Stay vigilant: What we can learn from the Kronos hack

Kronos just experienced a big ransomware attack. But it feels like just another in a never-ending line. Here’s what you can do to help keep your organization safe.

I hate writing this, folks, but there’s been another big ransomware attack.

Kronos, also known as Ultimate Kronos Group (UKG), was forced to shut down some of their services on the Kronos Private Cloud due to a cybersecurity incident. We know how prevalent this is in healthcare delivery organizations and know this meant that some folks couldn’t track employee time, employees didn’t know their schedules, and – at the extreme – payroll was disrupted.

At the risk of sounding overdramatic, we’re talking about services directly tied to people’s livelihood and ability to support their families. And unfortunately, there are no signs that ransomware attacks will slow down any time soon – in fact, by the end of October, total attacks in 2021 had already passed 2020’s total.

As the holiday season approaches, a time typically rife with breach attempts, let this serve as a reminder that it’s as important as ever to remain vigilant and keep security top of mind.

But there is some good news…

A poll by the Pearson Institute and The Associated Press-NORC Center for Public Affairs Research found the 90% of Americans are at least somewhat concerned about hacking, with most being very or extremely concerned.

Now, obviously, I’m not saying it’s good news that there are things happening out there that make people feel concerned. But the silver lining – the good news – is that people are paying attention. It’s slowly becoming obvious to more than just those of us who’ve spent our careers in security and technology that security is everyone’s job.

As Chuck Brooks put it in his recent Forbes article, MORE Alarming Cybersecurity Stats For 2021!, “securing our digital identities and data is everyone’s problem and it is a global one.”

Staying vigilant

Despite the good news – that everyone is really paying attention – you still need to be concerned with educating your employees so they know the stakes and how to keep themselves, and your organization, safe.

IBM’s Cost of a Data Breach Report 2021 found that compromised credentials caused the most breaches. We’ve mentioned this stat a lot, but for good reason: it’s actually a good place to focus, because the right education, and the right tools, can help safeguard your organization against breaches that involve compromised credentials.

It boils back to down to safeguarding those digital identities to help keep data – and your customers, in whatever form that takes – secure.

Setting up the right tools for the job

Now, I know keeping those digital identities secure is easier said than done, especially given the continuously evolving threat landscape. But identity and access management (IAM) can help you do just that.

An IAM platform that combines single sign-on (SSO), identity governance, multifactor authentication, and privileged access management (PAM) can jumpstart your security practices. IAM is even the key to a robust zero-trust strategy, which has actually proven to reduce the costs associated with a data breach, should one occur.

A robust and usable IAM scheme will help keep attacks from succeeding, ultimately keeping your organization, your employees, and your customers safe and secure.