A new report from enterprise security company Centrify says the industry isn’t making progress in the fight against corporate cyberattacks.
The company said Tuesday (Feb. 14) that two-thirds of businesses surveyed said they have experienced five or more security breaches in the last two years. Cyberhacks compromised the identities of more than a billion people last year alone, researchers added.
Separate analysis from the Identity Theft Resource Center and CyberScout found that the number of data breaches in the U.S. hit a record high last year.
Centrify said these statistics show cybersecurity is not only a major problem for businesses but suggest that cybersecurity companies aren’t successful in their efforts to safeguard the enterprise.
“Cybersecurity breaches are causing more havoc and affecting more industries than ever before,” said Centrify CEO Tom Kemp in a statement. “Despite over $75 billion spent on cybersecurity in 2016, the products and services from major security companies have failed to stop breaches from occurring, and in fact, the problem is getting worse.”
“This clearly indicates that traditional approaches are flat-out not working in this age of access,” Kemp added.
But cybersecurity companies aren’t the only ones to blame for this trend; the company also pointed to enterprises’ own lack of adequate cybersecurity strategies as a key factor.
Centrify pointed to outdated security strategies deployed by enterprises today, ineffective in the face of technological change and widespread adoption of the cloud. According to the company’s survey, 83 percent of businesses don’t have a “mature approach” to identity and access management, for instance. That lack of strategy means twice the number of data breaches and $5 million in additional costs, the company said.
Much of the problem can be traced back to the password, Centrify noted.
“Organizations need to completely rethink their security approach, and in today’s world of access, they must increase their Identity and Access Management maturity to more effectively reduce the likelihood of a data breach,” Kemp continued. “Centrify’s mandate is to ensure the breach stops here by providing a single platform to secure each user’s access to apps and infrastructure in today’s boundary-less hybrid experience.”