There are many potential causes of security breaches, including malicious attacks, system glitches, equipment failures, software bugs, and zero days. What is a common root cause here? Human error.
According to Micke Ahola, “In a security context, human error means unintentional actions—or lack of action—by employees and users that cause, spread, or allow a security breach to take place.”
During the first quarter of 2020, Rapid7’s Managed Detection and Response (MDR) incident response team produced over 1,600 findings reports for clients, trends about which were revealed in our 2020: Q1 Threat Report. Here are some of the main stories behind security breaches and some ways your organization can effectively respond:
Stolen credentials
In 96% of Rapid7’s findings, a stolen credential was the cause of an incident. The top four industries affected by stolen credentials were:
Finance (17%)
Professional Services (17%)
Manufacturing (11%)
Healthcare (9%)
What can your organization do to protect itself against stolen credentials? Put multi-factor authentication (MFA) in place (at the very least for your executives and IT workers), so your users can securely access sensitive information in internal networks and cloud-based applications. Every user should also have a password vault to enable them to create unique passwords on your sites.
Less effective, but still necessary, are policies that explain your organization’s requirements for changing and reusing passwords and the consequences for not following them. User security education is necessary as well, so your users understand why these steps are so important.
