MyCena, provider in access segmentation and encrypted password distribution, announces the launch of a new mobile device add-on to complete its enterprise segmented digital access security solution. MyCena’s mission is to eliminate password phishing, stop supply chain attacks and prevent ransomware in today’s hybrid workplace. MyCena’s approach to securing digital access solves three major cybersecurity problems: password creation and distribution; risk aggregation; and committing passwords to memory.
Digitalisation has increased rapidly during the Covid-19 pandemic, with the global use of services such as video-conferencing having grown ten-fold. As a result, ransomware attacks have increased in frequency and sophistication and are the biggest concern for today’s businesses. Phished passwords are the number one threat vector, responsible for 83 per cent of all cyberattacks last year.1 In the UK, businesses are subject to an average of 2,000 cyberattacks per business per day, an average of one attack every 43 seconds.2 And the average total cost of a ransomware breach is £3.66 million per incident.
“Following a huge surge in cybercrime and ransomware attacks over the past two years, businesses are under siege,” says Julia O’Toole, founder and CEO of MyCena Security Solutions. “The vast majority of cybersecurity breaches today involve the use of legitimate passwords. Today’s hackers don’t ‘hack in’, they log-in, repeatedly looking for an easy lock to pick through password phishing, social engineering, brute force attacks and credential stuffing. It’s also important to remember that beyond the ransomware headlines and financial costs, there are substantial risks of operational stoppages, supply-chain risks, IP loss, commercial espionage, industrial sabotage, and loss of data integrity, ultimately threatening jobs and human lives.
“How did we get here? The explanation is rather simple. As the workplace moved from a physical to a digital environment, the security rules used in the physical world have not been
transferred to the digital world. The first mistake was to have employees create their own passwords: the equivalent of asking people to bring their own keys, fobs and passes to enter the company building, office or server room. The second mistake was to aggregate more and more systems behind a single point of access, whether a master password or biometric, using tools such as Single Sign-on (SSO), Identity Access Management (IAM), Privileged Access Management (PAM): the equivalent of people having a single key for their house, their car, their office, and their bank account. The third mistake was to require people to remember and type their passwords: the equivalent of asking people to cut a key every time they need to open a door. The result of these mistakes is hackers only needed to find one password (for example, through phishing or social engineering) to log in. Once in, with repeated success, they can quickly escalate privilege to take over command and control of the whole infrastructure within hours or days.
“MyCena is based upon a very simple idea: digital access must reflect physical access. The first step to take in cybersecurity is to apply your company’s physical security rules to your digital environment. Don’t let employees make and share their own passwords. Don’t aggregate all systems behind a single door with one key that can open everything. And ensure all passwords stay encrypted from end-to-end, during creation, distribution, storage and use, so that no one can see, share, or phish them.”
To read more exclusive features and latest news please see our Q4 issue here.
Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922