As the frequency of high-profile cyberattacks have spiked in 2021, there have been more eyes on cybersecurity and more people wondering how they can keep themselves from being the next victim of a cybercrime. While proper awareness of your organization’s “cyber hygiene,” is crucial, it alone isn’t enough to stop a cybercriminal: one seemingly minor mistake can completely compromise your business. So, what’s the answer?
Well, one of the key developments in cybersecurity is multifactor authentication—or MFA. Before we get too deep into this, we will briefly outline what MFA is. When it comes to authentication, there are 3 types: knowledge, possession, and inheritance-based authentication. Knowledge-based authentication comes in the form of a password or PIN—in other words, something you know—you may not be surprised to know this is the most commonly-used authentication measure; possession-based relies on something you carry with you like a smartphone, ID card, or USB drive; and inheritance-based authentication refers to a physical characteristic you may have like facial-recognition, retina scan, or fingerprint scanner. In other words, single sign-on (SSO) systems use either something you know, something you have, or something you are to decide whether to grant you access to information. Multifactor authentication combines two or more of these authentication types.
With the aforementioned rise in cybercrime and the cost of ransomware, many insurers are offering cybersecurity insurance, which is designed to mitigate losses from a variety of incidents like data breaches, business interruption, and network damage. The US government says, “a robust cybersecurity insurance market could help reduce the number of successful cyberattacks by: (1) promoting the adoption of preventative measures in return for more coverage; and (2) encouraging the implementation of best practices by basing premiums on an insured’s level of self-protection.”
There is a problem, though. Many companies choose not to implement available policies for fear of the cost of these policies, confusion about what the policies cover, and the belief that the organization would never be victims of a cyberattack. But, as we know, any organization of any size can be targeted by an attack; in simplest terms, you want your organization to have the coverage that comes with a cybersecurity insurance policy.
Multifactor authentication adds more security to your online accounts.
However, cybersecurity insurance companies are now requiring their clients to have certain measures to prevent attacks. Chief among these measures is the adoption of multifactor authentication of their data and network. And they have good reason for this: perhaps the highest-profile thus far in 2021 (and likely the one that cast the widest net of damage) occurred in early May, when the Colonial Pipeline in Houston, TX fell victim of a hack with a ransom totaling to $4.4 million. Colonial Pipeline CEO Joseph Blount testified to the US Senate that the hacked network relied on a single sign-on, knowledge-based system. The hackers figured out the password and didn’t need a second sign-on to access the network.
So, while any MFA system you use (Google and Microsoft come to mind) are often annoying, there is good reason to use these systems as they help prevent cyberattacks. This is ultimately why insurers are requiring their customers to have this authentication: because when it comes to preventing cyberattacks, sitting back and hoping you’ll never be targeted is no strategy at all. If you need help getting started or if you’re ready to start implementing MFA into your processes, Innovative Integration has the knowledge and experience you need to keep your network and data secure.