▾ G11 Media Network: | ChannelCity | ImpresaCity | SecurityOpenLab | Italian Channel Awards | Italian Project Awards | Italian Security Awards | ...
InnovationOpenLab

Secret Double Octopus Releases 2026 State of Identity Security in Financial Organizations Report

Secret Double Octopus (SDO), the leader in enterprise-grade passwordless authentication, today announced the release of its 2026 State of Identity Security in Financial Organizations report. The study...

Immagine

Survey of 200 IAM Leaders Reveals a Dangerous Confidence Gap: 82% Trust Their Authentication Controls Even as Phishing Surges and Just 28% of MFA Is Phishing-Resistant

MENLO PARK, Calif.: Secret Double Octopus (SDO), the leader in enterprise-grade passwordless authentication, today announced the release of its 2026 State of Identity Security in Financial Organizations report. The study, based on a survey of 200 IAM leaders and stakeholders at financial services firms across the US and Canada, exposes a sharp disconnect between how protected these organizations believe they are and what their own responses reveal about the maturity of their identity security controls.

The headline finding is a confidence gap that should concern every security leader in the sector. While 94% of respondents reported that phishing attacks increased over the past year and only 28% of the MFA they use for workforce authentication is phishing-resistant, a striking 82% said they are confident their current controls can mitigate account takeover risk. As phishing-resistant and passwordless authentication become the regulatory baseline for strong authentication, that confidence looks increasingly difficult to justify.

Coverage Is Partial, and the Gaps Are Hiding in Plain Sight

The study finds that MFA coverage across financial organizations is fragmented. SaaS applications are protected at a relatively high rate of 74%, but legacy systems lag far behind at just 50%. This matters because legacy still dominates the environment: 54% of organizations report that at least half their applications and infrastructure are legacy, rising to 79% among those who cite regulatory compliance as a top driver to modernize. Many organizations also run strong and weak authentication methods side by side, which masks gaps and creates a false sense of security.

Passwordless Adoption Remains Stalled

Only 15% of workforce authentication flows in financial services are passwordless. Many methods marketed as passwordless still keep the password behind the scenes, where users are sometimes still required to type it in or periodically change it, leaving it exposed to theft, phishing, or compromise. A true passwordless approach removes the password from the flow entirely rather than merely hiding it. The most-cited obstacles to universal phishing-resistant MFA are technical or architectural complexity (79%), cost and budget constraints (53%), and the inability to support legacy apps and infrastructure (51%).

"The most alarming finding in this report is not the size of the gaps but how confident financial organizations feel despite them," said Raz Rafaeli, CEO and Co-Founder of Secret Double Octopus. "Strong-sounding MFA is not the same as phishing-resistant MFA, and partial coverage leaves the most sensitive systems exposed. The encouraging part is that these gaps are solvable today, including on legacy and on-prem systems, without rearchitecting or replacing the infrastructure organizations already rely on."

About the Survey

The 2026 State of Identity Security in Financial Organizations report was administered online by Global Surveyz Research, an independent global research firm. Responses were collected during April 2026 from 200 IT, cybersecurity, and identity security decision-makers at banks, credit unions, investment firms, and loan providers across the US (80%) and Canada (20%), split evenly across four company-size bands.

The full report is now available at https://hubs.ly/Q04nJLTB0.

About Secret Double Octopus

Secret Double Octopus is a pioneer in enterprise-grade passwordless authentication. Its patented ZeroPassword™ technology eliminates all user-managed passwords and delivers phishing-resistant MFA for every login, even across legacy and on-prem systems. By removing passwords, SDO minimizes the attack surface and identity-related costs while improving user experience and operational efficiency. The company's solution is deployed by Fortune 500 companies and leading service providers across heavily regulated industries including finance, defense, and critical infrastructure.

Fonte: Business Wire

If you liked this article and want to stay up to date with news from InnovationOpenLab.com subscribe to ours Free newsletter.

Related news

Last News

RSA at Cybertech Europe 2024

Alaa Abdul Nabi, Vice President, Sales International at RSA presents the innovations the vendor brings to Cybertech as part of a passwordless vision for…

Italian Security Awards 2024: G11 Media honours the best of Italian cybersecurity

G11 Media's SecurityOpenLab magazine rewards excellence in cybersecurity: the best vendors based on user votes

How Austria is making its AI ecosystem grow

Always keeping an European perspective, Austria has developed a thriving AI ecosystem that now can attract talents and companies from other countries

Sparkle and Telsy test Quantum Key Distribution in practice

Successfully completing a Proof of Concept implementation in Athens, the two Italian companies prove that QKD can be easily implemented also in pre-existing…

Most read

Kioxia Commences Sample Shipments of 10th-Generation BiCS FLASH™ Devices…

Kioxia Corporation, a world leader in memory solutions, today announced that it has commenced sample shipments of 1Tb (terabit) Triple-Level-Cell (TLC)…

Second Front and Cohere Successfully Deploy Sovereign AI Infrastructure…

#ai--Second Front Systems (2F) and Cohere today announced the successful deployment of Cohere North in a live edge environment in the United Arab Emirates…

Nexus Innovation Hub Opens in a Tier 2 City in India with Seven AI & Tech…

#AI--The Nexus Innovation Hub, a 200-seat technology and product-development facility in Nellore, a Tier-2 City in Andhra Pradesh has officially launched…

Circus Completes Acquisition of Belgian Food Robotics Company Alberts

Circus SE (WKN: A2YN35 / ISIN: DE000A2YN355 / XETRA: CA1) announces the completion of the full acquisition of Belgian food robotics company Alberts, as…

Newsletter signup

Join our mailing list to get weekly updates delivered to your inbox.

Sign me up!