Skip to content
Search
AI Powered
Latest Stories

Over half of businesses encounter cyber breach despite multi-factor authentication

Over half of businesses encounter cyber breach despite multi-factor authentication
Photo: iStock
Getty Images/iStockphoto

Over half of UK businesses experienced a cyber breach in 2023 despite an overwhelming majority having deployed multi-factor authentication (MFA), a new study has revealed.

An independent survey of more than 500 IT and cybersecurity professionals within UK businesses, commissioned by cyber security firm IDEE, found that 95 per cent of businesses have deployed some form of MFA, the method of verifying a user's identity that requires more than just a password.


However, 56 per cent of the businesses surveyed said they had experienced a cyber breach last year, with 26 per cent experiencing three or more breaches in the past 12 months alone.

In addition, while 46 per cent of cyber professionals described their MFA solution as ‘highly effective’, half (50%) said it is only ‘somewhat effective’.

“There is good MFA, and there is bad MFA. Worryingly, judging by the 50 per cent of MFA users describing their solution as merely being ‘somewhat effective’, UK businesses are putting far too much faith in bad MFA,” Al Lakhani, chief executive of IDEE, said.

“It beggars belief. Cyber breaches cause huge operational, financial, and reputational damage, so why are businesses not taking steps to address the weaknesses that their current solutions so obviously have? It’s like leaving your front door open when you go on holiday – you’re practically begging criminals to come into your house to steal your data or take over your accounts.

“The clock is ticking – it’s time for businesses to deploy authentication methods that can mitigate password-based, credential phishing and adversary-in-the-middle cyber threats that leverage ‘credentials’ as the initial access vector. This means investing in solutions grounded in strong digital identity proofing and transitive trust, in turn allowing businesses to improve their security and productivity with minimal time and resources. Let’s hope this data shocks a few more organisations into much-needed action.”

Headquartered in Munich, Germany, IDEE is the technology company behind AuthN, a client-less, passwordless MFA that can be deployed in minutes across the entire estate.