sb-au logo
Story image

Unprotected machine identities costing firms billions - report

03 Mar 2020

Organisations worldwide could recover a collective total of between US$51 billion to as much as US$72 billion just by repairing their poorly protected machine identities.

Those figures are just some of the statistics from a new report by Venafi and AIR Worldwide, which illustrates that proper management of machine identities could prevent billion-dollar losses.

According to the two companies, machines are critical to the fundamental operation of a business and the flow of many different data types.

Cybercriminals target these machines because organisations don’t take the time to protect these machines and their machine identities properly.

“When machine identities are poorly managed and weakly protected, they become prime targets for cyber attackers who can use them to gain and maintain unauthorised access to network assets and data, impersonate trusted machines and applications, hide malicious activities and exfiltrate stolen data while remaining undetected. Any of these activities by cyber attackers can result in economic damage to organisations,” the report claims.

Of the largest companies with revenues more than US$2 billion, as much as 25% of cyber losses could be due to machine identity compromise. Amongst smaller companies (revenues less than $2 billion), machine identities could account for as much as 16% of cyber losses.

Venafi’s vice president of security strategy and threat intelligence Kevin Bocek says that many businesses still rely on processes and techniques from 20 years ago. These processes are terrible at protecting machine identities and can cause billions of dollars in losses.

“Digital transformation is dependent on cloud, microservices and APIs, and all of this requires the authentication and privacy that machine identities provide. Cybercriminals understand that breaking this link means hitting the jackpot.”

AIR Worldwide used a combination of cyber event datasets, including event datasets, filmographic datasets, and technographic datasets to produce its findings.

The research also assessed more than 100,000 firms for their performance in various cybersecurity areas, such as SSL/TLS certificates, user behaviour (for example, file sharing services and torrents) and indicators of compromise (for example, communications to any botnet command and control servers).

Estimating the financial impacts of cybersecurity practices is always a challenging problem, requiring a combination of data, models, and subject matter expertise. We were able to leverage our experience when we developed a model estimating the impact of cybersecurity practices on data compromise event frequency. The results of this study show that there are very real costs when failing to adequately protect machine identities,” says AIR Worldwide senior scientist Eric Dallal.

The report points out that organisations depend on secure machine-to-machine connections and communications. These, in turn, rely on machine identities for authentication and encryption. As such, organisations should adopt a strong machine identity protection program as part of their overall cybersecurity programs.

Story image
Ivanti looks to a brighter future with MobileIron and Pulse Secure acquisitions
Ivanti has acquired MobileIron and Pulse Secure, with the intention of delivering intelligent and secure experiences across all devices in the ‘everywhere enterprise’. More
Story image
rhipe adds Octopus licensing solutions to distie portfolio
The addition of Octopus Cloud provides rhipe partners with licensing solutions and management processes to support cloud transformation initiatives.More
Story image
Rate of ransomware attacks in Australia well above global average — report
Over two-thirds (67%) of Australian organisations have suffered a ransomware attack in the last 12 months — 10 percentage points above the global average of 57%.More
Story image
Vectra expands NDR capabilities across all network environments
Vectra’s network threat detection and response (NDR) solution is designed to use cloud identities that track and link attacker activities and progression across all networks.More
Story image
Trend Micro launches cloud native security solution for modern applications and APIs
“Application security is an invaluable part of the Cloud One platform, integrating technology to provide superior protection for customers deploying applications wherever it makes the most sense for them."More
Story image
How a vantage point sees threats before they impact
When the focus has been on adversaries that develop increasingly complex and sophisticated attacks, tried and true techniques such as compromised credentials continue to be amongst the most potent weapons.More