sb-as logo
Story image

Unprotected machine identities costing firms billions - report

03 Mar 2020

Organisations worldwide could recover a collective total of between US$51 billion to as much as US$72 billion just by repairing their poorly protected machine identities.

Those figures are just some of the statistics from a new report by Venafi and AIR Worldwide, which illustrates that proper management of machine identities could prevent billion-dollar losses.

According to the two companies, machines are critical to the fundamental operation of a business and the flow of many different data types.

Cybercriminals target these machines because organisations don’t take the time to protect these machines and their machine identities properly.

“When machine identities are poorly managed and weakly protected, they become prime targets for cyber attackers who can use them to gain and maintain unauthorised access to network assets and data, impersonate trusted machines and applications, hide malicious activities and exfiltrate stolen data while remaining undetected. Any of these activities by cyber attackers can result in economic damage to organisations,” the report claims.

Of the largest companies with revenues more than US$2 billion, as much as 25% of cyber losses could be due to machine identity compromise. Amongst smaller companies (revenues less than $2 billion), machine identities could account for as much as 16% of cyber losses.

Venafi’s vice president of security strategy and threat intelligence Kevin Bocek says that many businesses still rely on processes and techniques from 20 years ago. These processes are terrible at protecting machine identities and can cause billions of dollars in losses.

“Digital transformation is dependent on cloud, microservices and APIs, and all of this requires the authentication and privacy that machine identities provide. Cybercriminals understand that breaking this link means hitting the jackpot.”

AIR Worldwide used a combination of cyber event datasets, including event datasets, filmographic datasets, and technographic datasets to produce its findings.

The research also assessed more than 100,000 firms for their performance in various cybersecurity areas, such as SSL/TLS certificates, user behaviour (for example, file sharing services and torrents) and indicators of compromise (for example, communications to any botnet command and control servers).

Estimating the financial impacts of cybersecurity practices is always a challenging problem, requiring a combination of data, models, and subject matter expertise. We were able to leverage our experience when we developed a model estimating the impact of cybersecurity practices on data compromise event frequency. The results of this study show that there are very real costs when failing to adequately protect machine identities,” says AIR Worldwide senior scientist Eric Dallal.

The report points out that organisations depend on secure machine-to-machine connections and communications. These, in turn, rely on machine identities for authentication and encryption. As such, organisations should adopt a strong machine identity protection program as part of their overall cybersecurity programs.