Loading...

Identity Authentication Key Piece of Cybersecurity Puzzle

September 22, 2021 by Victoria Turner
AT&T's latest policy forum event was “Identity Authentication: The Next Layer of Protection in a Robust Cybersecurity Strategy.” (Illustration via AT&T)

WASHINGTON — Identity authentication is taking a front-and-center role in the administration’s approach to ensuring robust cybersecurity across the U.S. government, according to Carole House, director of cybersecurity and secure digital Innovation at the White House National Security Council. 

It “sits at the heart of zero trust which was critical in the [cybersecurity executive order]…That’s critical since the federal government can no longer depend upon perimeter-based defenses to protect critical systems and data,” House said at Tuesday’s AT&T Policy Forum event, “Identity Authentication: The Next Layer of Protection in a Robust Cybersecurity Strategy.”

The cybersecurity order issued in May directed federal agencies to work towards a zero trust approach that assumes any hardware or software technology cannot be trusted. It was followed by the Office of Management and Budget releasing a draft on the federal strategy for how to accomplish the goal.

House said, “Identity also plays a key role in many other areas that the administration is pursuing – whether countering fraud or implementing beneficial ownership under the Corporate Transparency Act to counter illicit finance on corruption, or part of our resilience efforts under the counter ransomware approach for the U.S. government.

“The draft strategy points to identity being this first pillar,” which bolsters the order by helping “accelerate agencies towards a shared baseline of zero trust implementation and maturity.”

Most cyber crimes begin with breaching an identity authentication system, according to the panel following House. These cyberattacks have only increased throughout the pandemic and will keep coming

But it’s not just the federal agencies that are working towards more robust authentication and the adoption of a zero trust architecture. According to Ben Flatgard, executive director for cybersecurity at JPMorgan Chase, it is at the “core” of the financial services company’s strategy to protect its enterprise and its clients. 

Flatgard, who worked as NSC’s cybersecurity director for eight years, explained that the OMB strategy focuses on identification authentication: phishing proof, multi-factor authentication, and deploying supportive technologies to these means.

Ten years ago, he added, people were not filing their mortgage and credit card applications through their phones as they are today. This “huge influx of native digital engagements” opens a door for companies like his to provide underserved communities access to credit and financial services, by “[capturing] people’s interest where they’re at and that is increasingly on the phone.” 

The high volume of digital engagement has also opened the door to more cyber crimes. During the pandemic, state unemployment systems provided “hundreds of billions of dollars” in federal benefits to the states, which had no remote verification controls, said Jeremy Grant, managing director of technology business strategy at Venable.

“Organized crime immediately looked at it and made a beeline for it,” he said, causing the government to lose tens of billions of dollars. 

Despite digital literacy’s importance in fostering proper cyber hygiene, expecting everyone to understand it and practice it in their everyday life may be expecting too much.

“It’s not really on the customer on the identity proofing side, it’s on industry and government to partner better together to exchange information in appropriate ways when what customers ask for it,” Flatgard said. The government and the private sector should provide the products and solutions with the safeguards already built into their design, Flatgard said, which just points back to zero trust architecture as opposed to having them download apps or figure it out themselves. 

This is where public-private partnering would accelerate the zero trust build-out, Grant said. ZenKey, for example, is in the midst of a pilot project with the Department of Health and Human Services to narrow the number of requests the agency needs to send to verify one identity.

The “fragmented landscape” of all the sensitive information floating around needs to be reduced, he said, as it not only adds a layer of complexity to the user but increases the entry points for breaches. To tackle this, ZenKey allows for the portability of the user’s sensitive information regardless of whether you change phones or providers.

As the “only massively recognized authoritative issuer of identity,” the government has to “play more of a direct role” in setting the security and privacy “high bar,” Grant said, and working with the private sector to identify solutions that are also interoperable and easy to use.

Technology

November 23, 2021
by Dan McCue
Pixstory Striving to Address the Need for User Safety On Social Media

WASHINGTON - The speaker was anguished, there wasn’t any mistaking that. “Maybe I was just too caught up in my... Read More

WASHINGTON - The speaker was anguished, there wasn’t any mistaking that. “Maybe I was just too caught up in my own life to realize what was going on with my friends and acquaintances,” he said. “But there’s nothing wrong with unfriending somebody. Couples break up all... Read More

November 22, 2021
by Kate Michael
Experts Say XR Tech Is More Than Gaming and Entertainment

WASHINGTON — The lines just keep blurring between the physical and online worlds, with the pandemic accelerating the adoption of... Read More

WASHINGTON — The lines just keep blurring between the physical and online worlds, with the pandemic accelerating the adoption of immersive technologies that merge the physical world with digital or simulated reality. But while many are familiar with some type of extended reality, which is a... Read More

November 22, 2021
by Kate Michael
Klobuchar Weighs in on CAP’s New Report on Tech Regulation

WASHINGTON — Sen. Amy Klobuchar, D-Minn., has been on a crusade for swift and sweeping reform of Big Tech platforms,... Read More

WASHINGTON — Sen. Amy Klobuchar, D-Minn., has been on a crusade for swift and sweeping reform of Big Tech platforms, introducing a number of bills and even publishing a book titled “Antitrust” that looks at the history of policy toward trusts and monopolies and details how... Read More

November 17, 2021
by Alexa Hornbeck
FDA Issues New Guidance For Use Of AI In Health Care

WASHINGTON — The U.S. Food and Drug Administration recently partnered with Health Canada and the UK’s Medicines and Healthcare products... Read More

WASHINGTON — The U.S. Food and Drug Administration recently partnered with Health Canada and the UK’s Medicines and Healthcare products Regulatory Agency to issue guiding principles to align efforts and standards for artificial intelligence and machine learning medical device development in health care.  “The FDA believes... Read More

November 17, 2021
by Victoria Turner
Officials Say Automation Won’t Replace Humans

WASHINGTON — Automation will not replace people nor take their jobs, according to two government officials who are implementing robotic... Read More

WASHINGTON — Automation will not replace people nor take their jobs, according to two government officials who are implementing robotic process automation programs at federal agencies.  In fact, automation will allow federal employees to accomplish more than that they could have otherwise, said Gabrielle Perret, director... Read More

November 16, 2021
by Reece Nations
Meta Policy Update Complicates Midterm Outreach

SAN ANTONIO — Political organizations are preparing to modify their outreach approach ahead of Meta Platforms’ removal of some detailed... Read More

SAN ANTONIO — Political organizations are preparing to modify their outreach approach ahead of Meta Platforms’ removal of some detailed targeting options in January. New limits on advertisers' ability to target users based on their interactions with social media content were announced in a blog post... Read More

News From The Well
Exit mobile version