MyCena announces channel drive in critical infrastructure sectors

Author: Beatrice

MyCena has announced that it is actively recruiting channel partners in the critical infrastructure sectors and contact centres.

MyCena’s drive for partners comes as the threats of phishing and ransomware continue to grow. According to Proofpoint’s annual phishing report, 83% of organisations experienced a successful email-based phishing attack in 2021 and 54% said they dealt with more than three successful attacks.

Julia O’Toole, CEO and Founder, MyCena explains: “Amid rapidly evolving cyber threats, the Ukraine-Russia conflict and a new generation of cyber-attackers like Lapsus$, organisations need to understand the difference between identity and access, and how mixing the two has led to companies giving away access control to their employees.

“In the physical world, there is no ambiguity. You use your identity to identify yourself when you cross a border or sit an exam for example. And you use keys to open doors: doors don’t recognise people and open for them. In companies, managers hand access keys to employees when they join and take them back when they leave.

“But in the digital world, identity and access have been confused. Employees have used their identity and made their own access keys or passwords to open the company’s doors and access all assets. This has mechanically opened companies up to a whole range of new risks, including password phishing, unauthorised sharing, loss and fraud, thus compromising the integrity and privacy of all their data.

“The use of single access has further accelerated breaches and supply-chain compromises as it removed obstacles and facilitated the spread of infection to multiple networks in one go.”

As cyberattacks increase in severity and frequency, the absence of access control and segmentation is particularly dangerous for critical infrastructure and contact centres. As seen in the Okta breach by ransomware group Lapsus$, customer support providers or contact centres represent a huge surface of attack which can infect many critical infrastructure sectors.

MyCena’s patented solutions provide access segmentation, control and security to organisations by distributing strong unique encrypted passwords to employees in real time for every system, whether IT, OT, IoT, SSH, RDP, web applications or legacy systems. Passwords remain encrypted from creation, distribution, storage, use, to expiry, thus eliminating the risks of human error, password fraud or man-in-the middle attacks.

Julia continues: “There is an over-reliance of companies on tools like Multi-Factor Authentication without understanding where access control falls short. When you allow employees to make their own passwords, you have lost control of access then. After losing access control, companies should consider all their passwords compromised by default, which means that a second factor cannot guarantee legitimate access. With access control, multi-factor authentication provides an additional validation. Without access control, MFA provides a false sense of security.”

“As ransomware groups continue to intensify their attacks on critical infrastructure, the pressure to ‘shield up’ will continue to mount. Trusted channel partners can play a key role in preventing those attacks and limiting their effects.

“MyCena’s solutions are a simple, effective and secure way to prevent cyber breaches. By regaining their access control, organisations regain control of their data and infrastructure, while relieving their employees from the mental charge of remembering company passwords. By segmenting access, organizations develop structural cyber resilience and thus protect themselves against ransomware.”