Tag: security

Jul 19, 2021

People matter: How to solve security skills shortage challenges

The skills shortage in the security industry stretches as far back as we can remember having an industry. Everyone knows it’s a challenge with no easy short-term solutions. The root of the security skills shortage gap remains murky, and some observers say the pandemic and reallocations of security resources could be widening that gap. The

Emerging Technology Horizon for Information Security

What is IP Spoofing?

Learn More DNS Spoofing Man-in-the-middle attacks Credential Stuffing Developer Resources What is U2F? Developer FAQ

What is IAM (Identity and access management)?

Learn More Secure remote workers from cyberattacks YubiKey Integrations Developer Resources What is U2F? Best practices for WebAuthn deployment

Doing the Math: Why strong authentication for every employee makes sense

By now, it’s an all-too-familiar routine… Step 1: Organization suffers an expensive and embarrassing security breach.  Step 2: Organization hastily introduces multi-factor authentication (or steps up its efforts to mandate its usage).  Oftentimes, it takes a breach to make organizations fully embrace strong authentication. But why? We know that usernames and passwords alone cannot provide sufficient security, and we know that SMS two-factor authentication (2FA) has been deprecated time

Wrapping up 2020: A year where technology and internet security prevailed

Never has the world been more dependent on the internet, and never has it been more attacked than in 2020. In fact, it proved to be a year where trust in many of our systems was challenged. Yet I remain an eternal optimist and believe that we can transform the hard lessons learned in 2020

4 things ‘Among Us’ can teach security professionals about authentication

You’re making good progress on this task. One more data upload and then you’re out of here. But right before you can complete the upload, a klaxon blares. There’s been an attack! Time to head to the meeting room for the usual finger-pointing and scapegoating before the team decides who to jettison from the ship.

Lessons from the SolarWinds incident

Last week, a large and expertly run espionage operation was made public — one that began no later than October 2019, and which had been actively exploiting victims since at least early 2020. This incident is particularly interesting for several reasons: for the breadth of sensitive global government and industry targets, for misuse of a

What is FIPS 140-2?

Other than government do any other industries use FIPS 140-2? Learn More FIPS 140-2 validated YubiKey Series blog YubiKey FIPS Series Developer Resources YubiKey Hardware What is PIV?

Two-factor authentication (2FA)

Types of two-factor authentication