RSA, an identity security specialist, has released its inaugural ID IQ Report that showed artificial intelligence (AI) has the potential to become mission-critical to cybersecurity.
The study, whose findings are gleaned from RSA’s IQ Quiz of some 2,350 respondents worldwide, assesses and baselines users’ identity security knowledge, capabilities, and perceptions regarding AI’s role in cybersecurity.
Key Findings from the Report
Highlights from the report showed that:
- The gap in users’ identity security knowledge gives cyber criminals an opening.
- Respondents trust technological innovations for their security and privacy.
- Unmanaged mobile devices are prime targets for identity compromise.
- Fragmented identity solutions are driving up costs and slowing down productivity.
Top level findings include:
- 91% of respondents believe AI has a role in improving identity security.
- 75% trust technology for their security and privacy more than their partner, closest friend, or financial advisor.
- 30% of all respondents reported that they were prevented from accessing the systems needed to do their work at least once a week.
- Among self-described identity and access management (IAM) experts in the study, 65% did not accurately select best practices to reduce phishing and 42% underestimated the frequency with which users recycle their passwords.
The Identity Security Imperative
Jim Taylor, RSA chief product officer, explained how the report’s results reveal why organizations need to invest in unified identity solutions and integrate AI to keep employees up to date:
“Growing numbers of users, devices, entitlements, and environments are overburdening IAM specialists — they just can’t keep up. Identity plays critical roles across organizations, and for organizations to stay secure and compliant, identity needs to excel in each of those roles.”
Drill down results include:
- Nearly two-thirds (64%) of respondents put more trust in technical innovations like a password manager with securing their information than their partner, closest friend, or financial advisor.
- 63% of respondents could not accurately identify the identity components needed to move organizations toward zero trust.
- 64% of respondents did not select the best practice technologies for reducing phishing.
- 55% did not understand the full scope of identity capabilities that can improve an organization’s security posture.
- 91% of respondents believed that AI could detect suspicious authorizations and access attempts, identify irregularities in entitlements, and recognize vulnerabilities on mobile devices.
- 72% believe that people frequently use personal devices to access professional resources.
- 97% of cybersecurity experts said that users opened more emails on their phones than on desktops, had more difficulty scrutinizing those emails on mobile devices, used personal devices to access professional resources, and/or that unmanaged devices don’t have the same security capabilities as managed devices.
- 73% of respondents either didn’t know or significantly under-valued the cost of a password reset, including nearly half of all self-described IAM experts. With each password reset costing upwards of $70, resets can account for nearly half of all IT help desk costs.
- 30% of all respondents reported that they were prevented from accessing the systems needed to do their work at least once a week.
RSA chief executive Rohit Ghai said the report shows why users’ knowledge of identity give cyber criminals “openings to exploit.”
“The RSA ID IQ Report reveals why identity is one of the most susceptible ways for cybercriminals to breach an organization — users simply don’t understand identity’s full cybersecurity role, the risks that identity poses, or the ways to use identity to build safer organizations.”
