London – 2 September, 2021 –
The exponential rise of ransomware attacks:
Access security has been the weakest link in the digital revolution. To go around the problem of remembering many passwords, companies have used centralised access solutions like IAM, PAM, SSO and password managers. To login to any system, users log in once, which opens all their systems at the same time.
However, this model goes against the most fundamental principle of any security, which is to not put all your eggs in the same basket, so they don’t all get crushed at the same time. In a centralized model, from one single access point, criminals can impersonate employees, penetrate a network, move laterally, escalate privilege, take over an admin account and the entire company network, encrypt files and demand a ransom. Centralized auto-fill systems help to scale ransomware and third-party supply-chain attacks. Within days of a breach, one hacked company can expand their access into additional organisations in a software supply chain ransomware attack like the one we saw at Kaseya.
The return on investment of such operations has been growing so fast it fostered the rapid growth of a Ransomware-as-a-Service ecosystem of global suppliers, partners, resellers and affiliates. This allows smaller operators to hire sophisticated weapons developed by nation-state actors to launch widespread random cyberattacks for profit.
On the other hand, no matter how advanced your 2FA, anti-virus, detection or remediation solutions are, they can only play catch up to cybercriminals’ innovations. By the time an update goes live, new variants are already in circulation, running unnoticed.
The gap in this ongoing technology race is further widened by the lack of security visibility at the single access point. Companies have no idea if the single password used by their employees to access their systems is weak, reused, shared, or stolen. If the identity of a real employee has been stolen and used to connect to the network, they will only find out when an incident has broken out and they investigate back to the original breach point.
How MyCena solves the problem
Going back to the fundamental principle of security of not putting all your eggs in the same basket, MyCena has taken the opposite approach to centralized access.
MyCena is a European company founded in 2016, specialised in credentials security. MyCena has developed a complete system of security, control and management for decentralised credentials. More than a state-of-the-art technology, MyCena’s patented system incorporates a comprehensive cyberresilience strategy, automating system segmentation, creating unique and strong passwords per system per user, distributing encrypted credentials to the right users in real time, providing credentials decentralization and protection, auto-filling encrypted passwords into specific systems, recording credentials events, and removing the human risks of error, fraud and phishing by eliminating the need for people to create, memorize, type or see passwords.
No centralized access = no ransomware
With MyCena, there are no centralized credentials, meaning no centralized access point for hackers to target. Every system has a strong unique password. To access that system, you need that password.
Only the user can pull and access their own encrypted passwords in their local device using a combination of token, security questions, PIN, lock pattern and passphrase. Credentials are stored in three different levels of security, Bronze, Silver and Gold, depending on their level of importance. Users do not need to open Silver or Gold level if they only need a Bronze level password. Once a user accesses a specific credential, the user can auto-fill the right address using encrypted password transportation. Only one credential is accessed and filled at a time, keeping the other credentials untouched.
“The explosion of ransomware didn’t happen in a vacuum. Centralized access solutions have rapidly spread any infection, allowing ransomware attacks. MyCena decentralized access solutions remove the origins of those attacks.” – Julia O’Toole, founder and CEO of MyCena Security Solutions.
By taking back control and automating access security, companies eliminate their exposure to weak and reused employees’ passwords while removing the human risks of passwords sharing and phishing with bad actors.
With no passwords to remember, companies realise substantial cost savings associated with resetting passwords while boosting employee productivity.
For incident tracing purposes, companies also have real time company-wide records of who has accessed which credential when, facilitating audits and investigations.
The main benefits of MyCena are
- Best access control and management system to protect the whole company from cyberattacks and ransomware.
- Better cyber-resilience: three levels of security for different credentials, no phishing, no fraud, no SPOF (single point of failure), no mass infection, no ransomware.
- Better productivity: save IT support costs + reduce absenteeism (no password to know).
- Protect value of trade secrets, proprietary and personal data
- Prevent ransomware payments and reduce costs of cyber-insurance policy
- Compliance with law to avoid GDPR, LGPD fines.
- No infrastructure change, fast implementation, ready-to-use.
How MyCena changes the fight against phishing, ransomware and supply chain cyberattacks
Before MyCena, businesses and governments believed it was impossible to stop phishing, ransomware and supply-chain attacks. Unable to ever close the technology gap as cybercriminals always stay ahead with innovation, cybersecurity was expensive yet couldn’t prevent a single breach from spreading like wildfire. MyCena puts an end to this sustained widespread risk. Using a decentralized architecture to automatically contain any emerging fire, companies and governments no longer have to accept phishing, ransomware and supply-chain attacks as a fact of life. Finally, people can trust the cyber-resilience of their digital infrastructure.
Founded in 2016, MyCena Security Solutions is the market leader in decentralised access management solutions. For press and partnerships enquiries, please contact below.