By: Geeman Yip, CEO, BitTitan
The digital era is awash with potential threats including malware, spyware, ransomware and denial of service attacks that threaten the security of workplaces everywhere. To ensure security, organizations use multiple protocols including encryption, authentication, and firewalls to safeguard crucial information against hacking and breaches. Several threats can be controlled by having such measures in place.
However, one compromised account can throw everything into chaos and open the door to countless attacks and data losses. Cyberattacks across industries have placed critical information at constant risk, increasing the need for cybersecurity protection.
Singapore’s five-year Research, Innovation, and Enterprise 2020 (RIE2020) plan has identified digital technology as one of the areas of focus. The government plans to invest $300 million more in digital technology research and development to support the growth in services and the digital economy, including funding for existing cybersecurity programmes. With the rise in the adoption of Internet-of-Things (IoT) technology, Singapore has also launched a S$40 million initiative in building an open and inclusive 5G ecosystem, which will support 5G technology trials for enterprise use, focusing on areas such as cybersecurity for the next-generation mobile networks. Data from the latest Cyber Security Agency (CSA) Cyber Landscape report shows more than 9,400 cybercrime cases were reported in 2019, which is 50 percent higher than cases reported in 2018. As businesses implement hybrid work arrangements and employees access company networks remotely due to the pandemic, cybersecurity risks are further increased.
The effects of these data breaches impact the reputations and sales of organisations when the public and partners loses confidence. However, loss of public trust is not the sole source of cost. Post-breach forensic analysis can also be expensive. Organizations need better risk and cost management strategies to address these issues.
Traditional security is reactive. A firewall can stop a virus and a login screen can require a complex password, but neither give a user the details necessary to prevent future attempts to breach the system. These excluded details might reveal critical intelligence in the war against cybercrime. For example, a business may discover that several employee login attempts originate from a location where it has no employees. Such login attempts likely originate from attackers attempting to gain access to employee accounts. Most enterprises would want to do something about the situation if made aware of it.
A hard-line stance would block all employee login attempts coming from this location, but other options are available. Multi-factor authentication, targeted application security and other defences can be tailored to a specific region. An enterprise may also want to reset and strengthen passwords in response to an upsurge in suspicious login attempts. Adding login attempt limits further reinforces system security against brute-force attacks. Organisations that are prepared have many options. However, no action can be taken if an enterprise is not made aware of the problem.
How can an enterprise acquire the information it needs?
In this example, an enterprise may have needed a specialist to determine the location of the login information, if it could be found at all. Once the specialist compiled all the login details, they would need to identify the region from which the false login attempts originated. This was a complicated, time-consuming process rife with human error that often saw results pushed to the bottom of the priority list, overlooked, or dismissed entirely.
Automating security allows vital data, such as the location of suspicious login attempts, to be tracked without the need for a costly and time-consuming campaign. Without writing code, an enterprise can receive detailed login records with the press of a button. Armed with data free of human error, there can be no doubt about the scale of the mysterious logins. Automation can also assess multi-factor authentication enablement to further harden system security against false logins. When an enterprise with an automated platform notices suspicious login attempts, it can respond quickly.
Transformation from manual processes to agile automation processes is rapidly taking place. Several studies conclude that automation has been successful at reducing the lifecycle of a data breach and the expenses associated with it. When businesses automate end to end standard operating procedures across systems, they can create uniformity and repeatability of IT tasks. Even partial implementation of security automation can reduce the cost by tens of thousands of dollars. Protecting systems from illegitimate login attempts is just one small part of those numbers. With secured data, organisations will be able to boost innovation and productivity in the long run as they regain control over critical information.
Automation not only reduces the cost of attacks but increases enterprise awareness of risk. The old maxim “knowledge is power” has never been more relevant, and businesses need to be empowered with an efficient security automation platform to be prepared for illegitimate login attempts and other significant security incidents.