Name: The dark side of mobile authentication
Start: 2023-08-29T16:00:00Z
End: 2023-08-29T16:00:53.000Z
Location: BrightTALK
Rating: 3.7

Yubico, the inventor of the YubiKey, makes secure login easy and available for everyone. Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based authentication security at scale. 

YubiKeys are the gold standard for phishing-resistant multi-factor authentication (MFA), enabling a single device to work across hundreds of consumer and enterprise applications and services. Yubico’s technology enables secure authentication, encryption, and code signing and is used and loved by many of the world’s largest organizations and millions of customers in more than 160 countries. 

Aligned with its mission of making the internet more secure for everyone, Yubico donates YubiKeys to organizations helping at-risk individuals through the philanthropic initiative, Secure it Forward. Yubico is privately held, with presence around the globe and offices in Palo Alto, San Francisco, Seattle, and Stockholm. For more information, please visit: www.yubico.com.

Protecting critical infrastructure against cyber attacks is of urgent importance across the world. With most cyber attacks, malicious actors don’t break in, they log in—using stolen credentials acquired through phishing. Once accounts are breached, attackers can steal data, damage critical systems or wreak havoc using ransomware.  Multi-factor authentication (MFA) is the single most important defense, but not all forms of MFA are created equal. 

Join Yubico for a roundtable discussion to learn about:
- How not all forms of multi-factor authentication (MFA) are created equal 
- The need for adopting phishing-resistant MFA to secure user access
- Deployment best practices for securing critical infrastructure gathered from numerous global deployments across variety of sectors 

In an interconnected ecosystem strengthening our cybersecurity posture is an important step toward winning the fight against cyber crime.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Best practices to secure critical infrastructure with phishing-resistant MFA

Many enterprises operate in Microsoft environments to drive daily business operations and support their frontline workers wherever they are at. By combining Yubico's security expertise with Microsoft's software and platform capabilities, the two companies have been able to innovate in the authentication space and deliver tremendous value to customers providing tools to keep employees productive and secure even while on the go. 

Attend this webinar to learn more about the current cybersecurity landscape and how partnerships like the one between Yubico and Microsoft play a crucial role in driving the adoption of standards and technologies that raise the bar for enterprise security. Ultimately, with a frictionless but secure user experience, organizations can empower their users to work freely anywhere, while keeping their digital accounts and customer data safe. 

In this webinar, we will go over some of the latest innovations:

- Surface Pro 10 for Business with passwordless NFC authentication via a YubiKey
- Bring a secure desktop with you anywhere with Azure Virtual Desktop and YubiKeys
- Phishing-resistant and productivity while on the go from your mobile devices

More to come!

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Yubico | Microsoft: On-the-go enterprise authentication, at speed and scale

To reinforce the government’s defenses against increasingly sophisticated and persistent threat campaigns, the May 12, 2021 White House Executive Order 14028 on Protecting the Nation’s Cybersecurity, and subsequent Office of Management and Budget Memo OMB M-22-09 set forth a Federal Zero Trust Architecture strategy and a new baseline for access controls, requiring agencies to meet specific cybersecurity standards and objectives by the end of fiscal year 2024. But as we approach the September deadline, many agencies may still be facing challenges in meeting these requirements. 

Attend this webinar to learn best practices from government executives on their agencies' journeys, how they navigated challenges and pitfalls to achieve compliance and what steps your agency can take right now to show intent and progress toward phishing-resistant MFA.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Meeting the Sept 2024 White House phishing-resistant MFA deadline

Over 2023, passkeys have seen a huge increase in adoption across enterprise and consumer applications. While any passkey is more secure than a password, and other forms of legacy MFA, there still exists security concerns around the concept of “syncable passkeys”. Enterprises, and organizations bound by regulation, may be required to utilize FIDO2 credentials that are bound to a single device. With this in mind, the big question is how do I restrict my application to only utilize device-bound passkeys?

Join Yubico’s Developer Program as we dive into the technical details on how to establish a WebAuthn relying party that is able to discern between a syncable and device-bound passkey to then take the appropriate action based on your security policies, and user needs.

