Yubico’s Global State of Authentication Survey 2025 reveals Singapore’s cybersecurity paradox: strong awareness and MFA adoption, but persistent exposure to breaches
Singaporeans are among the most vigilant globally when it comes to cybersecurity, leading the Asia-Pacific region in multi-factor authentication (MFA) adoption and ranking among the most concerned about AI-driven threats. Yet despite these strengths, nearly half of Singapore workers continue to interact with phishing attempts – exposing sensitive personal and workplace data.
These findings were revealed in Yubico’s annual Global State of Authentication Survey 2025, released in conjunction with October’s Cybersecurity Awareness Month. The comprehensive study, conducted by Talker Research, surveyed 2,000 employed adults in Singapore. It gathered insights from 18,000 respondents across nine countries, including Australia, France, Germany, India, Japan, Singapore, Sweden, the United Kingdom, and the United States.
The survey explored individuals’ cybersecurity habits in both their workplace and personal lives. It also examined the dangers of weak security practices, and evaluated the growing concerns around emerging technologies like Artificial Intelligence (AI) and their implications for both organizational and individual security.
“Our survey revealed a disconnect. Individuals are complacent about securing their own online accounts, and organizations appear slow to adopt security best practices,” said Ronnie Manning, chief brand advocate, Yubico. “It’s not surprising that phishing continues to be one of the easiest ways for hackers to get in, and in fact 44% of survey respondents said they have interacted with a phishing message in the last year. To close the gap, strong, phishing-resistant authentication, education and action must go hand-in-hand.”
The Singapore findings reveal a striking cybersecurity paradox in the city-state: while Singaporeans demonstrate exceptional awareness of emerging threats, they continue to experience significant security breaches., This highlights the urgent need for phishing-resistant solutions as Singapore advances its Smart Nation ambitions.
Singapore Leads in Threat Recognition and AI Concerns
Singapore workers demonstrate among the highest levels of cybersecurity vigilance globally, with 89% expressing concern about AI’s impact on account security – the second-highest rate among all surveyed markets. An overwhelming 85% of Singaporeans also recognized that phishing attempts are becoming more sophisticated, underscoring the population’s acute awareness of evolving cyber threats.
“Singapore’s workforce is clearly aware of the escalating threat landscape, particularly around AI-enhanced attacks,” said Geoff Schomburgk, Vice President, Asia Pacific and Japan at Yubico. “However, our survey findings reveal that awareness alone isn’t sufficient protection. Singapore’s workers face some of the highest breach rates globally, highlighting the critical need for phishing-resistant authentication solutions.”
Strong MFA Adoption Masks Persistent Vulnerabilities
Singapore leads the Asia-Pacific region alongside Australia in personal MFA adoption, with 78% of respondents using MFA for personal accounts. The country also demonstrates impressive workplace authentication sophistication, with 43% of employees using mobile TOTP/push authenticator applications at work, nearly double the global average.
However, this strong security posture hasn’t prevented significant security incidents:
· 44% of Singapore workers admitted to interacting with phishing messages in the past year, matching the global average despite higher awareness levels
· 26% reported their social media accounts have been hacked
· When breaches occur, Singaporeans frequently disclose sensitive information: 30% revealed email addresses, 23% phone numbers, and 22% full names to phishers
Workplace Security: Leading in Training, Lagging in Results
Singapore organizations demonstrate a strong commitment to cybersecurity infrastructure:
· 60% of companies use MFA across all applications, well above the global average of 48% but down from 68% in 2024’s survey
· 64% of workers received cybersecurity training from their employers, higher than global levels but still leaving nearly one in three without formal preparation
· 86% feel their company’s security measures are appropriate for their role
Despite these positive indicators, workplace data exposure remains a concerningly high, with 22% of Singaporean workers accidentally disclosing their work email addresses, 17% of their full names, and 16% of their phone numbers to phishing attackers.
The Authentication Method Gap
While Singapore workers show sophisticated understanding of secure authentication methods, with 54% identifying mobile TOTP/push applications as the most secure option (compared to 35% globally), traditional username/password combinations remain prevalent:
· 58% still use username/password for work accounts
· 63% rely on username/password for personal accounts
Among non-MFA users, 43% cite unfamiliarity as the primary barrier, indicating education remains crucial for closing security gaps.
Smart Nation Cybersecurity Implications
The findings arrive as Singapore continues advancing its Smart Nation initiatives, where robust cybersecurity becomes increasingly critical for digital transformation success. The survey data suggests that while the city-state has built strong cybersecurity awareness and adoption foundations, the sophisticated threat landscape requires evolution beyond traditional security measures.
“Singapore’s position as a regional digital hub makes these findings particularly significant,” noted Schomburgk. “The high breach rates despite strong awareness levels demonstrate that phishing-resistant authentication isn’t just beneficial, it’s essential for maintaining Singapore’s regional leadership and success in the digital economy.”
Yubico recommends Singapore organizations implement phishing-resistant methods like hardware security keys, expand beyond awareness training to hands-on deployment, and leverage the country’s strong mobile authentication adoption as a foundation for advanced security tools.
The complete survey methodology involved 2,000 employed adults in Singapore, conducted by Talker Research between August 15-27, 2025, using random double-opt-in sampling methods. To explore the full global survey results and practical recommendations, visit the Yubico website.
Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!