Ping Identity has released the findings of its new survey shedding light on the concerns of businesses over their fraud prevention strategies in countering AI threats.
The report, based on responses from 700 IT decision-makers across UK, the US, France, Germany, Australia, and Singapore, reveals 62% of UK respondents are not very confident their organisation has the identity management tools to defend against bad actors’ use of AI – the lowest rate of confidence felt globally compared to 48% of U.S. respondents saying the same.
The urgency to manage AI-related identity risks, including deepfakes, is low in the UK with around one third (35%) already having a strategy in place to manage threats of this nature, compared 55% of French respondents and 42% of German respondents. With failure to adequately prepare leaving organisations exposed to identity cybercrime and reputational, financial, and regulatory repercussions, it’s positive that 58% of UK executives are planning to increase their investments to keep up with new threats over the next 12 months.
“To stand a chance against advancing identity fraud tactics, businesses must leverage more advanced technologies,” said Patrick Harding, Chief Product Architect at Ping Identity. “Only 45% of global organisations have implemented multi-factor authentication (MFA), meaning the majority have left themselves critically exposed to cybercriminals leveraging sophisticated AI tactics.”
Ping Identity’s research also found that decentralised Identity (DCI) is an untapped opportunity globally, but better education is needed in the UK to improve adoption. In fact, 95% of global businesses (and 82% in the UK) think decentralised identities would be valuable to their customers and employees - citing benefits like greater integration, quicker/faster identity verification and increased user control - but nearly half (46%) of UK respondents would require improved training and education on it to encourage adoption more widely.
“Fraud is on the rise, and it’s getting worse with AI. Smart leaders know they need to level up yet so many organisations don’t have the right guardrails in place to mitigate or prevent these kinds of threats. The longer they go without, the more they put themselves in harm’s way. Acting against tomorrow’s attacks means planning – and getting started – now,” added Jamie Smith, Decentralised Identity Expert.
The other top takeaways for IT decision-makers include:
Organisations have protections against identity fraud, but UK relies on multi-factor authentication in place of more advanced technologies.
· Majority (59%) of UK respondents admit they have 2FA or MFA in place to protect employees and customers against fraud while half use biometrics to protect employees and customers against fraud.
· 40% of UK organisations have one-time passcode authentication in place.
· Alarmingly, nearly a third (32%) still use knowledge-based authentication, i.e., childhood pets, mother’s maiden name.
Business’ competing priorities user experience and securing sensitive data.
· The top business priorities for decision-makers in the UK are providing a good user experience (47%), protecting sensitive data (43%), and reducing financial/reputational loss (42%).
· With that, 43% of UK respondents admit they struggle to balance security needs with the need to ensure users are not overburdened or experiencing friction in the user experience.
· What’s more, over a third (37%) of UK respondents admit to lacking the in-house skills needed to implement ID verification measures and therefore make the logging-in process more seamless.