TMCnet News
Venafi: The Three Major Cyber Attacks of 2020With a number of global certificate outages, malicious software backdoors and major data breaches, 2019 was a banner year for cybercriminals. In many of the largest incidents, the cryptographic keys and digital certificates that serve as machine identities played a primary role in these breaches. According to Kevin Bocek, vice president of security strategy and threat intelligence for machine identity protection leader Venafi, security professionals should expect to see more attacks targeting machine identities in the year ahead. "Cybercriminals understand the power of machine identities and know they are poorly protected, so they target them for exploitation," said Bocek. "In 2019, organizations spent over $10 billion protecting human identities, but most are just beginning to safeguard their machine identities. This continues to be true even though the number of humans on enterprise networks remains relatively flat while the number of machines that need identities - including virtual machines, applications, algorithms, APIs and containers - is projected to grow exponentially in 2020. It's inevitable that machine identity attacks will intensify in the coming year." Bocek predicts cybercriminals will pursue machine identities in three distinct ways in 2020:
Bocek added: "Machine identities are a relatively new, and very effective, point of attack because there is a huge gap between the security controls applied to human identities and those applied to machine identities. In 2020, everyone - from CISOs to security architects and security practitioners - will need to prioritize the protection of machine identities in their organizations in order to reduce these very real security risks." Additional Resources: BLOG: 2020 Predictions: Geopolitical Implications of Quantum Computers Hijacking Machines BLOG: 2020 Predictions: What Can We Expect from Quantum Computing BLOG: Top 10 TLS Threats of 2019 About Venafi Venafi is the cybersecurity market leader and inventor of machine identity protection, securing machine-to-machine connections and communications. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, IoT, code signing, mobile and SSH. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise-on premises, mobile, virtual, cloud and IoT-at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted. With over 30 patents, Venafi delivers innovative solutions for the world's most demanding, security-conscious Global 5000 organizations and government agencies, including the top five U.S. health insurers; the top five U.S. airlines; the top four credit card issuers; three out of the top four accounting and consulting firms; four of the top five U.S., U.K., Australian and South African banks; and four of the top five U.S. retailers. Venafi is backed by top-tier investors, including TCV, Foundation Capital, Intel (News - Alert) Capital, QuestMark Partners, Mercato Partners and NextEquity. For more information, visit: www.venafi.com. View source version on businesswire.com: https://www.businesswire.com/news/home/20200109005146/en/ |