Tag: government
-
What CISA and NSA’s ESF guidance means for critical infrastructure cybersecurity The Cybersecurity Infrastructure Security Agency (CISA) and the National Security Agency (NSA) recently collaborated to produce an important new document, “Identity and Access Management: Recommended Best Practices for Administrators.” Part of the Enduring Security Framework (ESF), it presents a distillation of identity access management (IAM) and cybersecurity guidance put forth by CISA to date, based […] Read more CISA critical infrastructure ESF government NIST -
Amazon Web Services announces support for FIDO2 security keys Amazon recently announced improved support for using FIDO2 security keys as an MFA device to log on to the Amazon Web Services (AWS) console. As a result, FIDO2 security keys like the YubiKey are now supported on AWS GovCloud (US region) – providing phishing-resistant MFA for all users. Additionally, AWS has improved their support for […] Read more Amazon Web Services AWS FIDO2 GovCloud government IAM -
CISA’s new Zero Trust Maturity Model gives MFA a push – Yubico The long-awaited second version of the Cybersecurity and Infrastructure Security Agency’s (CISA) Zero Trust Maturity Model (ZTMM) is here after more than a year of public comments and agency responses. The latest model points federal agencies, and all organizations that work with them, toward a Zero Trust security architecture. The White House laid the groundwork […] Read more CISA Executive Order government zero trust -
The White House’s National Cybersecurity Strategy and Pandemic Anti-Fraud Proposal: Three things you should do to respond now On March 2, the White House made a clear and important announcement to the tech sector regarding cybersecurity efforts moving forward: “We must rebalance the responsibility to defend cyberspace by shifting the burden for cybersecurity away from individuals, small businesses, and local governments, and onto the organizations that are most capable and best-positioned to reduce […] Read more Executive Order government National Cybersecurity Strategy zero trust -
The Key to election security: Q&A with Michael Kaiser, president and CEO of Defending Digital Campaigns The election ecosystem is a prime target for cybersecurity threats and the 2022 United States Midterm election cycle has been no different. Though many security improvements have been made in recent years, bad actors continue to become more sophisticated in gaining access to private information – often driven by phishing attacks. Officials in charge of […] Read more election security elections and political campaigns government Q&A -
NY Air National Guard uses YubiKey for network authentication Learn why NY ANG is looking to the YubiKey to allow secure authentication for guard members to a New York State emergency management system. Read more CAC government -
One northeastern U.S. state secured elections using MFA Election security is an increasing concern. One Northeastern state adopted mfa using hardware security keys to protect its voters Read more elections and political campaigns government MFA phishing-resistant MFA state and local government -
Cyber threats rise in Nordics in response to NATO applications The tragic events in Ukraine have forced neighboring states to suddenly reevaluate their defense policies. Finland, which shares over 1000km of border with Russia, is on high-alert while in recent months ordinary Swedes have rushed to join the Hemvärnet, Sweden’s military’s reserve force, in record numbers. Most notably, the threat of Russian attack has convinced […] Read more cybersecurity government MFA phishing-resistant MFA -
YubiKeys protecting critical IT infrastructure in Ukraine The Russian invasion of Ukraine is a battle in both the physical and the digital world. On both sides, information warfare plays a more critical part of the battlefield than any other war in human history, with the biggest attack vector and threat being weak login credentials. According to a Ukraine cybersecurity executive at a […] Read more authentication cybersecurity government MFA YubiKey -
Supply chain security in 2022 The SolarWinds and Colonial Pipeline security breaches are two (of many) incidents that have made supply chain attacks go mainstream. The primary challenge for businesses is that supply chain defense isn’t easy given the hundreds, if not thousands of entry points that need to be monitored along the way. But there are best practices that […] Read more cybersecurity government MFA supply chain YubiKey