) works by using a range of technologies to continuously monitor and authenticate users and devices. It is more of an approach than one solution, so look for vendors – like us – that embed a ZTA into their solutions.
- Enforce security in SaaS applications: In the cloud-first world, organizations need to verify access at an application level and at a data element level. Each SaaS application brings a different set of usage patterns. Privilege access to data within these platforms is not only needed but essential as organizations grapple with privacy and data breach risks.
How Polymer can help you protect against unauthorized access and data breaches
Polymer SaaS DLP discovers and protects sensitive data to ensure it is only accessed and edited by authorized, legitimate users. Using APIs, our solutions effortlessly integrate into your cloud apps and begin scanning for sensitive data – you can get set up in minutes!
Polymer discovers both structured and unstructured data, meaning it can find sensitive information in documents, chats, databases and more.
Once identified, our solution uses automation and a self-learning engine to take the most sensible, secure steps to safeguard your data as users try to access it. Actions include redaction, quarantine, blocking and alerting, depending on the threat in question.
Polymer SaaS DLP prevents sensitive data exposure across modern collaboration tools like Slack, Dropbox, Zoom, GitHub, Jira, Zendesk and more with alerting & real-time redaction of sensitive and regulated information such as PII, PHI, financial and security data. All without slowing the business.