“Okta’s Intensive 90-Day Security Initiative Post October 2023 Breach Yields Rapid Improvements, CEO Reports.
Okta’s CEO, Todd McKinnon, announced significant progress in enhancing security measures within 90 days of the October 2023 data breach. The company has successfully reduced credential stuffing attempts and malicious bot traffic by over 90% for major clients. Over the past month alone, Okta thwarted two billion malicious requests, and all staff members now employ a phishing-resistant, passwordless authentication method.
Highlighting security as the company’s foremost priority, McKinnon emphasized a comprehensive approach, covering organizational culture, security architecture, and product/service enhancements. The intensified security focus followed a data breach that exposed details for all users of Okta’s primary customer support system. As part of the security initiative, Okta fortified both ancillary and corporate systems, introduced passwordless authentication, and reinforced its customer policies.
McKinnon emphasized proactive protection against identity attacks, citing customer conversations that shifted towards seeking advice on boosting security postures. Okta aims to lead industry efforts in addressing identity-based attacks through enhanced product capabilities and secure default configurations.
While acknowledging a potential impact on recent financial results due to the security incident, Okta’s CFO, Brett Tighe, couldn’t quantify the exact effect. McKinnon assured that Okta has bolstered internal and customer security without disproportionate spending, optimizing costs by strategic layoffs and increased investment in regions with high talent and low costs.
Okta’s financial results for the quarter ended January 31, 2024, exceeded expectations, with a revenue of $605 million and non-GAAP earnings of $0.63 per share. The company’s stock surged 24.28% to $108.50 per share, the highest since April 29, 2022.
Looking ahead, Okta anticipates continued growth, projecting non-GAAP net income of $0.54 to $0.55 per share on revenue between $603 million and $605 million for the quarter ending April 30. The company’s robust financial performance and security enhancements demonstrate its commitment to proactively defending customers and the industry against identity-based attacks.”