TheIKNPost.com – According to a survey by the Ministry of Communication and Information in 2021, almost 30% of Indonesians have experienced identity theft and misuse. Recently, it was revealed that an Indonesian citizen whose personal information was stolen about 4 years ago was impersonated by fraudsters to apply for several online loans. This emphasizes that identity theft – including the risks associated with financial theft and account hijacking – is still a problem that permeates Indonesian society (12/4/2023).
The significant threat of identity theft also underscores the importance of prioritizing identity management and personal information security. This week is Global Identity Management Week, which aims to raise awareness among organizations and individuals about proper digital identity management. In response, Palo Alto Networks, a leading cybersecurity expert, shared best practices for preventing the exploitation of personal identities by unscrupulous parties.
“Identity theft is one of the serious consequences of a data breach. “This is very concerning, especially as data hacking incidents will become the most common cyber attacks in Indonesia in 2022 according to the BSSN report,” said Ian Lim, director of BSSN. company. APJ Security Manager industry, Palo Alto Networks. “Both organizations and individuals have a role to play in preventing data breaches and fighting identity theft to keep personal information safe.”
According to Palo Alto Networks, organizations should adopt an integrated identity management approach that includes several aspects:
Implement a robust Zero Trust framework
This means implementing validation and authentication processes on everything that increases control and visibility into an organization’s digital ecosystem. Organizations should also pay attention to setting up multi-factor authentication for all important financial, email, and social media accounts and enabling notifications for all important events. Cyber hygiene measures across the organization
According to the 2022 Cyber Security Report, up to 79% of Indonesian organizations (the highest among ASEAN countries) have a management focus on cyber security. Organizations must take cybersecurity and privacy seriously at all levels, including board members, management teams, managers, and employees. This includes assessing security systems and identifying weaknesses in those systems, prioritizing steps to mitigate those vulnerabilities, and creating a culture of vigilance that incrementally improves cybersecurity by deploying the right people, processes, and technology.
education and training
The common understanding of security issues is that threats come from outside the organization. However, as security systems become more difficult to penetrate, hackers are starting to target individuals within organizations, creating two main types of threats: identity threats and intra-team threats. Therefore, it is important to increase an organization’s cybersecurity awareness through training, especially regarding phishing, passwords, privacy and digital citizenship. Additionally, it is important to train organizations to respond quickly to cybersecurity incidents so that the impact of attacks can be minimized and recovery can occur quickly.
Additionally, Palo Alto Networks shares tips for individuals to quickly identify or identity theft tactics:
- Practice good identity hygiene and account security measures: All digital accounts should be protected with a complex password (not “1234” or “password”) and a two-step verification process.
- Don’t trust unknown emails, text messages, or phone calls: Be wary of messages from unknown sources, even if they appear legitimate, and don’t provide sensitive information (such as login credentials and email account access) over the phone, email, or e-mail . or on unprotected platforms.
- Regular software and device updates: Individuals should enable automatic updates for their preferred operating system or manually turn the device off and on periodically if automatic updates are not available.
“Most importantly, organizations and individuals must develop a zero-trust attitude that underlies all identity management efforts. “Continuous validation and authentication before granting access to digital accounts must be carried out across all accounts and online activities,” said Ian.