Senior staff hindering cybersecurity finds survey

Yubico has released data from its inaugural State of Global Authentication survey, examining attitudes towards cybersecurity and MFA.

Robust digital authentication is critical in protecting modern enterprises from today’s complex cyber threat landscape. With cyber attacks at an all-time high, it is up to those in management and executive positions to prioritise, implement and enforce modern cybersecurity practices throughout their organisation to protect their data and critical infrastructure.

To gauge the perspective of those in senior-level positions, Yubico has released data from its inaugural State of Global Authentication survey, examining attitudes towards cybersecurity and multi-factor authentication (MFA) practices throughout businesses around the world.

Effective protection against cybercrime requires using strong MFA across all apps and services. Interestingly, more than any other country surveyed, UK respondents agreed with this and believe MFA is best practice for authentication and is a vital part of cybersecurity.

When reviewing opinions of senior-level staff, senior managers (63 percent), executive members (68 percent), VPs (64 percent), and company directors (63 percent) agree that their organisation needs to upgrade to modern phishing-resistant MFA – like hardware security keys.

However, only 16 percent of UK respondents say their organisation has already implemented MFA across all apps and services. Furthermore, 11 percent of UK employees said their organisation implemented hardware security keys only after a cyber attack had occurred.

When it comes to possible barriers to implementing MFA, many UK companies are hesitant due to misconceptions including:

  • MFA is expensive (17 percent)
  • MFA is unnecessary (13 percent)
  • MFA is complicated to deploy (10 percent)
  • MFA is time-consuming (10 percent)
  • MFA is difficult to use (9 percent)

Niall McConachie, regional director (UK & Ireland) at Yubico, comments on the survey’s findings and advises UK companies on what more can be done to improve their business-wide cybersecurity and adoption of MFA:

“Our research indicates that senior-level UK employees understand the value of strong MFA. We now know that nearly a third of board and executive-level members discuss cybersecurity frequently at meetings. However, there are significant gaps between business leaders wanting to implement MFA solutions and putting steps in place to do so. This, paired with misconceptions of MFA, such as it being expensive, difficult to use, and complicated to deploy, are hindering progress. Therefore, these findings have made it clear that UK enterprise MFA adoption still has a long way to go.

"Further statistics show that enterprise MFA is not being used to its full potential by UK organisations. This is demonstrated by the fact that phishing-resistant MFA was used so rarely in response to attacks, despite being the most secure form of authentication. Moreso, two of the barriers to organisations adopting MFA included organisations being too slow to adopt new technologies (15 percent) and others simply do not believe they are at risk for a cyber attack (9 percent).

"What senior-level staff need to consider is that using out-of-date or ineffective authentication methods risks both security and productivity. So, by reducing friction at login – such as eliminating usernames and passwords – MFA and strong two-factor authentication (2FA) can benefit organisations in more ways than one. For example, FIDO2 security keys are phishing-resistant and provide a seamless login experience across multiple devices and online accounts, all while maintaining the highest level of security possible.

“The degree to which leaders value and prioritise their cybersecurity can have a direct impact on others throughout the organisation. Therefore, businesses must do more to change business-wide attitudes towards cybersecurity standards and authentication practices, starting with executives and senior-level staff.” 

Share

Featured Articles

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

See Below for a Newly Announced Speaker List for Tech Show London 2024, as it Promises to Showcase Technology Trends Will Impact Various Sectors

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI

IT and OT security with Ilan Barda, CEO of Radiflow

Cyber Security