LastPass calls for stronger cybersecurity practices across supply chains amid global pressure
LastPass, the global leader in password management, is calling for organisations to take urgent action to improve supply chain vulnerability. Ransomware and supply chain attacks continue to threaten businesses worldwide and the results from a single attack could be devastating, causing halts in production, monetary loss, or even reputational damage.
While it’s been a volatile year, LastPass anticipates that cybercriminals will continue to target supply chains and third-party organisations. In a recent report carried out with IDC, LastPass revealed that 93% of cyberattacks come from financially motivated organised crime actors. The most frequent data compromised is credentials (44%), while more than half (57%) of threat actors are external.
“Supply chains are an easy and high rewarding target for hackers. The most recent Lapsu$ attacks are a prime example as supply chain breach fears grow, not to mention the catastrophic attacks on Colonial Pipeline, SolarWinds, and the Microsoft Exchange over the past few years,” said Dan DeMichele, vice president of product at LastPass.
“Businesses are in a vulnerable state, and it serves as a strong reminder of why managing cyber supply chain risks is essential to securing organisations and their networks effectively. We must also remember that the risk is not singular and other organisations within your ecosystem are also vulnerable. As we always say; prevention is better than cure.”
Supply chain security may seem like a daunting task but enforcing simple best practices such as better password management can help organisations – and all the partners they work with in the supply chain – to avoid cyberattacks. LastPass has put together the following five tips for good security practice:
- Enforcing good security hygiene: Having poor security in place can create a domino effect – impacting multiple suppliers down the chain. Businesses need to provide consistent and up-to-date information on security risks and impose mandatory passwords that are strong and unique for accounts.
- Plan for the worst: What is the strategy if you’re attacked by a cybercriminal, or if you can no longer access critical business or customer data? Those who have incident response plans prepared are far more successful as they stay ahead of the curve, allowing them to be more operationally mature.
- Educating employees on best password techniques: Understanding the importance of security begins with education. All organisations must make security awareness and training a top priority. Helping employees understand the ‘why’ and how it might affect them personally will go a long way in helping prevent information from falling into the wrong hands.
- Installing multifactor authentication to improve security: Implementing additional login requirements like multifactor authentication (MFA) helps decrease the chances of hackers accessing important information. It adds an additional layer of authentication to the login process to prevent hackers from hijacking third-party systems.
- Adopting a business password management solution – Selecting the right password manager offers organisations a safe home for employees to store passwords. Additionally, it provides a seamless login experience using unique and randomly generated passwords, making life much harder for hackers. With a password management tool, individuals and businesses are less likely to become targets and data can remain safe.