The Truth Revealed: Humans Are Idiots When it Comes to Cybersecurity
Just in time for Cybersecurity Awareness Month, the 2024 Global State of Authentication survey has shed some disturbing light on human behavior when it comes to keeping their digital lives secure. The survey, conducted by Talker Research, reveals that people are still ridiculously naive when it comes to authentication, and it’s not just individuals who are vulnerable – entire organizations are also at risk.
Here are the shocking findings:
- Username and Password: The most common form of authentication, and the most insecure. 58% of people use username and password to log into their personal accounts, while 54% do the same for work accounts.
- AI-Powered Phishing: Online scams and phishing attacks have become so sophisticated that 72% of respondents believe they are more successful than they used to be.
- Lack of Awareness: 39% think username and password are the most secure, while 37% believe mobile SMS-based authentication is the most secure. Both are highly susceptible to phishing attacks.
- No Personal Cybersecurity Audit: 22% of respondents have never done a personal cybersecurity audit to protect themselves online. Even with this uncertainty, 40% don’t think or aren’t sure if the online apps and services they use are doing enough to protect their data, accounts, and personal information.
- Compromised Passwords: The most commonly compromised passwords are on apps and services that hold the most confidential, financial, and personal information. Social media accounts top the list, with 44% of respondents reporting they’ve been compromised.
- No Cybersecurity Training: 40% of respondents have never received cybersecurity training from their organization, while only 27% believe the security options in place are very secure.
- Poor Onboarding: Over a third (34%) of respondents said they did not receive instructions to secure their work accounts with more than just a username and password when they first started working for their company.
According to Derek Hanson, Vice President of Standards and Alliances at Yubico, "The findings highlight the need for a holistic cybersecurity strategy that encompasses both home and work environments… By integrating advanced security measures into all aspects of our digital lives, we can better protect ourselves, our data, and our organizations."
It’s clear that humans are their own worst enemies when it comes to cybersecurity. The fact that people are still relying on outdated and insecure authentication methods, and that organizations are failing to provide adequate training and security measures, is a recipe for disaster. As AI-powered attacks continue to evolve, it’s only a matter of time before the consequences become dire.