Australian Businesses Predicted to Ditch Passwords Amid Cybersecurity Push
Australian businesses are under pressure to bolster their cybersecurity measures, with at least 50% of large enterprises predicted to remove passwords this year. This shift comes as the Verizon Data Breach Investigations Report highlights the vulnerability of weak or stolen credentials, which account for 80% of cyber risks.
The push for stronger authentication methods is driven by the potential for hefty fines in case of data breaches, with penalties reaching up to $50 million for businesses and $2.5 million for individuals. While multi-factor authentication (MFA) and password management improvements are being adopted, full password removal in large-scale organisations remains a work in progress.
The FIDO Alliance is addressing this gap by defining standards for identity proofing. Standards-based biometrics with liveness detection can further enhance security controls, preventing spoofing of authentication processes. Impersonation-resistant technology is expected to be crucial in 2023, as cybercriminals become increasingly adept at bypassing traditional security measures. Recent attacks, such as the September 2022 breach at Uber, underscore the need for robust authentication methods.
Verifiable credentials are gaining traction, as simply authenticating users without verifying their identity is ineffective. Misuse of credentials poses a significant risk to businesses, making impersonation-resistant authentication a necessary measure. As cyber threats evolve, Australian businesses are urged to stay ahead by embracing these advanced security measures.
