Multi factor authentication (MFA) is currently the best method by which organisations can protect themselves from such attacks,.
A human resources database is a treasure trove of information waiting to be monetized in the eyes of malicious actors, and unfortunately hackers do not stop hacking during a crisis.
The information stolen in the breach affecting outsourcing group Interserve could have contained all sorts of valuable sensitive data from names and bank details, to HR records and pension information. It is a shame t ….
[Read More >>]
The information stolen in the breach affecting outsourcing group Interserve could have contained all sorts of valuable sensitive data from names and bank details, to HR records and pension information. It is a shame that Interserve, a company which helped build the Birmingham Nightingale hospital, has been targeted by hackers in this way. But this demonstrates how all enterprises need to step up their prioritisation of security in order to protect personal data. Attackers know that many organisations are not taking a strong enough stance when it comes to access security. Once they have a set of valid credentials, it is easy to compromise corporate applications, particularly SaaS Apps including HR Systems, File Storage Services and CRMs.
Multi factor authentication (MFA) is currently the best method by which organisations can protect themselves from such attacks, proven to prevent 99.9% of account takeovers. Whether it be a soft token, hard token, certificate or SMS, companies should look at implementing MFA across the board.
The privacy implications associated with exposed data can be devastating for those involved and this is exacerbated by the cybersecurity skills gap where perhaps enterprises like Interserve are struggling to attract and retain cybersecurity talent. But if organisations want to stay in business, then they must prioritise security and protecting their data. If they cannot attract and retain cybersecurity professionals, then they must partner with trusted partners who can support them in delivering trusted security platforms and expertise services or perhaps outsource access control models to companies like OneLogin in order to reduce associated costs and risks.
