The movement towards multi-factor authentication (MFA) systems continues to grow, with more sophisticated methods being utilized. However, despite this, the number of attacks continues to increase. Cisco’s Trusted Access Report 2024 found that identity is at the forefront of cyber threats, based on records from the Cisco Duo platform. It was noted that MFA, which requires at least two verification factors, remains a crucial defense against identity-based attacks.
It was found that while MFA implementation is increasing, so are attacks on account credentials. Cisco has highlighted that factors such as FIDO security keys and web authentication-enabled biometrics are more secure compared to weaker factors like SMS and calls. This has led to a decrease in the use of the latter methods by 5% in 2023, a 22% decrease compared to 2022.
Remote work has also increased the need for robust and flexible security measures, as employees now access corporate networks from various locations and devices. A Cisco study found that 85% of companies feel unprepared against modern cyberattack methods, with the average global company having 40% of their accounts with weak or no MFA, making them vulnerable to breaches.
To mitigate against attacks, the Cisco Duo MFA system usage has increased by 41% overall, with particular growth in Japan, the Philippines, and Australia. Identity and access management (IAM) systems are also crucial, but security breaches often occur when new systems are introduced without completely deprecating older formats.
The study also highlighted the challenges faced with identity dispersion, where users have numerous accounts managed by multiple systems. This presents a security risk and an ongoing operational challenge. To balance this, it is necessary to understand devices, operating systems and browsers used, as well as implementing updated software to prevent unpatched vulnerabilities. Additionally, a comprehensive approach to security including VPNs, firewall policies, and data encryption is also essential.
Despite the efforts to strengthen identity security, the lack of talent in security teams makes protecting against cyberattacks even more challenging. Cisco believes that identifying poorly configured and unused company accounts is crucial, along with having a response and detection capabilities for identity threats.