Another year, another series of data breach headlines. 2018 has come to a close, and we’ve been looking back at one of the year’s biggest and potentially costliest breaches: the British Airways data breach that was announced back in September. With approximately 380,000 booking transactions exposed and more than $1 billion in potential fines and lawsuits, the breach offers many important lessons.

The recent British Airways breach is only one of many recent breach headlines, but it got us thinking about the importance of getting security basics right. All too often, the biggest breach headlines—and the ones with the largest financial and reputational impact—are the result of minor and preventable security vulnerabilities.

Hackers continue to use the same tried and tested techniques because they know that, all too often, companies aren't putting enough time and effort into basic security measures.

On September 7, 2018, British Airways disclosed that a data breach had impacted customer information taken from approximately 380,000 booking transactions conducted between August 21 and September 5, 2018.

Although the attack wasn’t elaborate, it was effective. A cyber attacker installed malware on British Airways’ website using a known security vulnerability to introduce malicious code that altered the behavior of the booking website—without penetrating the network or servers in a way that could trigger additional alerts.

More and more, healthcare as providers are merging together or acquiring other hospitals to to increase their footprint, provide higher levels of patient care, and enable strategic synergies.

Modern identity and access management (IAM) solutions are a crucial, but often overlooked facilitator of IT integration. Having the right IAM solution in place not only reduces time, costs, and integration conflicts, but also ensures a smoother transition for both clinicians and patients.

Let’s be real. Attackers are growing more and more emboldened by the day. As their tools become so simple that even “script kiddies” can use them to wreak havoc on unsuspecting targets, governing bodies are putting added emphasis on tighter regulatory compliance.

While the volume of cyberattacks is on the rise across the board—attacks are up 100 percent since 2015—retail is particularly at risk. And the numbers back that up.

One study found that retailers respond to cyberattacks on average twice a week, with an astonishing 16 percent experiencing attempted attacks daily.

The employees in your organization are all different. There are people in marketing and finance and HR. There are people who always work from the office, those who always work from home, and those always on the road. Some employees need lots of access to sensitive data and systems to do their job, while others only need basic access to standard applications.

Many of our customers implement our Identity and Access Management (IAM) platform for its identity lifecycle management capabilities. And with good reason—automating these tasks means IT no longer has to waste valuable time and resources creating and managing accounts or provisioning and deprovisioning systems and target applications.

Does your university have a shadow IT problem? The answer is most likely yes. Higher education institutions across the country are struggling with shadow IT challenges resulting from devices, services, and software residing outside of IT’s control and/or ownership.

Your organization likely realizes the unfettered access that traditional IT privileged accounts provide and has taken proactive steps to lock down access to these accounts. But what about critical business systems that offer the ability to cause reputational damage or that provide access to monetizable data, such as protected health information (PHI), credit card numbers, and social security numbers?