News & Views
Yubico reveals C-Suite cyber attitude
Nearly 70% of C-suite believe they urgently need to up upgrade to modern phishing-resistant and multi-factor authentication (MFA) despite their worries about using MFA, if they are to protect their data and critical infrastructure according to the latest survey from Yubico (www.yubico.com).
Data from Yubico’s inaugural ‘State of Global Authentication’ survey found 68% of senior-level staff, 68% of executive members, 64% of Vice Presidents, and 63% of company directors agree that their organisation needs to upgrade to modern phishing-resistant MFA – like hardware security keys, however, fears around MFA adoption are causing barriers.
As such only 16% of UK respondents say their organization has already implemented MFA across all apps and services, with a further 11% of UK employees saying that their organization implemented hardware security keys only after a cyberattack had occurred.
The survey reveals fears on MFA adoption centred around: expensive (cited by 17% of respondents); complication and time-constraints (cited by 20%); difficulties of use (cited by 9%); whilst a further 13% said they believed MFA to be unnecessary.
“Our research indicates that senior-level UK employees understand the value of strong MFA with nearly a third of board and executive-level members frequently discussing cybersecurity at meetings, however, there are significant gaps between business leaders wanting to implement MFA solutions and putting steps in place to do so,” says Niall McConachie, regional director (UK & Ireland), Yubico. “This, paired with misconceptions of MFA, such as it being expensive, difficult to use, and complicated to deploy, are hindering progress. Therefore, these findings have made it clear that UK enterprise MFA adoption still has a long way to go.”
“Further statistics show that enterprise MFA is not being used to its full potential by UK organizations. This is demonstrated by the fact that phishing-resistant MFA was used so rarely in response to attacks, despite being the most secure form of authentication. Moreso, two of the barriers to organizations adopting MFA included organizations being too slow to adopt new technologies (15%) and others simply do not believe they are at risk for a cyberattack (9%),” continues McConachie.
“What senior-level staff need to consider is that using out-of-date or ineffective authentication methods risks both security and productivity. So, by reducing friction at login – such as eliminating usernames and passwords – MFA and strong two-factor authentication (2FA) can benefit organizations in more ways than one. For example, FIDO2 security keys are phishing-resistant and provide a seamless login experience across multiple devices and online accounts, all while maintaining the highest level of security possible.”
“The degree to which leaders value and prioritise their cybersecurity can have a direct impact on others throughout the organization,” says McConachie. “Therefore, businesses must do more to change business-wide attitudes towards cybersecurity standards and authentication practices, starting with executives and senior-level staff.”
Robust digital authentication is critical in protecting modern enterprises from today’s complex cyber threat landscape. Effective protection against cybercrime requires using strong MFA across all apps and services. Interestingly, more than any other country surveyed, UK respondents agreed with this and believe MFA is best practice for authentication and is a vital part of cybersecurity.
Yubico’s full survey can be downloaded at www.yubico.com/resource/state-of-global-enterprise-authentication-survey-uk