Loading...

Identity Authentication Key Piece of Cybersecurity Puzzle

September 22, 2021 by Victoria Turner
Identity Authentication Key Piece of Cybersecurity Puzzle
AT&T's latest policy forum event was “Identity Authentication: The Next Layer of Protection in a Robust Cybersecurity Strategy.” (Illustration via AT&T)

WASHINGTON — Identity authentication is taking a front-and-center role in the administration’s approach to ensuring robust cybersecurity across the U.S. government, according to Carole House, director of cybersecurity and secure digital Innovation at the White House National Security Council. 

It “sits at the heart of zero trust which was critical in the [cybersecurity executive order]…That’s critical since the federal government can no longer depend upon perimeter-based defenses to protect critical systems and data,” House said at Tuesday’s AT&T Policy Forum event, “Identity Authentication: The Next Layer of Protection in a Robust Cybersecurity Strategy.”

The cybersecurity order issued in May directed federal agencies to work towards a zero trust approach that assumes any hardware or software technology cannot be trusted. It was followed by the Office of Management and Budget releasing a draft on the federal strategy for how to accomplish the goal.

House said, “Identity also plays a key role in many other areas that the administration is pursuing – whether countering fraud or implementing beneficial ownership under the Corporate Transparency Act to counter illicit finance on corruption, or part of our resilience efforts under the counter ransomware approach for the U.S. government.

“The draft strategy points to identity being this first pillar,” which bolsters the order by helping “accelerate agencies towards a shared baseline of zero trust implementation and maturity.”

Most cyber crimes begin with breaching an identity authentication system, according to the panel following House. These cyberattacks have only increased throughout the pandemic and will keep coming

But it’s not just the federal agencies that are working towards more robust authentication and the adoption of a zero trust architecture. According to Ben Flatgard, executive director for cybersecurity at JPMorgan Chase, it is at the “core” of the financial services company’s strategy to protect its enterprise and its clients. 

Flatgard, who worked as NSC’s cybersecurity director for eight years, explained that the OMB strategy focuses on identification authentication: phishing proof, multi-factor authentication, and deploying supportive technologies to these means.

Ten years ago, he added, people were not filing their mortgage and credit card applications through their phones as they are today. This “huge influx of native digital engagements” opens a door for companies like his to provide underserved communities access to credit and financial services, by “[capturing] people’s interest where they’re at and that is increasingly on the phone.” 

The high volume of digital engagement has also opened the door to more cyber crimes. During the pandemic, state unemployment systems provided “hundreds of billions of dollars” in federal benefits to the states, which had no remote verification controls, said Jeremy Grant, managing director of technology business strategy at Venable.

“Organized crime immediately looked at it and made a beeline for it,” he said, causing the government to lose tens of billions of dollars. 

Despite digital literacy’s importance in fostering proper cyber hygiene, expecting everyone to understand it and practice it in their everyday life may be expecting too much.

“It’s not really on the customer on the identity proofing side, it’s on industry and government to partner better together to exchange information in appropriate ways when what customers ask for it,” Flatgard said. The government and the private sector should provide the products and solutions with the safeguards already built into their design, Flatgard said, which just points back to zero trust architecture as opposed to having them download apps or figure it out themselves. 

This is where public-private partnering would accelerate the zero trust build-out, Grant said. ZenKey, for example, is in the midst of a pilot project with the Department of Health and Human Services to narrow the number of requests the agency needs to send to verify one identity.

The “fragmented landscape” of all the sensitive information floating around needs to be reduced, he said, as it not only adds a layer of complexity to the user but increases the entry points for breaches. To tackle this, ZenKey allows for the portability of the user’s sensitive information regardless of whether you change phones or providers.

As the “only massively recognized authoritative issuer of identity,” the government has to “play more of a direct role” in setting the security and privacy “high bar,” Grant said, and working with the private sector to identify solutions that are also interoperable and easy to use.

In The News

Health

Voting

Technology

August 5, 2022
by Madeline Hughes
New FCC Programs Tackle Affordability Gap in Digital Divide

WASHINGTON — The Federal Communications Commission Friday unanimously approved two new grant programs for its Affordable Connectivity Program.  So far... Read More

WASHINGTON — The Federal Communications Commission Friday unanimously approved two new grant programs for its Affordable Connectivity Program.  So far 13 million households have signed up for the program that gives Americans stipends of $30 for internet access each month. On tribal lands, the stipend is... Read More

August 4, 2022
by Madeline Hughes
Internet as a Relocation Incentive

BEMIDJI, Minn. — Lush forests, gleaming lakes and fast fiber optic internet have been the selling points for officials in... Read More

BEMIDJI, Minn. — Lush forests, gleaming lakes and fast fiber optic internet have been the selling points for officials in a small northern Minnesota city of about 15,000 to lure new residents to the area. Following in the footsteps of states like Vermont and West Virginia... Read More

August 4, 2022
by Madeline Hughes
Smart Mailbox Makes Its Debut Monday

INDIANAPOLIS — In 2014, years before a pandemic would make grocery delivery the norm and Amazon would deliver over a billion packages a... Read More

INDIANAPOLIS — In 2014, years before a pandemic would make grocery delivery the norm and Amazon would deliver over a billion packages a year, Dan O’Toole knew people would need a new kind of mailbox, especially with automated delivery via drones. That’s when he created Dronedek, a “smart mailbox”... Read More

July 29, 2022
by Madeline Hughes
FCC Opens Spectrum Auction

WASHINGTON — Friday morning the Federal Communications Commission kicked off a spectrum auction, allowing telecommunications companies to possibly buy more... Read More

WASHINGTON — Friday morning the Federal Communications Commission kicked off a spectrum auction, allowing telecommunications companies to possibly buy more than 8,000 licenses in the 2.5 GHz band. The licenses are mostly available in rural parts of the country, according to the commission. “We all know... Read More

July 29, 2022
by Madeline Hughes
Democrats Revive Fight for Net Neutrality

WASHINGTON — Two senators and a member of the House of Representatives are working to ensure internet providers deliver equitable... Read More

WASHINGTON — Two senators and a member of the House of Representatives are working to ensure internet providers deliver equitable service to customers, banning the practice of throttling service and blocking access to certain content. Sens. Ed Markey, D-Mass., and Ron Wyden, D-Ore., and Rep. Doris... Read More

July 29, 2022
by Madeline Hughes
House Sends CHIPS Act to Biden

WASHINGTON — The House sent the $280 billion CHIPS and Science Act to President Joe Biden’s desk with a ​​243-187... Read More

WASHINGTON — The House sent the $280 billion CHIPS and Science Act to President Joe Biden’s desk with a ​​243-187 vote Thursday afternoon just before starting its August recess. The legislation aims to reinvigorate the tech economy by subsidizing the production of semiconductor chips — the... Read More

News From The Well