From the C-level to security professionals, recent high profile breaches have placed extra pressure on multiple levels of organizations to improve their security posture.
While the SolarWinds attack was far more damaging in terms of loss and exposure, the Colonial pipeline ransomware attack was more publicly disruptive with visible economic consequences for consumers. That combination of publicity/impact plus the risk to critical infrastructure means that significant change is coming in the form of new security requirements, regulations, and penalties. There’s already been executive action regarding not paying future ransomware demands and making breach details available immediately to help protect other organizations. One ‘cyberhawk’ U.S. senator has even proposed that if security negligence be shown that the CEO’s of breached organizations be held criminally liable for them.
There’s not yet a clear indication of what upcoming cyber legislation will entail, but all signs point to it being significant. One thing is already clear–organizations will be further pressed to respond to attacks while also being more transparent about their origins. Sometimes attacks are almost impossible to avoid. The SolarWinds attack, for example, used a trusted security tool to spread to customer networks via product updates. But most attacks could have been disrupted or prevented at some point in the attack chain if better security hygiene had been employed. It’s very important now for CEO’s and other organizational leaders to show they are doing everything they can to prevent the consequences of inappropriate access. The effort is going to matter as much as the results.
One significant way for organizations to prepare for the upcoming changes is by adopting technology that disrupts the way attacks happen – namely, via inappropriate access. That not only includes data breaches, but also in preventing inappropriate facilities access, too. Security can no longer be siloed by departments or job titles. Organizations need to understand the importance of adding an extra level of prevention for unauthorized access of any kind.
SentryCard gives organizations an easy and immediate way for users to provide proof of their identity and ensure they are who they say they are. It’s a self-contained, biometric portable ID card that serves as a multi-function credential for both physical and logical access. With SentryCard, you can ensure every request coming from your users is valid and authorized because it relies on biometric fingerprint matching stored and verified on the card itself. SentryCard disrupts what attackers can do with stolen or false credentials. It’s fraud-proof in a way that current password-based solutions–no matter their complexity or multi-factor requirements–simply aren’t.
Showing you are making honest efforts to secure your access is more important now than ever. To learn how SentryCard adds a level of protection to your entire organization with verifiable identity integrated into your current environment, please click here to contact Sentry Enterprises.