SANTA CLARA, California and STOCKHOLM–(COMMERCIAL WIRE)–In light of recent phishing-based cyberattacks and in recognition of Cybersecurity Awareness Month, Yubico, the leading provider of hardware authentication security keys, today shared the results of its inaugural State of Global Enterprise Authentication Survey 2022 at a security thought leadership industry summit hosted by the company at its San Francisco office. The survey, conducted for Yubico by Censuswide, surveyed more than 16,000 employees at a variety of companies in eight countries* and asked about their perceptions and perceived challenges of MFA, security tools, and internal security practices at their organization, and their recent experiences with cyber attacks.
While the survey revealed numerous interesting data points, these revealing MFA and cybersecurity authentication trends came out on top:
- 59% of employees they still rely on username and password as their primary method of authenticating to accounts
- Almost 54% of employees admit to typing or sharing a password
On 22% of respondents still think username and password is the most secure authentication method
- 61% of employees think their organization needs to upgrade to modern phishing-resistant MFA and 79% of VP level staff want their organization to upgrade to modern phishing-resistant MFA (such as hardware security keys)
- More than 54% of employees are not required to receive frequent cybersecurity training
In the last 12 months, nearly 57% admitting the use of a work-issued device for personal use
In the last 2 years, almost 40% of those surveyed admit to having broken their mobile phone and narrowly 30% they have lost it (a device that organizations often use to authenticate)
“Cybersecurity Awareness Month raises global awareness of security hygiene, and it’s a great time for individuals and organizations to take action now to strengthen their cybersecurity practices,” said Stina Ehrensvärd, CEO and co-founder of Yubico. “Yubico’s global survey results highlight the biggest concerns, challenges and real-world scenarios facing organizations globally when it comes to their cybersecurity efforts, including continued reliance on legacy MFA solutions such as one-time passwords. It’s a stark reminder of how much the company still has to do to adopt and standardize phishing-resistant MFA tools.”
The authentication state
To further fuel conversations about the importance of modern authentication, Yubico brought together cybersecurity industry leaders for its inaugural YubiSummit event in San Francisco, which included leading organizations at the forefront of security, influencers, and media outlets for in-depth discussions on the main challenges facing companies. This day. In addition to Yubico executives, CEO and co-founder Stina Ehrensvärd, CISO Chad Thunberg and Vice President Derek Hanson, attendees included Brave, Union Pacific Railroad, Defending Digital Campaigns, Microsoft, Google and raquel tobaccoethical hacker and CEO of SocialProof Security.
Some of the topics discussed at YubiSummit included:
Forget passwords – access codes are the new thing in town. After the survey results were released, Yubico’s Hanson shared information on demystifying the new term access keys, including what they are, specific use cases and benefits, and what businesses should consider between the use of access keys and security keys.
“Looking at the results of the survey, and then contrasting that data with what we hear is happening to businesses, just re-emphasizes what we already know: that passwords are not enough and that not all MFA is created equal,” he said. Hanson. . “We are excited about the arrival of access keys to help make FIDO authentication globally accessible. It’s important to understand how access keys will affect your organization and what type of access key is right for you. Access keys, by definition, are passwordless FIDO-enabled credentials, but YubiKeys only creates hardware-bound access keys that cannot be copied, ensuring the highest level of security for businesses.”
What the hack: advice from an ethical hacker. Tobac premiered a video with Yubico, demonstrating how cybercriminals hack by tricking people. The video highlights an attack vector frequently seen in recent news where an employee is tricked into going to a malicious link, entering their username and password, and handing over their 2FA codes to the attacker, all in a few minutes. seconds. He discussed the evolution of cyber attacks and the importance of implementing a modern MFA, like YubiKey, to stop attackers during an attack.
“If your threat model is elevated because you have admin access at work, are in the public eye, or are being attacked/harassed, it is essential to consider FIDO security keys to prevent the most common attacks we are seeing in the news. right now. Tobacco said.
Our corporate responsibility: to protect people at risk around the world. Mary Mangione, senior brand and communications manager for Yubico and leader of its philanthropic program, Secure it Forward, joined experts from Google, Microsoft and Defending Digital Campaigns to discuss protecting high-risk users in journalism, society civil and politics. The conversation focused on the importance of companies partnering to leverage joint resources to keep these vulnerable populations safe.
“Collaborating with organizations like Google, Microsoft and Defending Digital Campaigns allows us to better protect high-risk users and organizations that need it most,” said Mangione. “At Yubico, our Secure it Forward program provides YubiKeys globally at no cost to help equip journalists, political organizations and nonprofits with strong security.”
To view the survey results and download the report, visit here. Learn more about YubiKey and Phishing Resistant MFA, visit here.
Yubico, the inventor of the YubiKey, makes secure login easy and available to everyone. Since the company was founded in 2007, he has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers and Internet accounts. Yubico is a creator and major contributor to the open authentication standards FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F), and is a pioneer in delivering modern hardware-based authentication security at scale.
YubiKeys is the gold standard for phishing-resistant multi-factor authentication (MFA), enabling a single device to work across hundreds of consumer and business apps and services. Yubico’s technology enables secure authentication, encryption and code signing and is used and loved by many of the world’s largest organizations and millions of customers in over 160 countries.
Aligned with its mission to make the Internet safer for everyone, Yubico donates YubiKeys to organizations that help people at risk through the Secure it Forward philanthropic initiative. Yubico is privately held, with a worldwide presence and offices in Santa Clara, San Francisco, the Seattle area, and Stockholm. For more information, visit: www.yubico.com.
*Australia, France, Germany, New Zealand, Singapore, Sweden, United Kingdom, United States.