Report: Organizations Are Scrambling to Overhaul Their Identity Security Frameworks Amidst Surge in Recent Attacks
May 21 2024 - 9:00AM
HYPR, the Identity Assurance Company today released its 2024 State
of Passwordless Identity Assurance Report. The fourth annual
edition unveils the persistent trend of credential misuse and
authentication weaknesses as primary drivers of breaches, costing
victim organizations an average of $5.48 million over the past
year. In response, there is a resounding call for identity-first
security strategies, prioritizing passwordless adoption and
frictionless identity verification, as key defenses. Interestingly,
75% of respondents expect AI to combat cybercriminals, despite 60%
naming AI-powered threats as their biggest identity security
concern.
Conducted by HYPR and Vanson Bourne, the report derives insights
from 750 IT security decision makers, representing a cross-section
of industries in the UK, France, and Germany, Asia-Pacific and
Japan, and the United States. The findings arrive during a critical
turning point, as organizations scramble to bolster defenses amidst
a relentless wave of credential-based attacks. In fact, nine out of
ten (91%) claim credential misuse or authentication weakness as the
cause behind a breach — up from 82% in 2022. Yet, despite these
alarming figures, 99% of respondents remain tethered to legacy,
vulnerability-rife authentication methods.
“The gap between evolving threats and outdated identity models
undermines global security and business growth. While teams
scramble to outpace the rate of credential-based attacks, the
solution lies in a fundamental shift towards deterministic identity
controls – that is phishing-resistant authentication, continuous
verification, and risk detection and mitigation,” said Bojan Simic,
CEO and Co-founder of HYPR. “A holistic framework built on these
principles not only closes legacy loopholes exploited by attackers,
but also streamlines processes, boosts operational efficiency and
ensures compliance.”
Credential-based attacks continue to surge,
exposing the limits of current prevention
strategies
The trend of credential attacks shows no signs of slowing, with
high-profile breaches within the healthcare, financial and telco
industries, already casting a long shadow over 2024. Data reveals
that in 2023, 78% of organizations suffered an identity-related
cyberattack. The drivers:
- Almost four in ten (39%) experienced
phishing attacks; identity impersonation struck 28% of
organizations, while push notification exploits were the fifth most
common vector at 26%.
- More than two-thirds (69%) were breached via authentication
processes, unsurprising considering most employees use four
different types of authentication methods.
- 78% experienced identity fraud, with
over half falling victim multiple times, each incident costing an
average of $2.78 million.
Passwordless gains traction with signs of progress in
identity security despite paradox
It is evident that organizations are hindering their own
identity-first security initiatives by misplacing priorities. For
example, only 67% deployed new identity tools or changed their
authentication methods following a breach, while 33% neglected to
act. Contradictorily, 89% believe that passwordless provides the
highest level of security, yet over half (53%) cling to vulnerable
username/ password methods. To add to the complexity, organizations
are grappling with the paradoxical nature of AI with three quarters
viewing it as essential armor against cyberattacks, while six in
ten recognize it as a powerful new weapon for adversaries. On a
positive note:
- Four in ten (41%) intend to adopt or
continue to use passwordless authentication over the next 1-3
years.
- 97% of those who plan to use passwordless, will incorporate
passkeys.
- Identity verification is emerging as a priority with 43% of
respondents planning to incorporate the technology.
- Close to half (49%) are likely to
expand employee training programs with the goal to reduce human-led
authentication errors.
“HYPR’s research shows that identity assurance isn't just about
security, it's a foundational pillar for building a resilient and
adaptable future. Organizations that prioritize it gain a strategic
advantage by fostering seamless and secure experiences. This not
only boosts productivity but, more importantly, cultivates trust
with key stakeholders,” said Anthony Belfiore, Chief Security
Officer at Wiz. “In today's rapidly evolving digital landscape,
robust identity security isn't just about survival; it's the
catalytic force that empowers businesses to thrive in an uncertain
and ever-changing environment.”
WEBINAR: What Are the Top Identity Threats
in 2024? Insights From the Annual State of Passwordless Identity
Assurance ReportJoin HYPR and the FIDO Alliance
Date: June 6, 2024 at 11am
PTLink:
https://event.on24.com/wcc/r/4595731/B66BF7340446227E471C5B1FB3D9C09F
Speakers:
Bojan Simic, CEO
& Co-founder, HYPRAndrew Shikiar, Executive Director & CEO,
FIDO
Alliance
About HYPRHYPR, the Identity Assurance Company,
helps organizations create trust in the identity lifecycle. The
HYPR solution provides the strongest end-to-end identity security,
combining modern passwordless authentication with adaptive risk
mitigation, automated identity verification and a simple, intuitive
user experience. With a third-party validated ROI of 324%, HYPR
easily integrates with existing identity and security tools and can
be rapidly deployed at scale in the most complex environments.
About Vanson Bourne Vanson Bourne is an
independent specialist in market research for the technology
sector. Their reputation for robust and credible research-based
analysis is founded upon rigorous research principles and their
ability to seek the opinions of senior decision makers across
technical and business functions, in all business sectors and all
major markets. For more information, visit
www.vansonbourne.com.
Media:Fabienne
Dawsonfabienne@hypr.com917.374.6860
A photo accompanying this announcement is available at
https://www.globenewswire.com/NewsRoom/AttachmentNg/33ff746d-dbb5-4000-beee-c59f37362a04