A new study by Yubico underscores the pressing necessity for enhanced education and a comprehensive approach to cybersecurity, both at work and at home. The findings come in light of increasing cyber threats and the evolving landscape of technology, particularly artificial intelligence (AI). The survey results are timely, coinciding with Cybersecurity Awareness Month, which begins next week.
Conducted by Talker Research, the 2024 Global State of Authentication survey included responses from 20,000 participants across countries such as Australia, France, Germany, India, Japan, Poland, Singapore, Sweden, the United Kingdom, and the United States. The aim was to assess public perceptions and understanding of cybersecurity’s global impact, the risks posed by inadequate security practices, and the potential threats presented by AI.
The survey revealed concerning patterns regarding personal and workplace cybersecurity. Key findings indicated a widespread underutilization of multi-factor authentication (MFA) and a predominantly reactive approach to cyber threats. Alarmingly, the most common authentication method remains the username and password, which is considered the least secure form of authentication. Specifically, 58% of respondents reported using this method for personal accounts, while 54% do so for work accounts.
The rapid advancement of AI has led many respondents to express concern over the increasing sophistication of online scams and phishing attacks, with 72% acknowledging that these attacks have become more advanced and 66% stating they are more likely to succeed. However, there is a notable lack of awareness regarding best practices for secure authentication. For instance, 39% of respondents mistakenly believe that a username and password are the most secure methods, while 37% favour mobile SMS-based authentication, both of which are vulnerable to phishing.
A worrying 40% of individuals are uncertain whether the online services they use provide adequate security measures to protect their data and personal information. Despite this uncertainty, 22% have never conducted a personal cybersecurity audit, which includes actions like updating cybersecurity software or changing compromised passwords.
The survey further highlighted the apps and services where users most frequently encounter compromised passwords, including social media (44%), payment apps (24%), and online retail accounts (21%). Alarmingly, 40% of employees reported never receiving cybersecurity training from their employer, with only 27% feeling confident about the security measures in place within their organisations. Additionally, 34% of new employees did not receive guidance on securing their work accounts beyond using a username and password.
Derek Hanson, Vice President of Standards and Alliances at Yubico, emphasised the necessity for a holistic cybersecurity strategy that encompasses both home and workplace environments. He stated, “This includes adopting stronger authentication methods to become phishing-resistant, fostering a culture of security awareness through consistent employee training, and more.”
As cyber threats become increasingly sophisticated, it is essential for individuals to remain vigilant in their personal and professional lives. Hanson concluded, “When individuals fail to secure their personal accounts, they also put their workplaces at risk. Therefore, a unified approach to cybersecurity is crucial.”
For more information on Yubico, visit www.yubico.com.
