Understanding and planning for phishing-resistant MFA in OMB M-22-09

Presented by

Eric Mill, OMB; Derek Mueller, CISA; Grant Dasher, CISA; Jerrod Chong, Yubico

About this talk

The May 12, 2021 White House Executive Order 14028 on Protecting the Nation’s Cybersecurity, and subsequent Office of Management and Budget Memo OMB M-22-09 set forth a Federal Zero Trust Architecture strategy and a new baseline for access controls, requiring agencies to meet specific cybersecurity standards and objectives by the end of fiscal year 2024 in order to reinforce the government’s defenses against increasingly sophisticated and persistent threat campaigns. M-22-09 highlights the critical MFA gap that exists with the many mobile-based approaches to MFA that will not protect against sophisticated phishing attacks; and it requires agencies to ensure users and customers use a phishing-resistant method to access agency-hosted accounts.The question for many is what does phishing-resistant MFA entail, operationally how do you plan for it and how do you ensure it continues to meet your long-term security plans. Watch this webinar to hear from government and industry executives on how they are moving to phishing-resistant PIV and the FIDO2/WebAuthn authentication standards by end of fiscal year 2021. The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (136)
Subscribers (25507)
Yubico, the inventor of the YubiKey, makes secure login easy and available for everyone. Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based authentication security at scale. YubiKeys are the gold standard for phishing-resistant multi-factor authentication (MFA), enabling a single device to work across hundreds of consumer and enterprise applications and services. Yubico’s technology enables secure authentication, encryption, and code signing and is used and loved by many of the world’s largest organizations and millions of customers in more than 160 countries. Aligned with its mission of making the internet more secure for everyone, Yubico donates YubiKeys to organizations helping at-risk individuals through the philanthropic initiative, Secure it Forward. Yubico is privately held, with presence around the globe and offices in Palo Alto, San Francisco, Seattle, and Stockholm. For more information, please visit: www.yubico.com.