Digital Media Net - Your Gateway To Digital media Creation. News and information on Digital Video, VR, Animation, Visual Effects, Mac Based media. Post Production, CAD, Sound and Music
Categories: News

Traditional MFAs are Ineffective in Thwarting Cyberattacks, Reveals 2023 State of Authentication Report

Report Highlights 85% of Companies Who Plan to Move to Passwordless Authentication

IRVINE, Calif.–(BUSINESS WIRE)–#ArculixSecureAuth, a leader in access management and authentication, today unveiled its inaugural State of Authentication Report, conducted by ViB Research. The report provides deep insights into the state of authentication and the latest innovation adoption trends including invisible multi-factor authentication (MFA), device trust, and passwordless technologies based on a survey of IT and security professionals from mid to large enterprises in North America.


As user credentials continue to be a top vector for cyberattacks, organizations are under tremendous pressure to rethink the effectiveness of current authentication initiatives. Additionally, cyber insurance carriers are requiring companies to demonstrate strong controls over authentication before they will provide any cyber insurance coverage or pay higher premiums. Although respondents agree that traditional MFA is better than nothing, they are most concerned with its susceptibility to cyberattacks (54%) and the friction it creates for users (30%).

The report illustrates that IT and security professionals are worried about the security risks of traditional MFA, with 55% reporting that relying on one-time passwords (OTP) using texts and phone calls leaves them open to cyberattacks. Only an alarming 5% of respondents are very confident that traditional MFA can combat credential related cyberattacks while 40% are somewhat confident. An additional 21% feel traditional MFA cannot be used as an effective hacker deterrent because user adoption rates are too low. And over half of those surveyed are either not sure or concerned that their organization will lose cyber insurance coverage if they continue with traditional MFA.

On the question about moving to a passwordless environment, a whopping 65% are planning on implementing passwordless technologies in the next 24 months. Nearly a third are planning to do so in the next six months, and another third are looking at the 12-24 month horizon.

“In FIDO Alliance’s 2022 Online Authentication Barometer report, we found that password usage was down, however 70% of people still had to recover a password at least once in a given month,” stated Andrew Shikiar, Executive Director and CMO of FIDO Alliance. “Although companies are offering more ways to authenticate such as legacy MFA solutions, these technologies are still easily exploitable with ‘MFA bombing,’ ‘man-in-the-middle,’ and other attacks. SecureAuth’s State of Authentication Report further validates that it is time for organizations to move beyond legacy forms of MFAs and onto passwordless technologies.”

Other Key Research Findings:

Authentication security is a top priority

  • 84% of respondents consider authentication and access management as a top 5 security priority.
  • Bottom line: These results demonstrate the importance of authentication and access management for IT and security teams in an extremely crowded market and threat landscape.

Multiple Identity Providers (IdPs) are common

  • 76% of respondents use multiple IdPs, a surprising trend in contrast to the usual consolidation of cybersecurity tools.
  • The respondents highlighted high-availability / failover, unique use case requirements, and preferred best of breed approach reasons.
  • Bottom line: As over 80% of cyberattacks focus on credentials, practitioners need to have a back-up system in case their primary IdP product goes down or is compromised by an attack.

Device Trust is woefully underused

  • Device trust isn’t used at all according to 25% of the respondents.
  • And under 50% of respondents use it for mobile security while only 25% use it for safeguarding Mac workstations.
  • Bottom line: Organizations are missing a simple, but effective way to improve their security posture by not using device trust as the start of every user’s digital journey.

“Many organizations are making steady progress in protecting customer and employee accounts and credentials from malicious activity,” stated Paul Trulove, CEO of SecureAuth. “However, based on this survey, it’s clear that traditional authentication approaches, which are dependent on legacy MFA, have not kept up with adversarial advancements, and more needs to be done to ensure credentials are safe from cyberattacks. It’s reassuring to see that an overwhelming number of organizations are planning to implement passwordless authentication technology within the next two years. But passwordless is not enough. Organizations need to move towards continuous authentication that manages a user’s entire digital journey from pre-authentication to post-authorization to be truly secure and provide users with a frictionless experience.”

To download the full report, visit: State of Authentication Report.

Survey Methodology

The State of Authentication Report is a vendor-neutral research study that was independently conducted by ViB (Virtual Intelligence Briefing) Research. The report is based on a survey of 285 IT and security professionals from mid to large enterprises in North America. Participants include an even distribution of respondents across company size, titles, and industries.

About SecureAuth Corporation

SecureAuth is a next-gen access management and authentication company that enables secure and passwordless continuous authentication experience for employees, partners and customers. With the only solution that can be deployed in cloud, hybrid and on-premises environments, SecureAuth manages and protects access to applications, systems and data at scale, anywhere in the world. To find out more, please visit www.secureauth.com.

Follow SecureAuth via:

LinkedIn: https://www.linkedin.com/company/secureauth-corporation
Twitter: https://twitter.com/SecureAuth
Blog: https://www.secureauth.com/blog/

Contacts

Joan Fronske

Director, Corporate Communications

press@secureauth.com
(925) 437-5964

Staff

Recent Posts

SHOP BLACK FRIDAY, CYBER MONDAY AND TRAVEL TUESDAY DEALS ON EXPEDIA, HOTELS.COM AND VRBO

The biggest travel sale of the year starts today on Expedia, Hotels.com and Vrbo. Travelers…

13 hours ago

Mythical Games and FIFA Team Up to Bring New Football Arcade Game ‘FIFA Rivals’ to Mobile Users Worldwide

Announcement Marks the Next Phase of FIFA’s Expanding Portfolio of Games ‘FIFA Rivals’ will Launch…

13 hours ago

TerraMaster Black Friday Offers Up to 25% OFF on NAS

SHENZHEN, China, Nov. 22, 2024 /PRNewswire/ -- From November 21 to December 2, the Black…

13 hours ago

Cultural Finance Empowers New Quality Productive Forces in the Greater Bay Area’s Cultural Industry

GUANGZHOU, China, Nov. 22, 2024 /PRNewswire/ -- From November 20 to 22, the 2024 Guangdong-Hong…

23 hours ago

GE HealthCare Announces Advanced Imaging Innovations for OEC 3D C-arm to Help Improve Precision Care in Practice of Interventional Pulmonology

To help improve clinician workflow and visualization during endoscopic bronchoscopy procedures, the company has added…

1 day ago

IMMOTION WINS BEST VR AWARD FOR THE GREAT MIGRATION AT WCFF 2024

MONTERREY, Mexico, Nov. 22, 2024 /PRNewswire/ -- IMMOTION, the global leader in immersive edutainment, received…

2 days ago