Identity Authentication Key Piece of Cybersecurity Puzzle

September 22, 2021 by Victoria Turner
Identity Authentication Key Piece of Cybersecurity Puzzle
AT&T's latest policy forum event was “Identity Authentication: The Next Layer of Protection in a Robust Cybersecurity Strategy.” (Illustration via AT&T)

WASHINGTON — Identity authentication is taking a front-and-center role in the administration’s approach to ensuring robust cybersecurity across the U.S. government, according to Carole House, director of cybersecurity and secure digital Innovation at the White House National Security Council. 

It “sits at the heart of zero trust which was critical in the [cybersecurity executive order]…That’s critical since the federal government can no longer depend upon perimeter-based defenses to protect critical systems and data,” House said at Tuesday’s AT&T Policy Forum event, “Identity Authentication: The Next Layer of Protection in a Robust Cybersecurity Strategy.”

The cybersecurity order issued in May directed federal agencies to work towards a zero trust approach that assumes any hardware or software technology cannot be trusted. It was followed by the Office of Management and Budget releasing a draft on the federal strategy for how to accomplish the goal.

House said, “Identity also plays a key role in many other areas that the administration is pursuing – whether countering fraud or implementing beneficial ownership under the Corporate Transparency Act to counter illicit finance on corruption, or part of our resilience efforts under the counter ransomware approach for the U.S. government.

“The draft strategy points to identity being this first pillar,” which bolsters the order by helping “accelerate agencies towards a shared baseline of zero trust implementation and maturity.”

Most cyber crimes begin with breaching an identity authentication system, according to the panel following House. These cyberattacks have only increased throughout the pandemic and will keep coming

But it’s not just the federal agencies that are working towards more robust authentication and the adoption of a zero trust architecture. According to Ben Flatgard, executive director for cybersecurity at JPMorgan Chase, it is at the “core” of the financial services company’s strategy to protect its enterprise and its clients. 

Flatgard, who worked as NSC’s cybersecurity director for eight years, explained that the OMB strategy focuses on identification authentication: phishing proof, multi-factor authentication, and deploying supportive technologies to these means.

Ten years ago, he added, people were not filing their mortgage and credit card applications through their phones as they are today. This “huge influx of native digital engagements” opens a door for companies like his to provide underserved communities access to credit and financial services, by “[capturing] people’s interest where they’re at and that is increasingly on the phone.” 

The high volume of digital engagement has also opened the door to more cyber crimes. During the pandemic, state unemployment systems provided “hundreds of billions of dollars” in federal benefits to the states, which had no remote verification controls, said Jeremy Grant, managing director of technology business strategy at Venable.

“Organized crime immediately looked at it and made a beeline for it,” he said, causing the government to lose tens of billions of dollars. 

Despite digital literacy’s importance in fostering proper cyber hygiene, expecting everyone to understand it and practice it in their everyday life may be expecting too much.

“It’s not really on the customer on the identity proofing side, it’s on industry and government to partner better together to exchange information in appropriate ways when what customers ask for it,” Flatgard said. The government and the private sector should provide the products and solutions with the safeguards already built into their design, Flatgard said, which just points back to zero trust architecture as opposed to having them download apps or figure it out themselves. 

This is where public-private partnering would accelerate the zero trust build-out, Grant said. ZenKey, for example, is in the midst of a pilot project with the Department of Health and Human Services to narrow the number of requests the agency needs to send to verify one identity.

The “fragmented landscape” of all the sensitive information floating around needs to be reduced, he said, as it not only adds a layer of complexity to the user but increases the entry points for breaches. To tackle this, ZenKey allows for the portability of the user’s sensitive information regardless of whether you change phones or providers.

As the “only massively recognized authoritative issuer of identity,” the government has to “play more of a direct role” in setting the security and privacy “high bar,” Grant said, and working with the private sector to identify solutions that are also interoperable and easy to use.

A+
a-
  • cyberattacks
  • cybersecurity
  • Department of Health and Human Services
  • JPMorgan Chase
  • Office of Management and Budget
  • In The News

    Health

    Voting

    Technology

    March 28, 2024
    by Dan McCue
    Silicon Valley-Based Firm Launches ‘Radar as a Service’

    BELMONT, Calif. — At first the idea sounds about as un-Silicon Valley as one can get. After all, the basic... Read More

    BELMONT, Calif. — At first the idea sounds about as un-Silicon Valley as one can get. After all, the basic concept underlying radar was proven in 1886, when a German physicist named Heinrich Hertz showed that radio waves could be reflected from solid objects. And the... Read More

    March 28, 2024
    by Dan McCue
    Vice President Harris Rolls Out First Government-Wide Policy to Mitigate AI Risks

    WASHINGTON — Vice President Kamala Harris on Wednesday rolled out the Biden administration’s first government-wide policy intended to mitigate the... Read More

    WASHINGTON — Vice President Kamala Harris on Wednesday rolled out the Biden administration’s first government-wide policy intended to mitigate the risks associated with artificial intelligence while still enabling its use to advance the public interest. The new policy, which is being issued through the White House... Read More

    March 21, 2024
    by Tom Ramstack
    Lawmakers Say US Semiconductors Sometimes Used by Foreign Adversaries

    WASHINGTON — A congressional panel juggled competing interests Thursday of trying to lead the world in industrial development without having... Read More

    WASHINGTON — A congressional panel juggled competing interests Thursday of trying to lead the world in industrial development without having the new technologies fall into the hands of foreign militaries that might want to harm the United States. More than anything, lawmakers want more and better... Read More

    March 21, 2024
    by Dan McCue
    DOJ, 16 States Sue Apple Over Alleged Smartphone Monopoly

    WASHINGTON — The Justice Department and 16 state attorneys general sued Apple on Thursday accusing the Cupertino, California-based tech giant... Read More

    WASHINGTON — The Justice Department and 16 state attorneys general sued Apple on Thursday accusing the Cupertino, California-based tech giant of operating an illegal monopoly in the smartphone market. According to the lawsuit, which was filed in federal court in New Jersey, Apple has used the... Read More

    House Passes Bill That Would Lead to TikTok Ban if Chinese Owner Doesn't Sell. Senate Path Unclear

    WASHINGTON (AP) — The House on Wednesday passed a bill that would lead to a nationwide ban of the popular video app... Read More

    WASHINGTON (AP) — The House on Wednesday passed a bill that would lead to a nationwide ban of the popular video app TikTok if its China-based owner doesn't sell, as lawmakers acted on concerns that the company's current ownership structure is a national security threat. The bill, passed by... Read More

    In New York City, Heat Pumps That Fit in Apartment Windows Promise Big Emissions Cuts

    NEW YORK (AP) — For 27 years, the heat in Regina Fred’s Queens apartment building came from a noisy steam... Read More

    NEW YORK (AP) — For 27 years, the heat in Regina Fred’s Queens apartment building came from a noisy steam radiator that she couldn't control and sometimes didn't come on at all, leaving her shivering. Sometimes, the radiators ran so hot that residents had to keep... Read More

    News From The Well
    scroll top