By the end of this webinar you will have the knowledge, tools, and resources needed to build a passkey application that can be used for high assurance scenarios.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Developing passkey applications for high assurance scenarios

The primary  point for most cyber attacks—phishing, ransomware, and data theft—due to stolen credentials, making the need for stronger authentication practices imperative. The Payment Card Industry Data Security Standard (PCI DSS) holds organizations worldwide accountable for implementing higher levels of cybersecurity to safeguard sensitive information like payment card information (PCI), employee and customer personal identifiable information (PII).

With PCI DSS v3.2.1 sunsetting at the end of March 2024, meeting version PCI DSS v4.0 will be top of mind across industries like financial services, retail, hospitality, telcos—truly any and all entities involved in payment processing. Attend this webinar to learn about:

- Embracing the move to PCI DSS 4.0 compliance guidelines and what this means for your authentication strategy 
- How not all forms of multi-factor authentication (MFA) are created equal 
- The need for adopting phishing-resistant MFA using device-bound passkeys for user access to critical systems and customer-facing digital services 
- Prioritizing cybersecurity investments to protect against cyber threats.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

How to bolster your authentication strategy for PCI DSS 4.0

It is more vital than ever to maintain robust data security and easy information sharing across the Department of Defense (DoD). Previously, DOD professionals relied upon issuance of credentials stored on single-protocol smart cards, creating UX complexity, an increased cost of supporting devices, and limited usage across devices and systems. Phishing-resistant multi-factor authentication (MFA) is quickly becoming the new bulwark against modern cyber threats, including emerging quantum threats.  

To optimize information sharing, provide robust data protection, and ensure that agencies continue to safeguard the nation’s most sensitive information, a Zero Trust security model with a strong identity credentialing and access management (ICAM) stack that supports secure credential issuance on an AAL3 phishing-resistant authenticator, is key. Each of these requirements would be supported by an approved multi-protocol, multi-factor, AAL3 hardware authenticator that has a valid FIPS 140-2 certification.

This session will describe the value of modern authentication, phishing-resistant protocols, and how hardware-based multi-protocol authenticators can secure users across the Department of Defense.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Securing the Department of Defense in 2024 with phishing-resistant MFA

In today's ever changing cyber-threat landscape, moving from passwords to a phishing resistant solution is imperative. YubiKeys offer a powerful hardware-backed phishing resistant MFA solution. But rolling out YubiKeys at scale in large organizations presents both opportunities and challenges.

This webinar will dive into the world of YubiKey implementation, exploring:

The undeniable benefits: Secure your access, eliminate password phishing, and streamline user experience.
Potential pitfalls: Managing logistics, user adoption, and ongoing support - what you need to know.
Introducing Intercede MyID: Your key to YubiKey success. Discover how MyID simplifies deployment, streamlines lifecycle management, and empowers administrators.
Join us for this in-depth session as we navigate the YubiKey journey, equipping you with the knowledge and tools to elevate your organization's rollout strategy with confidence.

Bonus: We'll also cover real-world use cases and best practices for successful YubiKey rollouts!

By attending this webinar, you'll learn:

- How YubiKeys can significantly improve your organization's security posture.
- The practical considerations for deploying YubiKeys at scale.
- How Intercede MyID can simplify and optimize your YubiKey implementation.
- Tips and best practices for a smooth and successful rollout.
- Don't fall victim to a phishing attack. Embrace the security revolution with YubiKeys and Intercede MyID CMS.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Securing Your Organization with YubiKeys at Scale with Intercede MyID

Join us for this unique webinar where CQURE’s Paula Januszkiewicz and YUBICO’s Joost van Dijk delve into the crucial aspects of secure credential storage: multifactor and passwordless authentication, biometric solutions, phishing resistance, and the role of FIDO2 in enhancing security. Come and enjoy this intensive webinar filled with engaging stories and demos!

