Only 53% of surveyed financial services organisations use MFA
Thales Cloud Security recently released their 2022 Data Threat Report – Financial Services Edition.
One of the key takeaways for us here at Oper8 Global was that MFA (Multifactor Authentication) is used by only 53% of surveyed financial services organisations.
An excerpt of the 2022 Data Threat Report – Financial Services Edition is below;
“Unsurprisingly, the “human factor” remains the weakest link in cybersecurity. A majority of successful cyberattacks gain access into an organisation due to user error, often beginning with a successful phishing attack that provides an initial foothold, which then enables a full-scale ransomware/malware attack to progress.
In a survey question, respondents stack-ranked what they view as the most-increased security threats. Ransomware and malware were tied as the top threat (59% of respondents each), while phishing/whaling and denial of service were next, tied at 37%, and man-in-the-middle/eavesdropping followed these at 31%. Meanwhile, 80% of financial services respondents were very or somewhat concerned about security risks and threats from remote employees, tracking closely with global sentiment. Surprisingly, just 44% of survey respondents prioritised multifactor authentication (MFA) as the most effective security technology for preventing cyberattacks.
At ten percentage points higher than the overall survey base, this speaks well for the financial services industry—although it is still low considering that MFA is one of the best ways to counter ransomware, as well as many other attacks that rely on inadvertent user error.
MFA is used by only 53% of surveyed financial services organisations, slightly lower than the overall survey base. Only 11% of financial services organisations use modern authentication, including MFA, for the majority of on-premises applications, while only 26% use it for the majority of cloud services—seven percentage points higher than the overall survey results. Modern authentication was most often deployed for remote/mobile non-IT employees and staff (66% of respondents cited this use case, which is similar to the global average) and for third parties such as consultants, partners and suppliers (56%, which is eight percentage points higher than average). This is likely due to large quantities of hybrid workers and reliance on outsiders that are granted access to organisational networks.”
Oper8 Global is Thales Cloud Security’s only Australian owned Platinum partner.