A significant portion of data breaches could be prevented with stronger password management and multi-factor authentication
CHICAGO – For National Preparedness Month in September, Keeper Security, a leading provider of zero-trust and zero-knowledge cybersecurity software, urges businesses to prepare for the rising tide of cyber threats by prioritizing fundamental cybersecurity practices. With more sensitive data being stored online, the risk of breaches and exploitation is at an all-time high. In a recent survey conducted by Keeper Security, 82% of U.S. IT and security professionals reported a year-over-year increase in cyber attacks targeting their organizations. To defend against the most common cyber threats, as well as emerging threat vectors, fundamental, yet often neglected, cybersecurity best practices must be prioritized.
A recent report from the Identity Theft Resource Center reveals there were 1,571 data compromises in the U.S., just in the first half of 2024. Strengthening data security processes is a crucial step to mitigate organizational risk in today’s evolving threat landscape. Key practices such as implementing robust data encryption, regularly updating and patching systems, and implementing strong access controls can help protect sensitive information from unauthorized access.
Keeper advises organizations of all sizes to implement the following fundamental protections:
- Establish regular employee training on cybersecurity best practices and phishing awareness.
- Implement strong access controls and conduct regular security audits to mitigate the risk of insider threats.
- Strengthen account protection by adopting a password management solution and enforcing the use of MFA.
Conduct Regular Cybersecurity Training for Employees
Just as preparedness is key to mitigating the risk and potential damage associated with natural disasters, it’s also essential in cybersecurity. Regular employee training and education on cybersecurity best practices are crucial for protecting an organization from evolving cyber threats. Verizon’s 2024 Data Breach Investigations Report reveals 68% of breaches involved a non-malicious human element, such as a person falling victim to a social engineering attack or making an error. This can lead to devastating consequences.
A significant majority of respondents to Keeper’s recent survey – 67% – identified phishing as one of the most common cyber threats facing their organizations, with more than half (53%) reporting a significant increase in the frequency of these attacks. The human element is often the most vulnerable link in the attack chain, underscoring the criticality of educating users and conducting phishing simulations to enhance overall security awareness.
By training employees to recognize and respond to simulated phishing attacks, organizations can effectively prepare their frontline defenders to question unexpected notifications, report suspicious activity promptly and foster a culture of vigilance – ultimately strengthening their cybersecurity posture.
Beware of Insider Threats, Both Malicious and Unintentional
Preparedness extends to understanding and mitigating insider threats, whether malicious or unintentional, which pose significant risks to organizations. Keeper’s survey found that 28% of respondents experienced a cyber attack originating from an employee. To mitigate these risks, organizations should implement strong access controls and offboarding processes, provide comprehensive employee training and conduct regular security audits. Deploying a Privileged Access Management (PAM) solution can further enhance security by centralizing and controlling access to sensitive systems and data, reducing the risk of unauthorized access and data breaches.
Implement Processes and Technologies To Prevent and Thwart Attacks
In a world where data breaches have become increasingly common, preparedness is essential. Creating strong, unique passwords for each account remains a critical first line of defense against unauthorized access, yet many organizations and individuals fail to follow password best practices. Keeper’s survey found that nearly 40% of respondents identified password reuse as their most common password-related error. A password manager creates and stores high-strength, random passwords for every website, application and system, helping prevent the domino effect in which the compromise of one account leads to further unauthorized access.
In addition, password managers can help avoid incidents of stolen passwords, which impact 43% of IT and security leaders. These tools also support strong forms of Multi-Factor Authentication (MFA), such as an authenticator app, to add additional layers of protection to accounts, making unauthorized access significantly more difficult. When selecting a password manager, it’s important to prioritize providers that offer transparent security architecture, zero-knowledge and zero-trust infrastructure, and certifications like SOC 2, ISO 27001, 27017 and 27018, as well as FedRAMP Authorization, to ensure the highest level of protection.
“During National Preparedness Month, it’s vital for organizations to prioritize fundamental security best practices,” said Darren Guccione, CEO and Co-Founder of Keeper Security. “By being prepared with strong password management, enabling multi-factor authentication and staying vigilant against phishing scams, we can significantly reduce our vulnerability to cyber threats and protect our sensitive information.”
As National Preparedness Month highlights the importance of being ready for all types of emergencies, now is the time for organizations to assess their cybersecurity preparedness. By taking proactive measures and following fundamental cybersecurity practices, they can significantly reduce their vulnerability to cyber threats and protect valuable information.
