Authentication is a foundational element of every cybersecurity program. With more than 80% of data breaches and most ransomware incidents stemming from credential-based attacks (e.g., phishing, credential stuffing, RDP brute, etc.), it has become clear that passwords are a fatally flawed authentication method. Unfortunately, many common solutions are “band-aids” on top of passwords and are lacking from both a security and user experience perspective. Replacing passwords as an authentication factor is finally possible. While eliminating passwords is a critical step in stopping credential-based attacks, it is just a first step on the journey to advanced authentication and access control needed to achieve zero trust.
Discussion points in this presentation will include:
- A brief history of authentication
- Changing requirements in the new work from home(or anywhere) business model and cloud-centric architectures
- Can we gain risk-reduction improvements by converging the traditionally disparate identity and security processes and technologies?
- A case for continuous user authentication
- What is device risk and why is the real-time assessment of endpoint security important
