Successful account takeovers are one of the most common ways that organizations end up with attackers in their systems. But strong authentication can thwart even the most clever phishing campaigns, says Brett Winterford, regional chief security officer for APJ at Okta.
The divide between mobile app detection and IAM has fueled cyber incidents and breaches as remote work has expanded. Workers using personal smartphones don't want to install corporate endpoint management products but still need to ensure both user and device are protected, says RSA CEO Rohit Ghai.
Why is credential stuffing hard to solve? Are weak passwords the only reason behind credential stuffing attacks? Experts Sanjay Singh, head of DevSecOps at Games24x7, and Navaneethan M., CISO at Groww, explain how geo-based authentication, user behavior analytics and monitoring can detect breaches.
In this white paper, you’ll learn:
How digital transformation is prompting a shift toward passwordless authentication
The problem with passwords as a form of authentication
The business benefits of passwordless
What passwordless authentication means
How passwordless enables zero trust
The five-step path to...
In Part 3 of a three-part video series, CyberEdBoard member Andrew Abel, a cybersecurity and zero trust consultant, and Chase Cunningham, CSO at Ericom Software, describe the operational and business benefits of creating an identity strategy.
In the latest weekly update, ISMG editors discuss the implications of the former Uber CSO's guilty verdict for the rest of the industry, the growing problem of keyless car theft, and the latest progress toward a passwordless future revealed at the annual FIDO Alliance conference.
Organizations can improve security with modern authentication protocols, but the big message to the marketplace is that FIDO Passkeys give customers more convenience and deliver a consistent user experience, according to panelists on the final day of FIDO Alliance's Authenticate 2022 Conference.
In Part 2 of this video series, CyberEdBoard member Andrew Abel, a cybersecurity and zero trust consultant, and Chase Cunningham, CSO at Ericom Software, explain why organizations need to think about identities in the context of humans and nonhumans, their roles and their risks.
Multifactor authentication needs to move away from one-time passwords sent via text message and embrace modern standards that prevent man-in-the-middle attacks. Plus, excessive identity challenges online lead to 20% of e-commerce transactions being abandoned, say experts at Authenticate 2022.
Multifactor authentication should be the default, not an option, says U.S. Cybersecurity and Infrastructure Security Agency Director Jen Easterly. She told an industry conference that vendors should "forcefully nudge" users into MFA and offer a more complete feature set for users who want it.
Multifactor authentication was supposed to be the standard, but the sharp rise in highly successful MFA bypass attacks shows the industry needs to go further in verifying identities. Keynote speakers at Authenticate 2022 said the future of passwordless technology could answer this latest threat.
Year after year, cybersecurity researchers report that
compromised user credentials are the cause of more
than 80% of data breaches and ransomware losses.
Your organization needs an innovative and effective way to keep
hackers out of any network.
Download here to garner insights into a multi-factor...
The latest ISMG Security Report examines whether banks should be held liable for the rapidly increasing Zelle fraud problem, explores the latest M&A activity among IAM vendors, and discusses the implications of the new legal framework for personal data transfers between the U.S. and Europe.
The frequency of ransomware attacks as part of a data breach more than doubled last year putting every organization at increased risk. Current authentication methods are outdated and broken. However, as the attacks from threat actors have advanced, so must the technology of MFA.
MFA is no longer the sole province...
In Part 1 of a three part-video series, Andrew Abel, a cybersecurity and zero trust consultant and CyberEdBoard member, and Chase Cunningham, CSO at Ericom Software, share tips on how to create an identity strategy within the broader context of zero trust.