Authentication remains one of the most painstaking challenges faced by CISOs in organizations large and small. This longstanding, fundamental element of security continues to cause headaches for security leaders seeking to identify and authorize users and devices often spread across different states, borders, and time zones. Meanwhile, persistent risks associated with ineffective authentication strategies and processes threaten businesses as they become more agile and remote, requiring security teams to rethink approaches to authentication in the modern landscape.
Authentication a significant obstacle for modern CISOs
Authentication continues to test CISOs for several reasons, with its modern definition being the first to address, Netskope CISO Lamont Orange tells CSO. “We use lots of terminology to describe what is meant to address the authentication and authorization methods required for devices, applications and systems, in addition to supporting security policies that govern this interaction. In the past, we have implemented authentication in very basic construct: If I need access, I must pass credential tests (login/password) for each user/service request without the use of MFA in most cases,” he says.
More Stories
Interpol Identifies Over 140 Human Traffickers in New Initiative
A new digital operation has enabled Interpol to identify scores of human traffickers operating between South America and Europe Read...
ICO Warns of Mobile Phone Festive Privacy Snafu
The Information Commissioner’s Office has warned that millions of Brits don’t know how to erase personal data from their old...
Friday Squid Blogging: Squid Sticker
A sticker for your water bottle. Blog moderation policy. Read More
Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe
OpenAI must also initiate a six-month public awareness campaign across Italian media, explaining how it processes personal data for AI...
Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers
The Security Service of Ukraine has accused Russian-linked actors of perpetrating a cyber-attack against the state registers of Ukraine Read...
LockBit Admins Tease a New Ransomware Version
The LockBitSupp persona said LockBit 4.0 will be launched in February 2025 Read More