Cyber Defense eMagazine December Edition for 2021

More documents

Recommendations

Info

lock-in, and lets organizations take advantage of any MFA method, including the latest and safest authentication standards, such as FIDO2. The example comes from above Due to the fact that MFA is a method that effectively protects organizations against phishing and credential theft, governments of many countries around the world have also become interested in its adoption. A few months ago, on May 12, 2021, there was big news in the cybersecurity world - the president Joe Biden signed an executive order to improve the nation's cybersecurity. The order called for the implementation of two-factor authentication (2FA) for the entire government within 180 days. And at September's Authenticate Virtual Summit, users, experts and vendors from around showed many case studies of how strong authentication helps with securing online identities. Participants, including representatives from the UK's National Health Service (NHS), US’s login.gov and the Internal Revenue Service (IRS), agreed that authentication and protection of digital identities is a top priority today and in the future. FIDO2 rules 2021 has shown that the way world governments think about MFA is fundamentally changing. The role of FIDO2, a global, open authentication standard developed by the FIDO consortium and then approved by the W3C (World Wide Web Consortium), is growing rapidly. It seems that FIDO2 authentication is no longer just yet another authentication option but it is becoming the preferred choice of many government institutions as well as private organizations. How does it look in practice? For example, the governmental Canadian Digital Service has implemented hardware security keys that support all FIDO2-based methods. The authentication process with their help is very simple - when logging in, e.g. to email, you have to enter the password and additionally authenticate by inserting the security key into the USB port and pressing a button. In case of CZ.NIC, the Czech DNS registry, also accredited by the national digital identity provider and by eIDAS mojeID, 800,000 users can log in to government services based on FIDO2 from September 2021. In Sweden, a digital identity system has been implemented in the educational eduID portal with support for authentication using the Universal Second Factor FIDO (U2F) protocol. In the USA, the American Login.gov service is based on the FIDO2 standard as well, and in the United Kingdom the UK National Health Services Login application uses biometrics. Similar practices are followed by the Korean government - a second component, fingerprint biometrics for 14 million users - and Thailand, has a dedicated website that helps organizations set up multi-factor authentication using FIDO technology. Overall, the government's move towards MFA to provide a scalable and cost-effective form of strong authentication is perfectly understandable. Governments and public organizations are forced by the Cyber Defense eMagazine – December 2021 Edition 74 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
constant exposure of countries to attacks by frequent cyberattacks as well as the growing pressure to increase access to public information and accelerate action - especially in times of a pandemic - simply forces governments to take steps that will ensure sensitive data to be protected with the highest possible measures. Hopefully the public officials and decision-makers will take into account the global adoption of MFA, and not only secure a fraction of government infrastructure with MFA. Only the global approach and the introduction of the zero trust security model has a chance to solve problems of identity theft and data leaks. About the Author Marcin Szary, CTO & co-founder, Secfense. Marcin Szary is a co-founder, CTO, and the person responsible for Secfense architecture and product development. Marcin has almost 20 years of technical experience with a focus on the security and identity management space. Before Secfense he held the position of CTO in multiple startups in the mobile, telecom, and security space. He was held responsible for R&D operations in the area of multi-factor authentication, mobile payments, notification services within GSM networks, and more. Marcin can be reached online at marcin@secfense.com, Marcin Szary | LinkedIn and at our company website https://secfense.com/ Cyber Defense eMagazine – December 2021 Edition 75 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
9 Ways Social Media Sabotages Your
Page 3 and 4:
How Do You Secure the Modern Supply
Page 5 and 6:
@CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 7 and 8:
Cyber Defense eMagazine - December
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24: Cyber Defense eMagazine - December
Page 39 and 40: With over 4 billion users, social m
Page 41 and 42: Unsecure Mobile Networks When using
Page 43 and 44: However, as concerning as these pra
Page 45 and 46: Danny Lopez, CEO, Glasswall “Duri
Page 47 and 48: estoring data. Modern organizations
Page 49 and 50: When Diplomacy, Finance and Tech Co
Page 51 and 52: Another way leaders can take initia
Page 53 and 54: How Covid-19 Changed Advertising Fo
Page 55 and 56: However, this shift might not be su
Page 57 and 58: Why MFA Alone Isn’t Enough for Tr
Page 59 and 60: just highlights how vulnerable most
Page 61 and 62: on channels like email. This starts
Page 63 and 64: 3 Best Practices to Avoid Inevitabl
Page 65 and 66: For example, an employee may become
Page 67 and 68: and outcomes is essential for proje
Page 69 and 70: Electric Vehicle Charging: The Next
Page 71 and 72: Going forward, EV dealers, charging
Page 73: How does this relate to MFA? Well,
Page 77 and 78: Why do you need a malware sandbox?
Page 79 and 80: Multi-Cloud Security and Compliance
Page 81 and 82: If security controls are not consol
Page 83 and 84: How Do You Secure the Modern Supply
Page 85 and 86: The case for isolation Supply chain
Page 87 and 88: Don’t Take Yourself Out of The Ga
Page 89 and 90: The U.S. Government Accountability
Page 91 and 92: assessment criteria for the tasks f
Page 93 and 94: the file. This was a great techniqu
Page 95 and 96: the wake of the pandemic where the
Page 97 and 98: Certain communications are protecte
Page 99 and 100: At Salt Communications we work with
Page 101 and 102: And it’s only getting worse. If y
Page 103 and 104: The benefits are great When HDOs ha
Page 105 and 106: 4 Pillars of Privacy-Preserving AI
Page 107 and 108: concern and a desire to be cautious
Page 109 and 110: and stay safe online. That’s why
Page 111 and 112: 2. Enabling over-the-horizon threat
Page 113 and 114: Techniques Used by Hackers to Bypas
Page 115 and 116: Phishing scams avoid email security
Page 117 and 118: ATO Detection Account takeover bene
Page 119 and 120: How To Protect Your Digital Legacy
Page 121 and 122: I worked with cybersecurity experts
Page 123 and 124: Sextortion Email Scams What to Do a
Page 125 and 126:
Sextortion attacks are a type of cy
Page 127 and 128:
How to respond to a sextortion emai
Page 129 and 130:
Example 2:'You've been hacked' emai
Page 131 and 132:
How can this strategy be implemente
Page 133 and 134:
Surviving The New Era of Terabit-Cl
Page 135 and 136:
accompanying shift toward more digi
Page 137 and 138:
Survey results show businesses are
Page 139 and 140:
Enterprises Cannot Achieve Zero Tru
Page 141 and 142:
Capital One breach back in 2019. Ad
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
Page 153 and 154:
Page 155 and 156:
Page 157 and 158:
Page 159 and 160:
Page 161 and 162:
CyberDefense.TV now has 200 hotseat
Page 163 and 164:
Books by our Publisher: https://www
Page 165 and 166:
Page 167 and 168:
show all

Cyber Defense eMagazine December Edition for 2021

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?