Do cached credentials bring any danger? Can we just extract them and crack the password or use the value to carry out a pass-the-hash attack? One thing is for sure: Paula and her team made a DPAPI world discovery where they have reverse-engineered this mechanism to tell you right now how it works and if it is safe. What about other places where credentials are stored? Paula will demonstrate the technology weaknesses in credential security and specific misused actions within the operating system. You will learn the unexpected places your passwords reside, how password attacks are performed, the typical paths where credentials can be leaked, and how to prevent these by implementing various solutions.

The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Understand Credential Security: Managing Your Identity with CQURE

Ensuring strong security for access to enterprise apps and services is an urgent need across all industries to protect against modern cyber threats. Many organizations have adopted MFA, but want to move to stronger phishing-resistant MFA. Join this webinar to learn about:

- The value of true phishing-resistant MFA
- Key considerations when building your modern MFA strategy
- Deployment best practices to adopt phishing-resistant MFA and speed and scale


Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Devising a modern, phishing-resistant MFA strategy and deployment best practices

Passkeys are passwordless-enabled FIDO credentials that deliver phishing-resistance and accelerate a move away from problematic passwords that are easily breached. Over the last year passkeys as a concept has really gained momentum as consumers and organizations alike are assessing what passkeys are and their benefits. And there is not just one type of passkey. It seems that every other day there is a new type of passkey on the scene ranging from synced passkeys to device-bound passkeys. But which one is right for your organization?

Attend this webinar to learn about:

- The different types of passkey implementations including synced passkeys, device-bound passkeys on general purpose devices vs device-bound passkeys on devices purpose-built for security
- Why enterprises should consider the user on-boarding, credential recovery, compliance and risk exposure aspects when deciding the right passkey strategy
- Gain an understanding of real life enterprise scenarios and how to avoid common security and usability pitfalls

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Enterprise passkey implementations: Key considerations and tradeoffs

To help bring clarity to the rapidly evolving authentication landscape, Enterprise Management Associates (EMA) has conducted primary research into business and end user requirements, perceptions, and outcomes in the usage of password and passwordless authentication technologies. The results present a clear snapshot of where the identity management market is today and the direction it is heading. Join Christopher Steffen, VP, Research at EMA, for a half-hour presentation revealing the results of this study for the first time.

Topics to be covered include:
- The greatest security risks posed by the continued use of passwords
The types of authentication technologies users prefer to use as both employees and consumers
- How to reduce time, efforts, and costs associated with managing user identities
- The amount of actual work time employees spend authenticating using modern identity and access processes and how to make them more productive
- How impactful FIDO adoption has been on improving identity security, user experiences, and manageability
- The impact of MFA on workforce productivity
- Which passwordless technologies are most effective at addressing modern and emerging business requirements

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Transcending Passwords: Emerging Trends in Authentication

In the dynamic landscape of cybersecurity, the urgency to eliminate passwords as a security vulnerability has never been more critical. The 2023 Verizon Data Breach Investigations Report underscores the staggering impact of breaches caused by stolen credentials, accounting for a staggering 74% of incidents. In response, the paradigm shift towards robust, phishing-resistant Multi-Factor Authentication (MFA) and passwordless access gains prominence as an imperative defense against evolving threat vectors, including phishing and ransomware attacks.

Join us for an insightful webinar as we delve into the groundbreaking approach of "Accelerating Phishing-Resistant MFA and Passwordless with Fast, Out-of-the-Box FIDO Activation with Okta." This innovative session will empower organizations with the tools and knowledge to enhance their cybersecurity posture and amplify operational efficiency.


Confidentiality and Data Processing:

The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc

Fast, Out-of-the-Box FIDO Activation with Yubico and Okta

We’re more online now than ever, and as our online activity continues to grow, we also make ourselves vulnerable to growing cyber threats from bad actors. During the 2022 holiday season alone, consumers spent $211.7 billion, an increase of 3.5% year over year, per Adobe Analytics. As online spending continues to rise, it’s more crucial than ever to ensure online accounts are secure. According to a new global study by Yubico, while 80% of adults are concerned about cybersecurity when it comes to their online accounts, nearly 40% admitted to using the same password for multiple accounts.

