In response to new research findings from Risk Based Security that over 2.6 billion records have been exposed in 2,300 data breaches so far this year, with fraud accounting for 47.5 percent of exposed records and while hacking accounting for 54.6 percent of all reported breaches, experts with OneSpan and NuData Security offer perspective.
Michael Magrath, Director, Global Regulations & Standards at OneSpan, Inc.
Employee cybersecurity education has helped organizations reduce successful phishing attacks, but education only goes so far. An easily exploitable attack vector, phishing can be mitigated with affordable, user-friendly multi-factor authentication. User convenience is no longer an issue as secure, risk-based technologies like behavioral biometrics work in the background while eliminating the reliance upon insecure passwords.
Ryan Wilk, Vice President of Customer Success at NuData Security:
“These companies are increasingly taking steps to ensure that the massive amounts of stolen credentials cannot be used by fraudsters to log into an intended victim’s account, or otherwise be used for fraud. Fortunately, new multi-layer approaches incorporating passive biometrics and behavioral analytics are enabling retailers, eCommerce entities and others to actually analyze user interactions and contextualize behavior in real time before fraud can occur. The user’s identity is verified through hundreds of indicators, including data from the legitimate account holder’s unique online behavior. This is a far more effective way to verify users than sole reliance on static information such as passwords and security questions. NuData’s approach also ensures that any sensitive consumer data, for example identifying information, is either not collected, or first passed through a cryptographically secure hash function so that it is irreversibly obfuscated. Such unique information defies fraudulent replication and helps stop fraud attempts in their tracks.”
The opinions expressed in this article belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.