Instances of identity-based attacks and credential theft have surged globally in recent years, with research showing that identity theft has become the most prevalent attack vector for cyber criminals over the last year.
In February, IBM warned of a “global identity crisis” after analysis showed a 71% increase in cyber attacks as a result of exploiting identity. The study noted that attackers rapidly shifted their attention toward obtaining user identities across 2023, and this is expected to increase rapidly in the year ahead.
Protecting your workforce
With a rapid escalation in identity-based attacks, businesses globally are implementing a range of techniques and methods to protect themselves, their employees, their customers and their data - something that has become more difficult in an age of mass remote and hybrid work.
This includes increased training for staff to boost awareness of the threat of phishing and social engineering techniques. Businesses globally are investing heavily in training regimes to improve understanding of current threats and to equip staff with the knowledge and expertise required to pick up on tell-tale signs of social engineering.
Zero trust strategies and the use of multi-factor authentication (MFA) are also a key focus for enterprises, enabling them to implement robust authentication and identity management. These strategies are often implemented in collaboration with trusted third-party vendors, who support enterprises by providing the technologies and technical expertise to protect themselves against threat actors.
How Okta is leading by example
Mitigating the potential for a data breach is vital for any organization. However, in cases where disaster does strike, remediation and learning from mistakes is critical to both preventing future incidents and reassuring customers.
In late October 2023, Okta revealed threat actors breached its support management system, enabling them to gain access to tokens that could potentially facilitate further attacks against customers.
Stephen McDermid, EMEA CSO at Okta, told ITPro that as a market leader, the company is always going to be a big target for threat actors.
McDermid said that this is an experience that the company is keen to learn from to further support customers against new threats, and create an industry gold-standard moving forward.
“We had to go back to the beginning. When we looked at that incident, we immediately tried to understand the impact for our customers, that was our priority – and specifically any real-time risk that was there,” he said.
Since then, the company has introduced a range of proactive measures and changes to deliver secure products and services. Okta also halted all product development for 90 days as part of its response and an initiative called Project Bedrock.
With this in mind, a key focus for Okta now centers around its Secure Identity Commitment. McDermid said this forms the basis of the company’s long-term goal to position itself as a leading figure in the fight against identity attacks and credential theft.
This commitment consists of four core pillars, ranging from increased investment in solutions and technologies to championing best practices for customers.
These include:
Investing in market-leading products and services
Okta has committed to “relentlessly invest” in hardening and securing its products and services, McDermid told ITPro, alongside a sharpened focus on rolling out new solutions for customers to keep pace with rapidly emerging threats.
Part of this investment includes improving services such as allow admins to detect and block requests from any anonymizer, and Require MFA to access the Okta Admin Console
Hardening corporate infrastructure
Increased investment in hardening corporate infrastructure is a priority for Okta. The firm said it plans to accelerate investment to stay one step ahead of threats and ensure that the technologies and techniques it uses in customer-facing environments are the same as those used internally.
“We want to make sure that our products are hardened and secure, and that we’re delivering products that can protect against new threats we’re seeing,” McDermid said.
“As a result of the incident, we’ve made a number of changes around our support center, for example, implementing MFA for admins and privileged actions. Those are changes that customers have communicated they want to see more of.”
Championing customer best practices
Corporate infrastructure improvements align closely with Okta’s goal of championing best practices for customers. McDermid noted that looking at how customers use its services is critical to ensure they maximize these capabilities.
“This isn’t new, but we want to be more vocal, more proactive,” he said. “So we’re looking at where customers are misconfiguring or not understanding the features we’re making available to them, and advocating how and why they should use them,” he said.
Okta boasts more than 15 years’ experience and works with over 18,000 customers, McDermid added. The company’s Threat Insights platform has reduced credential stuffing attempts and malicious bot traffic by more than 90% for some of its largest customers over the last 90 days.
Similarly, the service has detected and prevented over two billion malicious requests in the last 30 days alone.
Raising the bar for the industry
Okta says it is keen to learn lessons from the 2023 security breach and views the incident as an opportunity to set an industry standard in the fight against identity-based attacks.
The company is investing heavily in bolstering its capabilities by accelerating the adoption of technologies such as AI to improve products and services. It is also providing funding and support to drive digital transformation for nonprofit organizations through its Okta for Good scheme.
“[We want to] make sure that Okta is front and center helping raise this bar and ensure that other organizations are focusing on phishing resistant mechanisms and that, as an industry, we’re working together to prevent and detect these latest threats,” McDermid said.
“We’re seeing a real shift of how threat actors are looking at identity as a target now, Okta has a unique position as the largest independent Identity provider and we are at the forefront of a global focus to minimize and mitigate emerging threats.”
For more information on Okta products and services, as well as its Secure Identity Commitment, click here.
