SecureAuth Survey: 66% of Cybersecurity Professionals Moving Beyond Traditional Passwords
IRVINE, Calif., Dec. 15, 2015 – SecureAuth Corporation, the leader in Adaptive Authentication, announced today the release of survey results revealing industry perspectives on passwords, authentication methods and cybersecurity budgets. Commissioned in conjunction with Wakefield, the responses surveyed more than 300 IT security professionals in the U.S. Overall, the data indicates businesses nationwide are increasing their cybersecurity budgets and exploring alternative authentication techniques to passwords – and to what extent they’re doing so.
Investments are Increasing, but Challenges Remain
A whopping 59% of professionals surveyed said their company experienced a data breach in the last 12 months. It may not come as a surprise, then, to find that 95% of respondents think their companies will increase security spending in the next year. Of that number, nearly half (44%) expect to do so by 20% or more.
Will heftier budgets be put towards preventative measures or post-breach clean up? The survey results point to the former: 62% of respondents believe managing the consequences of data breaches cost their companies more than protecting against them. But, IT professionals face an ongoing battle, owning to market pressures that tend to get in the way of prioritizing proactive cybersecurity. In fact, 87% of cybersecurity professionals admit their company is frequently forced to choose between user experience and greater security.
Technology is Playing Catch-Up
Increased spending may in part be due to the evaluation and exploration of new secure techniques and technologies. For example, in the past passwords have been the preferred method of use for secure access management. They both enforce a baseline level of security and are generally budget friendly. Amidst the growing rate of cyberattacks, however, the attitudes towards passwords have changed drastically. In no small part due to high profile security compromises like the Ashley Madison attack, companies have learned that password-only policies can leave personal information quite vulnerable. This assessment is backed up by the survey results, with approximately 66% of respondents leveraging authentication methods beyond passwords.
Perhaps owning to both security holes and their cumbersome nature, 91% of cybersecurity professionals agree that the traditional password will not exist in ten years. On top of that, password recall can waste company resources. The survey results noted 85% of cybersecurity professionals believe employees frequently contact the help desk because they’ve forgotten passwords – with more than 1 in 3 (37%) saying their employees do this all the time.
Identifying the Right Solutions
While the number above might point towards a wide scale movement away from passwords, it’s not all smooth sailing: 81% of cybersecurity professionals think new authentication methods are prohibitive because they require the latest technology and most up-to-date software. Yet interestingly, 97% of respondents also believe new authentication techniques are reliable (such as fingerprint scans or two-factor authentication). In juxtaposing these findings, it becomes clear there is still room for growth. Vendors must continue to improve on existing multi-factor authentication technology – with an eye towards offering a seamless user experience – and customers must do their due diligence in identifying the most appropriate solutions for them.
“This survey very clearly indicates there is an appetite for multi-factor authentication solutions beyond the traditional password,” said Craig Lund, CEO of SecureAuth. “Advances in Adaptive Authentication have brought to market a number of options that help users stay both secure and productive by layering multiple methods, such as device recognition, analysis of the physical location of the user, or even by using behavioral biometrics to continually verify the true identity of the end user. Integrating these types of solutions may take a little time, and a redirection of budget – but I’m hard-pressed to think of a worthwhile cybersecurity endeavor that doesn’t. In this day and age, proactivity is much more important than reactivity.”
For a copy of the press release, please click on the link.
The SecureAuth Survey was conducted by Wakefield Research (www.wakefieldresearch.com) among 308 cybersecurity professionals employed full-time with a specific focus in IT security, between November 20th and 24th, 2015, using an email invitation and an online survey. Results of any sample are subject to sampling variation. The magnitude of the variation is measurable and is affected by the number of interviews and the level of the percentages expressing the results. For the interviews conducted in this particular study, the chances are 95 in 100 that a survey result does not vary, plus or minus, by more than 5.6 percentage points from the result that would be obtained if interviews had been conducted with all persons in the universe represented by the sample.
SecureAuth is the leader in Adaptive Authentication and information security solutions, delivering innovative secure access control for cloud, mobile, web, and VPN systems to over five million users worldwide. With Multi-Factor Authentication and Single Sign-On in one solution, SecureAuth IdP’s unique architecture enables organizations to leverage legacy infrastructures while also embracing next generation technologies. This preserves existing investments while also meeting today’s security challenges. For the latest insights on secure access control, follow the SecureAuth blog, follow @SecureAuth on Twitter, or visit www.secureauth.com.
SecureAuth™ IdP is a trademark of SecureAuth Corporation in the United States and/or other countries.