"Only a third (33 percent) of the 650 cybersecurity leaders in North America and Europe said they were unconcerned about the security their vendor offered against phishing and AI-assisted attacks, according to Duo. The identity and access management (IAM) biz thinks this can be explained by a number of factors, such as overly complex security solutions, a lack of visibility into potential weaknesses, and perhaps chief among all of them is that identity security is treated as an afterthought."
"MFA and the like are supposed to stop the large majority of these kinds of attacks from ever being successful. But workarounds are always being devised, social engineering and insider threats are always a danger, and that's not even accounting for when account security is implemented improperly. The Cisco offshoot said the majority of those in security leadership positions remain concerned that not all devices and apps used across the business are MFA-secured,"
Infosec professionals are losing confidence in identity providers' ability to keep attackers out. Only a third of 650 cybersecurity leaders in North America and Europe reported being unconcerned about vendor protection against phishing and AI-assisted attacks. Overly complex security solutions, limited visibility into weaknesses, and treating identity security as an afterthought are cited as primary causes. Attacks targeting user logins have surged, making credential theft a major investigative focus. MFA often fails due to workarounds, social engineering, insider threats, and improper implementation. Many organizations worry not all devices and apps are MFA-secured, and skepticism about passwordless solutions persists.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]