The majority of businesses continue to struggle with cybersecurity efforts, according to a new survey conducted by Decision Analyst and commissioned by SecureAuth + Core Security. Weak cybersecurity practices can be attributed to the misalignment of cybersecurity measures and identity practices, said the Wednesday press release.

Some 59% of the 202 enterprise IT decision makers surveyed in the report said that cybersecurity and identity decisions are kept separate in their company, leaving organizations much more vulnerable to attack and more likely to have slower remediation after being breached.

SEE: Password management policy (Tech Pro Research)

The research also revealed a correlation between the size of an organization and size of the identity/cybersecurity gap: Larger organization means larger gap. Nearly a quarter (24%) of IT leaders from large companies (over 5,000 employees) admitted to being siloed in seeing threats, network issues, malware, and other cybersecurity procedures, according to the report.

Widening the gap even further, tech managers reported that they aren’t sure who all has access to what assets in the company. One in five respondents said that many users are approved access to systems without careful review, leaving IT leaders unsure as to who has access to what information in the organization, the report found.

In an effort to prevent cybercriminal activity, organizations are pushing for multi-factor authentication that goes through multiple security steps to verify a user. However, the majority (63%) of respondents said they experience backlash from employees resistant to initiating this security measure.

And with 25% of employees already using the same password for every account, according to a previous report, they are even more at risk of attack. In order for companies to stay protected, they must change their passwords regularly, and implement multifactor authentication into their systems.

The big takeaways for tech leaders:

  • With cybersecurity breaches still running rampant, it is essential for companies to take measures to protect themselves, like changing passwords and adopting multi-factor authentication.
  • The main reason for the cybersecurity vulnerability is the gap between cybersecurity practices and identity decisions gap, preventing people from focusing on the major security risks.