Following news about the OneLogin data breach, Matt Walmsley, EMEA Director at Vectra Networks commented below.
Matt Walmsley, EMEA Director at Vectra Networks:
“Single sign-on is like a master key, offering users easy access to multiple apps and sites. It is also a tantalising prize for cybercriminals to steal. Attackers will often target supply chains as a point of focus – they hold valuable information about customers. An en-mass data theft at OneLogin has earned the hacker a significant haul of customers’ account credentials, including plain text access to passwords. This data can either be sold on or directly used for further breaches and theft.
“A post-mortem investigation is an important step towards mitigating future attacks. This is not the first time a data breach has occurred and if lessons are learnt, it comes with a hefty cost. The clear up and forensic phase is expensive and time consuming. It can be a drain on resources that would be better used on detection and rapid response. Using artificial intelligence techniques, organisations could be automating the monitoring process to spot in real time any hidden active threats within the network and catch them early in the lifecycle before they wreak havoc.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.