Page 73 - Cyber Defense eMagazine forJune 2021
P. 73
Joseph Carson, chief security scientist & advisory CISO, ThycoticCentrify
“It is World Password Day, which means it is time to reflect on your current password hygiene and
determine if your password choices are putting you at serious risk of becoming a victim of cybercrime.
According to the UK National Cyber Security Centre (NCSC), 15% of the population uses pets' names,
14% uses a family member's name, and 13% picks a notable date. In fact, the weak password problem
is so severe that the UK recently proposed new internet and IoT reforms that would make using
“password” as your password illegal.
Passwords remain one of the biggest challenges for both consumers and businesses around the world.
Thanks to the SolarWinds security incident in late 2020, we were all reminded that a poor password
choice can not only impact your own organization but all connected organizations as well. This was likely
one of the biggest supply chain cyberattacks in history -- all stemming from poorly-created passwords.
If you are a consumer, start by using a password manager today. If you are a business leader, you should
move beyond password managers straight into privileged access security. Rotating and choosing
passwords is one of the biggest causes of cyber fatigue, so organizations can reward employees with
privileged access security solutions that will eliminate one of their biggest work headaches and introduce
security solutions that they will want to use. Privileged access security is one of the few security solutions
that will transform your employee password experience into one that will make them more productive --
and you’ll never need to create unique, complex passphrases for every account as privileged access
management (PAM) will do that for them. It’s time to increase security and ease stress by moving
passwords into the background with a modern PAM solution.”
Neil Jones, cybersecurity evangelist, Egnyte
“Recently, one of the largest data dumps in history, referred to as COMB (Compilation of Many
Breaches), exposed an astronomical 3.2 billion passwords linked to 2.18 billion unique email addresses.
This is frightening news for all of us, but it’s particularly worrisome for IT leaders. So many of them are
kept up at night with a gnawing concern: How do I manage the growing risk of data breaches, with a large
proportion of my employees working remotely?
Remote work can lead to employees accessing unsanctioned devices, apps and networks, particularly
when they experience issues with work-related IT resources. This broadens the attack surface for bad
actors and leaves few checks in place for careless behavior that can result in data leaks.
To commemorate World Password Day, we’d like to remind you about practical steps that you can take
to protect your valuable information, while embracing today’s work-from-home environment:
● Educate your employees on password safety – Teach your users that commonplace
passwords such as “123456,” “password” and their pets’ names can put your data and their
personal reputations at risk. Remind users that passwords should never be shared with anyone.
● Institute two-factor authentication – IT administrators should require additional login
credentials during the users’ authentication process, to prevent potential account breaches. This
Cyber Defense eMagazine – June 2021 Edition 73
Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
