In recent years, many high-profile companies have suffered destructive cybersecurity breaches. These public-facing assaults cost organizations millions of dollars in minutes, from stock prices to media partnerships.

Fast Company, Rockstar, Uber, Apple and more have all been victims of these costly and embarrassing attacks. The total average cost of a data breach has increased by 2.6% since 2021 and is now $4.35 million. Organizations that don’t deploy zero trust security models also incur an average of $1 million more in breach costs than other companies that have.

In addition to the monetary loss, the damage to a company’s reputation can be equally devastating. Consumer confidence in the safety of future purchases is often shaken after well-known brands are breached.

How can public-facing businesses prevent or reduce such catastrophes? The key is understanding the vulnerabilities media companies face, and how Privileged Access Management and zero trust policies can help protect them.

The Latest Surge in High Profile Attacks

As businesses expand their digital footprints, they become more susceptible to cyberattacks. In the last few years, we’ve seen a surge in sophisticated attacks on high-profile companies.

In September 2022, Fast Company’s Apple News partnership was disrupted by a malicious attack that posted an inappropriate comment on one of its articles. Though administrators quickly removed the comment, this security breach cost Apple and Fast Company dearly in terms of reputation and trust.

A few weeks prior, Rockstar Games confirmed that a threat actor had broken into its systems and stolen confidential internal data. While these attacks typically focus on stealing proprietary gaming information, they often impose collateral damage on users and their confidential data.

Uber was another victim of a major public-facing assault in September when its computer network was attacked. This prompted the firm to suspend many of its internal communications and engineering systems as it investigated the breadth of the break-in. The intruder maintained that they obtained access to company systems by targeting a single employee with multiple-factor authentication login alerts.

Each of these attacks had significant impacts, from direct financial losses to damaged reputations. These companies are not alone, however. Many others have experienced similar public breaches with substantial repercussions, and the trend is rising.

Assessing Risk for Public-Facing Companies

To effectively protect themselves, businesses need to understand the vulnerabilities that make them susceptible to public-facing attacks. There are a few key areas that tend to be weak spots for many companies:

Extensive Digital Footprints

As organizations scale up their online presence, they leave a larger digital footprint. These footprints are necessary for businesses to expand their customer base and build their brand. However, they also make it easier for cyber criminals to find entry points into company systems.

Another danger of an extensive digital footprint is that companies often have confidential data spread across numerous systems and locations. This can make it difficult to keep track of data and ensure it is properly secured.

Highly Public Personas

Threat actors often target companies with high-profile executives or public-facing personas. This is because these companies tend to be in the news frequently and have a lot of visibility. As a result, cyber criminals may see them as easy targets to make a quick name for themselves or damage the company’s reputation.

As companies gain more media attention, they may be more vocal about their political or social views. Attackers who disagree with their perspective may choose to target them to make a highly visible statement. As such, companies must know the risks of being in the public eye and take steps to protect themselves.

A Large Number of Employees

Larger, more successful companies often have a vast number of employees spread across the globe. This makes it difficult to track all company activity and makes it more likely that someone will make a mistake that an attacker can exploit.

In addition, companies with a large number of employees often have more turnover. This can cause lapses in security, as new employees are not properly trained on company policies or are unaware of the risks of sharing confidential data.

Implementing Lessons From Privileged Access Management  and Zero Trust Policies

Given the vulnerabilities that public-facing companies face, it’s clear that they need to take extra measures to protect themselves. One way to do this is to implement lessons from Privileged Access Management and zero trust policies.

Privileged Access Management

Privileged access management is the practice of granting employees access to only the systems and data they need to do their jobs. This includes creating different levels of access so that more sensitive data is only accessible to a small group of people, as well as regularly auditing who has access to what.

This practice can be applied to media companies in a few different ways. First, they can limit access to sensitive data and materials to only a small group of people. Second, they can create different levels of access for employees, depending on their role within the company. For example, someone in the marketing department may only need access to the company’s social media accounts, while someone in the IT department may need access to more sensitive data.

Zero Trust Policies

Zero trust policies are a security architecture that prioritizes security over convenience. They maintain that employees should not be granted access to data simply because they are part of the company. Instead, employees should be given access only after they have been verified and their identity has been confirmed.

This approach differs from traditional security models, which often rely on pre-defined trust levels. These trust levels can be based on things like job title or department, which can lead to risky behavior as employees may feel that they don’t need to be as careful with confidential data since they have been given permission to access it.

Both Privileged Access Management and zero trust policies can have a significant impact on the security of public-facing companies. By strictly limiting access to sensitive data and materials and verifying employees’ identities before granting them access, these policies can help prevent or mitigate the damage caused by cyberattacks.

Simple Steps For Protection

Companies in the public eye need to be aware of the unique risks they face. From increased media exposure to a large workforce, these companies have much to consider regarding security.

Fortunately, there are steps that companies can take to protect themselves. By implementing lessons from Privileged Access Management and zero trust policies, companies can limit their attack surface while hardening their defenses against potential threats.

More from Data Protection

Resilient Companies Have a Disaster Recovery Plan

Historically, disaster recovery (DR) planning focused on protection against unlikely events such as fires, floods and natural disasters. Some companies mistakenly view DR as an insurance policy for which the likelihood of a claim is low. With the current financial and economic pressures, cutting or underfunding DR planning is a tempting prospect for many organizations. That impulse could be costly. Unfortunately, many companies have adopted newer technology delivery models without DR in mind, such as Cloud Infrastructure-as-a-Service (IaaS), Software-as-a-Service (SaaS)…

How the Mac OS X Trojan Flashback Changed Cybersecurity

Not so long ago, the Mac was thought to be impervious to viruses. In fact, Apple once stated on its website that "it doesn't get PC viruses". But that was before the Mac OS X Trojan Flashback malware appeared in 2012. Since then, Mac and iPhone security issues have changed dramatically — and so has the security of the entire world. In this post, we'll revisit how the Flashback incident unfolded and how it changed the security landscape forever. What…

How Do Data Breaches Impact Economic Instability?

Geopolitical conflict, inflation, job market pressure, rising debt — we've been hearing about economic headwinds for a while now. Could data breaches have anything to do with this? According to a recent IBM report, the average cost of a data breach has reached an all-time high. Like any other business liability, these costs must be absorbed somehow. Given the rising risk and costs, cyberattacks have undoubtedly evolved into market stressors. The magnitude of the problem might surprise you.  Despite the…

What Experts Had To Say About the 2022 Cost of a Data Breach Report

The 2022 Cost of a Data Breach report was eagerly anticipated by cybersecurity professionals and the technology industry as a whole. Following two years of increased remote work and other changes due to the pandemic, the report was an important benchmark on the lasting impact and future trends of data breaches.  Not surprisingly, this year's report made waves on social media, with many experts sharing key points and highlights with their followers.  Here are five key takeaways from experts about…