For businesses that were following the news on cyberattacks in 2021, what they learned was unrelentingly grim. Attacks on public and private organizations increased in frequency, severity, and sophistication. Ransomware was a significant threat, with high-profile incidents such as the Colonial Pipeline attack grabbing headlines. With financial and reputational impacts growing, c
The overall picture is sobering. According to the U.S. Treasury Department’s Financial Crimes Enforcement Network, 635 suspicious activity reports related to ransomware were filed in the first six months of 2021, with a total value of $590 million, up from 487 such reports in all of 2020 totaling $416 million in losses. IBM’s Cost of a Data Breach Report 2021 confirmed that the costs of suffering a successful cyberattack rose significantly last year—the average cost of a data breach rose to $4.24 million, the highest average total recorded in the 17-year history of the report.
As the risk of cyberattack grows, insurers are subjecting applicants to increased scrutiny before they offer coverage. Among the factors they assess, they want to see that companies have comprehensive cybersecurity controls in place to reduce the risk of a successful data breach or ransomware attack. One of the most critical protections to have in place in order to secure coverage is robust multi-factor authentication (MFA).
Why MFA Matters
The nature of many recent attacks has made it apparent how easily malicious actors can gain access to sensitive data and supposedly secure networks with stolen credentials. When only a password is required for access, regardless of how creative or complicated it is, your company is vulnerable to increasingly sophisticated phishing campaigns and other techniques designed to steal login information to infiltrate your systems. This is particularly problematic for businesses dealing with confidential information, such as healthcare organizations or government contractors, as well as manufacturers, technology firms, and corporations protecting valuable proprietary data. Remote work and hybrid work arrangements also complicate the picture, because a login from an unusual location cannot automatically be considered suspicious, making additional verification essential for confirming authorized access.
Multi-factor authentication adds an additional step to the process of verifying a user’s identity, pairing something they KNOW (such as a password) with something they HAVE (like a security token) or something they ARE (voice or face recognition, for example). According to a joint advisory issued by the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA), “MFA is one of the most important cybersecurity practices to reduce the risk of intrusions—according to industry research, users who enable MFA are up to 99 percent less likely to have an account compromised.”
To obtain a cyber insurance policy, companies are required to use MFA for all services and applications (both cloud-based and on-premises) for all users, not only privileged accounts. This isn’t merely a good idea; it may also be necessary to effectively meet industry-specific compliance standards such as HIPAA, CMMC, and FINRA.
The key to an effective multi-factor authentication process is balancing security and user convenience. ADVANTIDGE Inc., located in Los Angeles, offers multiple enterprise-level logical access solutions, including HID DigitalPersona and ActivID Multi-Factor Authentication. With every client, we start with an assessment to determine your needs for industry compliance and understand what technology platforms need to be secured for all users. That allows us to determine the best MFA solution for your company and implement it with a minimum of work disruption.
Protecting Your Business
Cyber insurance is an essential tool for corporations wanting to mitigate the risk associated with a cyberattack. ADVANTIDGE can help you put the security measures required to enhance your cybersecurity posture in place. We offer security solutions including MFA, VMS, PACS upgrades, and ID, all of which are required for compliance, employee security, and meeting cybersecurity insurance requirements. To find out more about how ADVANTIDGE can provide robust multi-factor authentication designed for the needs of your organization, contact us here.
