2014 has been labeled the year of hacks. The list of companies that reported security incidents throughout the year reached historic numbers, leading to millions of compromised customer credit cards and nearly incalculable corporate losses. Let’s put all the cyber crime into perspective – A recent survey conducted by Ponemon calculated the average cost of cyber crime across vertical markets in 2014:
– US Retailers lost an average of $8.6 million per company
– Financial services – $20.8 million
– Technology sector – $14.5 million
– Communications industries – $12.7 million
Despite the damages and costs incurred, the volume of breaches brought much needed attention to the vulnerability of online security. Another Ponemon study found the majority (68%) of North American organizations agree there’s a need for more secure authentication methods over the traditional username and password method. As an alternative, nearly half of IT professionals surveyed (46%) plan to extend the usage of SMS-based two-factor authentication (2FA) in 2015 for identity verification and activation of online services for their customers.
Free eBook: Modern Retail Security Risk – Get your copy now.
Due to its trifecta of advantages – cost effective, user friendly, and high quality security – the adoption of SMS-based 2FA will see a significant surge in 2015. Consumers will also be more active participants in protecting their personal information, thereby constituting a paradigm shift from previous years. Given its expansive reach and out-of-band mechanism that works for almost everyone – most of the world has access to SMS – companies will fix the implementation challenges they currently face and make SMS-based 2FA work for their users. Especially as more Cloud technologies emerge, consumers will start seeing brands make 2FA mandatory on their sites in an effort to thwart further hacks and protect user identities. Only as secure as their weakest link, companies can no longer afford the cost of cyber breaches.
By Thorsten Trapp, Co-Founder and CTO, Tyntec
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.