HomeRisk ManagementsMFA adoption is on the rise, but still has room for improvement

MFA adoption is on the rise, but still has room for improvement

Published on

spot_img

A recent study conducted by Osterman Research revealed that while the adoption of multifactor authentication (MFA) is on the rise due to the increasing threats related to identity security, many organizations are still lagging behind in implementing this crucial security measure. The study, which surveyed cybersecurity professionals from over a hundred US-based organizations, found that a significant number of respondents admitted to not protecting “every employee and every app” with MFA.

The alarming fact is that almost eight out of every ten respondents reported being compromised in one or more types of identity attacks in the past 12 months. Despite the clear need for stronger security measures, only a small percentage of organizations have fully implemented MFA across all their employees and applications. This lack of robust protection leaves organizations vulnerable to cybercriminals who are becoming increasingly sophisticated in their methods of stealing and abusing compromised credentials.

According to Michael Sampson, principal analyst at Osterman Research, cybercriminals are now focusing more on stealing authorized access through compromised credentials rather than attempting to hack into systems directly. This shift in tactics has made it imperative for organizations to prioritize the adoption of more secure MFA methods to prevent unauthorized access to sensitive data.

The study identified several factors that are contributing to the challenges in maintaining effective identity security, including the growing complexity of IT systems, the use of artificial intelligence by cyber adversaries, and the lack of cybersecurity expertise within organizations. Additionally, a significant number of respondents highlighted the difficulty in detecting and stopping identity attacks in real-time, further emphasizing the urgent need for stronger security measures.

Experts emphasize the importance of enforcing stronger forms of MFA that do not rely on easily phishable codes, such as hardware keys based on the FIDO approach. Despite the availability of other identity security practices like Single Sign-On (SSO), Zero Trust Architecture (ZTA), Identity and Access Management (IAM), Privileged Access Management (PAM), Role-Based Access Control (RBAC), and Just-in-Time (JIT) provisioning, MFA remains a critical and adaptive security measure for safeguarding access and identities.

The study also highlighted the growing acceptance of MFA as a mandatory security requirement, with major global IT companies like Microsoft, Google, AWS, Apple, and Salesforce either mandating or considering the mandate of MFA for all users. This shift towards stronger security measures underscores the importance of proactive measures to protect against identity threats and prevent unauthorized access to sensitive information.

In conclusion, the study’s findings serve as a stark reminder of the pressing need for organizations to prioritize the implementation of robust security measures like MFA to safeguard against the evolving threats related to identity security. By adopting stronger and more secure authentication methods, organizations can better protect their assets, data, and reputation in an increasingly volatile cybersecurity landscape.

Source link

Latest articles

Why AI in Healthcare Requires Enhanced Data Oversight

Attorney Jordan Cohen of Akerman Addresses AI Challenges in Healthcare In a rapidly evolving landscape...

When 80,000 Fans Log On at Once: Unique Cybersecurity Issues of the 2026 World Cup

In light of the imminent 2026 World Cup, which will unfold across sixteen cities...

NPM Ecosystem Faces Two New Supply Chain Compromises

Malicious Code Discovered in npm Packages: A Growing Threat In a troubling development within the...

Eleven Vulnerable UEFI Shims Allow Secure Boot Bypass

Vulnerabilities in Microsoft-Signed UEFI Shims Pave the Way for Attacks Recent findings from cybersecurity research...

More like this

Why AI in Healthcare Requires Enhanced Data Oversight

Attorney Jordan Cohen of Akerman Addresses AI Challenges in Healthcare In a rapidly evolving landscape...

When 80,000 Fans Log On at Once: Unique Cybersecurity Issues of the 2026 World Cup

In light of the imminent 2026 World Cup, which will unfold across sixteen cities...

NPM Ecosystem Faces Two New Supply Chain Compromises

Malicious Code Discovered in npm Packages: A Growing Threat In a troubling development within the...