Join this webinar, and hear from our security experts to better understand the current cyber threat landscape, and learn best practices to stay secure online through the holiday season and beyond.

Confidentiality and Data Processing: The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Holiday shopping is underway: are you protecting yourself online?

Passkeys are the long awaited replacement for passwords.  While passwords have been the primary standard in securing user accounts, they are not without issues. Passwords are easy to forget, and easily phishable, which has led to security breaches in various industries. Passkeys are meant to address this challenge and accelerate widespread adoption of passwordless authentication for consumers and organizations. And while there are many ways to get to a passwordless state, it’s important to remember that one size does not fit all. And organizations don’t have to choose one or the other and rather can use a hybrid approach to achieve passwordless goals to secure different users in the organization. 

Attend this webinar to learn about:
- The different passwordless options such as Smart Card/PIV and FIDO-based approaches
- How passkeys fit in the landscape of passwordless options
- Security, usability and manageability implications of each option  
- Customer examples of moving to passwordless using one or more approaches

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Many roads to passwordless: How passkeys fit in the modern landscape

As more consumers and businesses consider a move to passwordless authentication in a bid to move away from weak passwords that are susceptible to phishing attacks, the concept of passkeys has gained traction. Passkeys are a new concept in the industry that accelerate a move to passwordless. However, not all passkeys are the same and come with specific security and compliance tradeoffs for the enterprise. Join our webinar to learn about common enterprise scenarios where synced passkeys may create some chilling failure points, and other more effective and secure passkey alternatives that put your business in the best security and compliance posture.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Passkeys for your Enterprise? Key considerations for success

An IndustryWeek, Plant Services, and Smart Industry-hosted webinar sponsored by Yubico and Schneider Electric.

Critical infrastructure industries are prime targets for cyberattacks, and more than 70% of breaches exploit stolen credentials. Multi-factor authentication (MFA) should be a first-line defense of any cybersecurity strategy to protect critical data, information technology (IT) and operational technology (OT) environments from ransomware and other cyberattacks. But not all forms of MFA are created equal.  

Join us to hear from thought leaders at Schneider Electric and Yubico as they discuss the role of phishing-resistant authentication and hardware backed security using Zero Trust principles across your company and supply chain.  

You will learn:  

- Schneider Electric’s journey to using modern phishing-resistant FIDO protocols to secure users, IT and OT environments, such as SCADA systems.
- How Schneider Electric is protecting critical infrastructure through their IEC-62443 certified solutions for users and hardware-backed security for devices, positioning them well to meet higher-level cybersecurity regulations in the future.
- Best practices that can apply to your organization and how phishing-resistant MFA is a business differentiator and can even help drive revenue.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Safeguard IT/OT Ecosystems Using Zero Trust Principles

Unraveling the risk and cost of legacy MFA

Modern cyber threats are increasing in scale so ensuring strong security for access to enterprise applications and services is a critical need across all industries. Also highlighted by many recent high profile attacks and the subsequent evolving regulatory landscape toward phishing-resistant authentication. Many organizations are now moving away from user name and passwords to multi-factor authentication (MFA), but not all forms of MFA are created equal. Organizations adopting mobile-based MFA such as SMS, OTP and push notification apps are leaving themselves open to attack while also increasing their operating expenditures.

In this session, we will unravel the dark side of mobile authentication.
Attendees will learn: 

- The top 5 mobile authentication misconceptions
- How modern phishing defeats basic MFA
- Why and how the YubiKey stops phishing attacks and account takeovers
- Best practices to get started with phishing-resistant MFA

The dark side of mobile authentication

Security

Authentication

Multi-Factor Authentication

yubico

yubikey

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Health IT

Healthcare

Join this new, vibrant community to learn and connect with top thought leaders, startups and banks who are disrupting the financial services industry. Keep up with the latest news and trends in Fintech and take part in lively debates on topical issues and challenges.

Fintech

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

The dark side of mobile authentication

Presented by

About this talk

More from this channel