Through its own primary research, Nok Nok has been aware that limited business data exists about the state of today’s system-level authentication processes and its relation to the business impact of authentication failures. As the first initiative of its kind to address this gap, the Ponemon Institute, working with Nok Nok, launched an industry survey of businesses with current digital transformation projects underway.
The key finding of this Ponemon Study is that there exists a gap between IT security and line of business managers in understanding the various risks and impacts facing their organizations from authentication failures.
Learn The Costs Of Authentication
This is one of the major takeaways from a study called “The Costs of Authentication Failure and Negligence,” conducted last summer by the Ponemon Institute for Nok Nok. According to this research where more than 1,000 corporate participants were interviewed, it’s not just a customer inconvenience that arises from authentication failures. Organizations are spending on average $3M annually on these failures and the maximum single loss ranges from $39M to $42M.
These losses include costs associated with downtime and business disruptions while security teams resolved various issues, loss of customers and the lingering effects of poor brand perception. On a corporate scale, the severity of system-level failures grows enormously. It’s one thing if one customer can’t remember a password, but quite another thing if many can’t. Similarly, one person with a seized account or data held for ransom is bad, but an entire organization is catastrophic. The most common reason for these breaches is authentication failures, such as clients taking their business elsewhere due to being unable to remember password guidance or simply being unwilling to comply and going to an organization that offers more convenient but less secure protocols.
This masterclass is hosted by Nok Nok and presented by various experts in the industry, including:
Larry Ponemon, Founder & Chair Ponemon Institute
Phil Dunkelberger, President & CEO, Nok Nok Labs
Jim Delli Santi, VP Marketing & Strategic Initiatives, Nok Nok Labs
Close to half of those surveyed agreed that authentication failures represent a significant security challenge for their companies, and preventing these failures is difficult because today’s MFA solutions negatively impact user experience. And sadly, more than 60% of the respondents detect more than ten monthly authentication failures, with an average downtime experienced by the respondents with these failures is about six hours a month.
There are several reasons for authentication failures, according to the survey respondents.
First, criminals using stolen credentials are hard to identify and distinguish from actual employees. Only 13% of the respondents said that it was either easy or not difficult to find the miscreants. About a third of the respondents say their companies have good visibility into credential theft attacks. The survey considered thefts of the user’s actual password rather than random guesses, using that account to make fraudulent purchases or other transactions, and steal confidential data.
Second, only 19% feel that they have a high level of control over their authentication processes. Next, a total of 33% think that more than half of these failures remain undetected, and two-thirds claimed that the frequency (and 55% for the severity) of these failures has increased in the past year.
Sign up for the masterclass to gain even more valuable insights about the costs of authentication failures. If you’re interested in learning about the FIDO protocol and moving to a password-free system, read here to learn more.