Increasing digitization of businesses, however, has also given rise to cybercrimes. Every year, businesses witness cybercrime related losses that run into billions of dollars. Our information systems today are constantly under risks. Ransomware, hacking from rogue elements, and denial-of-service assaults are very rampant.

But do you know organizations today are more at risks from within than outside? Data breaches, identity thefts, and internal frauds continue to haunt companies as the general attitude remains lackadaisical towards maintaining a proper Identity and Access Control management solution in place.

Numbers provided by the Breach level Index shows that 1,673 data-breach incidents got reported in 2015, resulting in more than 707 million records being breached. While accidental and external malefactors accounted for more than 2/3 of data-theft cases, thefts from insiders rose sharply, making it as the third biggest source at 14% behind leakages of the confidential data.

You see, sensitive information has now become a hot new ‘commodity’. Malicious insiders– disgruntled or compromised– play a key role in compromising key IT assets as they stand to gain financially. Moreover, cybercriminals now plant their moles in financial institutions, who in turn, try to steal critical data or conduct fraudulent financial transactions.

Recently, our business development manager visited an IT security summit in Africa; and he got startled to find out the number of ‘White-Collar’ crimes in the continent. Close interactions with several CIOs, CISOs of various financial institutions underlined that internal frauds inflict heavy damages every year. In most cases, workforce and IT staff colludes to drain funds. Compromised insiders remove logs after swindling money. Moreover, irregular reporting of loans, misappropriation of assets, and fraudulent loans, also make banks in Africa extremely vulnerable.

In this backdrop, it is vital that we take a closer look at how our IT infrastructure is being managed. Deploying Secure Configuration Management solution in your IT infrastructure, which helps assessing and analysing risks in your internal periphery by doing a real- time check on historical logs can provide a foolproof security. Likewise, having Privileged Access Management solution in place can help cut risks like identity thefts and unauthorized accesses to privileged accounts.

ARCON provides state-of-the-art technology aimed at mitigating information systems related risks. The company’s Privileged Identity Management / Privileged Access Management solution enables blocking unauthorized access to ‘privileged identities’, while its Secured Configuration Management solution helps to comply with Governance, Risks, and Compliance (GRC) requirements .

Need a solution for safeguarding critical IT assets? Please contact us

One-to-one meetings help us in understanding IT security needs. As an IT security provider, however, we must tell you that it is very heartening to find that organizations across all industries, have shown increased awareness towards cyber-security.

Nevertheless, there is one area about the IT security which has startled us: organizations’ lax attitude towards passwords management. In a recently concluded event held in Manila, while speaking to the audience, our Director asked how many among you change your passwords very often. Surprisingly, not many raised hands. We will have to get our basics right first. A good password management is the smallest step we can take to secure our personal information.

However, this method will not suffice for protecting your organization’s critical IT assets. This is because; privileged identities access highly sensitive data base servers. If breached by a disgruntled employee or insider, it can wreak havoc in companies. It not only damages the reputation but also inflicts material financial losses.

About two years ago, The Home Depot, one of the leading home-improvement retailers in the US, reported a data-breach incident of a gigantic proportion. Hackers stole some 40 million credit card details, including 54 million emails addresses connected with the individuals’ accounts.

The investigations into the incident revealed that hackers got hold of the customers’ payment records through the point-of-sale credit card system. This was possible as hackers had the username and password for one of the retailer’s third-party vendors. The method used by the hackers was very much like to the one used to infiltrate Target Corp’s network, just a year earlier.

What these incidents tell us is that irrespective of the size of organizations, information systems are always vulnerable to attacks. That danger amplifies especially when a company has a compromised Privileged Access Management (PAM) / Privileged Identity Management (PIM).

Indeed, the most recent Verizon data-breach investigation report has emphasized that point. Compromised privileged identities caused data breach incidents involving some of the largest corporations in the US, the report said.

The fact that hackers have been able to breach into confidential data of one of the biggest banks in the world and one of the biggest retailers in the U.S. is a major concern.

The cost involved due to a comprised PAM/PIM is huge. Home Depot incurred a cost of $19.5 million to cover the damages caused to its customers, which includes legal expenses.

Data breach incidents caused due to privileged misuse is on the rise. It might cause you a massive damage before you can even realize.

Needless to say, protecting privileged identities forms the cornerstone of IT security management.

ARCON provides state-of-the-art technology aimed at mitigating information systems related risks thereby enabling organizations to comply with Governance, Risk Management and Compliance (GRC) requirements. The company, in particular, is known for its unique Privileged Identity Management/Privileged Access Management solution, which helps deter the misuse of ‘privileged identities’.

Learn more about us at www.arconnet.com

For any publicly traded company or a private organization, creating long-term shareholder value remains a top priority. When a company consistently creates value, it’s easier to attract investments both for the organic or inorganic growth.

Accordingly, the management always strive to improve key business metrics, which offer an exact picture of the fundamental strength of a company.

Traditionally, investors have focused on Return on Equity (ROE), Return on Capital Employed (ROCE), Return on Assets (ROA) and other such financial metrics. But in the data driven, digitalized world, these metrics only give a partial picture.

As a result, investors these days are looking beyond traditional metrics. They are looking at how companies protect their Critical IT assets. This hardly comes as a surprise.

In the recent years, a spate of high-profile data-breach incidents, involving Fortune 500 companies such as Target Corporation and Sony have raised questions over IT security issues. Compromised IT security systems allow hackers to steal highly sensitive data, which not only inflicts material financial losses and hurts productivity but also dents the brand image.

Besides, the regulatory and compliance landscape supporting the cybersecurity has also become more stringent across the world in the wake of a sharp increase in cyberattacks.

In Japan, although the legal framework supporting cybersecurity is one of the robust in the region (Basic Law on Cybersecurity, 2014 & State Secrets Law, 2013), the government is developing much stronger legislation on Cybersecurity Strategy, in the wake of recent cyberattacks, especially involving theft of personal data. In the Philippines, The sec. 4 of the Cybercrime Prevention Act particularly emphasizes at protecting critical infrastructure and data base. In Africa, The South African Cybersecurity Policy Framework aims at strengthening of intelligence collection, investigation, and prosecution of cybercrime, including protecting the critical information and infrastructure, while in Kenya, the lawmakers are developing Data Protection and Cybercrimes, Computer related Crimes Bill, to make sure thatproper technical and organizational measures exist to safeguard the critical IT assets.

In this backdrop, it is not surprising that investors now pay a very close attention towards the IT security infrastructure. According to FTI Consulting, 79% of the investors it surveyed said they would be disinclined to invest in companies that have historically suffered a material data-breach, underscoring that no matter how good a company might be in terms of traditional metrics, a compromised IT security system or weak cyber-defenses will hurt a company’s ability to raise capital for the future growth.

To put it simply, protecting critical IT assets is crucial for protecting and even enhancing shareholder value.

ARCON provides state-of-the-art technology aimed at mitigating information systems related risks thereby enabling organizations to comply with Governance, Risk Management and Compliance (GRC) requirements. The company, in particular, is known for its unique Privileged Identity Management/Privileged Access Management solution, which helps deter the misuse of ‘privileged identities’.

Learn more about us at www.arconnet.com