Source – linkedin.com
The Importance of Cybersecurity Fundamentals
As cyber-attacks become increasingly driven by artificial intelligence (AI), cybersecurity leaders emphasize the need to protect both human and non-human identities. During National Cybersecurity Awareness Month, Tim Eades, CEO and Co-Founder of Anetac, stressed the importance of fundamental security practices. He explained that many security breaches occur due to a failure to implement basic practices rather than highly sophisticated attacks. The theme of this year’s Cybersecurity Awareness Month, “Secure Our World,” highlights this issue.
Eades urged organizations to prioritize strong passwords, password management, multi-factor authentication, and keeping software updated. He noted that neglecting these fundamental security measures can turn a minor security issue into a major breach. “Our research shows that 53% of organizations take more than 13 weeks to rotate their passwords, leaving them vulnerable to attacks,” said Eades. He also emphasized that a successful identity security strategy should blend basic security hygiene with advanced tools for better visibility into both human and machine identities.
Non-Human Identities: An Overlooked Cybersecurity Threat
Baber Amin, Head of Product at Anetac, highlighted another critical aspect of modern cybersecurity: the risks associated with non-human identities. During Cybersecurity Awareness Month, Amin urged organizations to pay equal attention to both human and non-human identities. He noted that while most organizations focus on securing human user accounts, non-human identities—such as automated accounts or machine identities—pose significant risks.
Citing research conducted with TechTarget’s Enterprise Security Group, Amin revealed that for every human user, there are 20 non-human identities, many with high-level access privileges. These automated accounts are attractive targets for cybercriminals, yet they are often overlooked in security strategies. Amin pointed out that a recent cyberattack on TeamViewer allowed attackers to take control of an employee’s account. He warned that if the same attack had compromised a non-human account, the consequences could have been even more severe, with a reduced response time and greater potential damage.
Strengthening Cybersecurity for All Identities
To minimize the risk of successful cyberattacks, Amin outlined several key steps that organizations should adopt. First, he recommended implementing modern identity and access management tools that can monitor both human and non-human identities. Second, he emphasized the importance of robust password security policies, including the regular rotation of passwords—every 90 days for both human and non-human accounts—and using secure password management software. Third, Amin advised investing in advanced cybersecurity tools that offer enhanced visibility and management of all identities and the activity chains linked to them.
In conclusion, Amin stressed that addressing the security of both human and non-human identities is crucial for organizations to strengthen their defenses in today’s automated, AI-driven environment. By taking a comprehensive approach to cybersecurity, companies can significantly enhance their resilience against evolving cyber threats
