Yubico joins CISA and the Joint Cyber Defense Collaborative’s High-Risk Communities Protection initiative to continue helping secure high-risk individuals and organizations

We’re honored to share that today we are joining the Cybersecurity & Infrastructure Security Agency (CISA) as they launch a new webpage to provide resources for high-risk individuals and organizations to receive the tools they need to protect themselves online. This webpage is the product of the Joint Cyber Defense Collaborative’s (JCDC) High-Risk Communities Protection cyber defense planning effort, which brought together industry and civil society champions to bolster cyber protections for high-risk communities. 

Joining CISA’s new HRCP initiative provides Yubico with the opportunity to further our mission of putting YubiKeys in the hands of people that need it most through our Secure it Forward program. The program supports organizations and nonprofits focused on protecting human rights and freedom of speech, upholding election integrity and furthering diversity in tech, and was founded on the idea that vulnerable populations shouldn’t have to worry about their digital security.

Mary Mangione, who leads Yubico’s Secure it Forward program, said “When CISA approached us to join the High-Risk Communities Protection (HRCP) initiative, it was a natural fit for Yubico. At our core, we work to make the internet more secure and that includes making security accessible for those who need it most. We’re thrilled that our Secure it Forward program will be featured in CISA’s ‘Cybersecurity Resources for High-Risk Communities’ collection to give individuals and organizations the opportunity to use YubiKeys to uplevel their account security.”

When we look at high-risk users, many face serious physical security threats that often stem from digital ones. For example, if a high-risk individual is sharing information about their current location in an app, they likely have that tied to their email account. If a hacker is able to obtain access to their email, they now may be able to access the app, which then can give them details on the high-risk individuals location. Digital security doesn’t always become top of mind when thinking about physical security, but with sensitive information like location sharing, upleveling online account security is paramount.

There are simple steps that high-risk users can take to protect themselves online, with one of the most important being enabling multi-factor authentication (MFA) whenever and wherever possible. MFA combines something you know (i.e. your password) with something you have (i.e. a physical security key like the YubiKey) and together, creates an extra layer of security. MFA solutions that do not require a password — such as a passkey — can also be protected by YubiKeys. Without physically having access to your security key, a bad actor won’t be able to access your account. The keys protect against today’s modern phishing attacks and provide peace of mind that sensitive information stays secured.

Over the last decade, Yubico has donated YubiKeys to high-risk individuals and organizations in over 20 countries and has focused on educating communities about the importance of strong phishing-resistant MFA through our Secure it Forward best practices guide for high-risk individuals and organizations. This guide, along with information on our Secure it Forward program, is now available on CISA’s High-Risk Communities Protection webpage as a resource for strong account security. 

To learn more about JCDC’s High-Risk Communities Protection cyber defense planning effort, visit here. If you’re a journalist, organization or nonprofit focused on protecting human rights and freedom of speech, upholding election integrity, or furthering diversity in tech, we’d love to chat with you. You can learn more about our Secure it Forward program here, including an application to be considered for a YubiKey donation.

Talk to our teamTalk to our team

Share this article:


  • Goodbye master passwords: Dashlane and Yubico enhance credential vault encryption and login with YubiKeysAt Authenticate 2025 this week, the world’s leading experts on modern authentication and securing digital identities gathered, to discuss the future of secure authentication and achieving usable security across the account lifecycle. The message was clear: the future of phishing-resistant authentication is using passkeys for encryption, and the gold standard is device-bound passkeys – YubiKeys. […]Read morecredential vault encryptioncredential vault loginDashlanepartnerpasskey encryptionPRF
  • Piloting Europe’s future ID: Passkeys securing digital walletsOver the last several years, passkeys have become ubiquitous. They are available on every mobile platform, in every leading browser, as part of all major enterprise IAM solutions, and in most major cloud services. Until wwWallet came along, the only place where passkeys hadn’t yet made an impact is in the rapidly developing world of […]Read moredigital identity walletspasskeysSIROSwwWallet
  • We’re excited for what’s to come – meet us in-person to find out whyIt’s been a busy year for our team, filled with exciting company and product updates aimed at better serving our customers and helping them achieve cyber resilience as AI-driven phishing threats continue evolving globally. Between industry award recognitions and key new executive leadership hires to lead Yubico to its next stage of growth and a […]Read more
  • FIPS certified vs. FIPS compliant: What’s the real difference?“Is your MFA solution FIPS compliant, or is it certified?”  This is a question we hear a lot, and for good reason. In industries where security and compliance are critical (especially in government contracts), understanding the difference between FIPS certified and FIPS compliant isn’t just semantics – it can mean the difference between meeting requirements […]Read moreFIPSNIST