Dive Brief:
- About $74 billion is spent on security annually, but easily remedied flaws still exist, potentially leading to damaging breaches. A whopping 81% of breaches are a result of mishandling credentials, according to a SecureAuth study of more than 617 million authentications from 500 industries.
- More than 60 million of the reviewed accounts had incorrect credentials put in while 119,000 accounts were locked due to the volume of repeated incorrect password attempts.
- The devices used for access were not recognized 830,000 times. Approximately 41% of breaches are executed through stolen devices.
Dive Insight:
Breaches and attacks not only impact a company's bottom line, but also diminish customer trust. Cybercrimes spiked 62% in the last five years and can cost companies approximately $11.7 million per year.
These metrics represent the complexity of cybercrimes and their damage. But when it comes to authentication, why are companies still struggling?
Multifactor authentication is an essential step in protecting sensitive assets. Yet even highly reputable consulting firms like Deloitte suffered a hack due to infiltration through an administrator's account. The account was protected by a single password requirement.
Commonly used platforms like Gmail are primary targets. Though Google is implementing stronger standards for "high risk" users, its accounts are often targeted through phishing and keylogging. Between 12-25% of those attacks were successful in obtaining an authenticate password.
Vulnerabilities remain in the fabric of cybersecurity, especially authentication measures. Companies' security standards are only as strong as their passwords. Sometimes "password123" just won't cut it.