Only 45% of organizations use MFA to protect against fraud
Most businesses struggle with identity verification and have concerns over ability to protect against AI, according to Ping Identity. Despite stronger protection solutions available, many organizations aren’t taking full advantage.
The report, based on responses from 700 IT decision-makers across the US, UK, France, Germany, Australia, and Singapore, reveals a pressing need for organizations to enhance their identity protection strategies, with 97% having challenges with identity verification and 48% lacking confidence they have the technology in place to defend against AI-related attacks.
Businesses’ struggle with identity verification and AI concerns
Identity fraud is acknowledged universally as a problem, yet often remains a vulnerability as leaders and companies struggle to implement the right methods and solutions to protect themselves. This will only get worse as AI continues to advance and evolve.
“To stand a chance against advancing identity fraud tactics, businesses must leverage more advanced technologies,” said Patrick Harding, Chief Architect at Ping Identity. “If less than half of organizations are implementing multi-factor authentication (MFA), they are leaving themselves critically exposed, and less resilient against cybercriminals who are leveraging increasingly sophisticated AI tactics.”
“Fraud is on the rise, and it’s getting worse with AI. Smart leaders know that they need to level up yet so many organizations don’t have the right guardrails in place to mitigate or prevent these kinds of threats. The longer they go without, the more they put themselves in harm’s way. Acting against tomorrow’s attacks means planning – and getting started – now,” said Jamie Smith, Decentralized Identity Expert and founder of Customer Futures.
97% of organizations are experiencing challenges with identity verification, and 52% are very concerned about credential compromise, followed by account takeover (50%).
49% admit their current fraud prevention strategy is somewhat or not at all effective at protecting against credential compromise, with only 45% using two-factor/multi-factor identification verification to protect against fraud, and even less (44%) using biometrics.
Security teams face a major problem with identity theft
54% of respondents are very concerned that AI technology will increase identity fraud, and only 52% expressed high confidence in their ability to detect a deepfake of their CEO.
48% are not very confident they have technology in place to defend against AI-attacks, with only 27% of healthcare organizations having implemented a strategy to protect against AI threats. 41% expect cybercriminals’ use of AI to significantly increase identity threats over the next year.
While only 38% have implemented a strategy to use decentralized identity (DCI) as a protection against fraud for both customers and employees, this is an increase from last year when only 13% had implemented. Manufacturing and government organizations are well on their way to wider strategy adoption, with both around 50%, while finance reports the lowest strategy adoption at only 26%.
Security teams face a major problem with identity theft, but there’s a bigger problem. There’s a disconnect between education and action that puts organizations in a difficult spot of not being able to guard against tomorrow’s threats. Identity proofing paired with credential issuance and verification is a top solution, but not enough businesses are rising to the call to adapt and incorporate this technology into their security infrastructure for workforce or customer use cases.