Showing results 1 - 20 of 148 for "authentication"
BLOG POST - https://www.cisecurity.org/insights/blog/why-are-authentication-and-authorization-so-diffic...
Why Are Authentication and Authorization So Difficult?
By: Kathleen M. Moriarty, CIS Chief Technology Officer Let’s say you’re tasked with selecting a strong authentication solution for your organization. ...
SPOTLIGHT - https://www.cisecurity.org/insights/spotlight/ei-isac-cybersecurity-spotlight-multi-factor-...
Election Security Spotlight – Multi-Factor Authentication
In this Election Security Spotlight, the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) discusses multi-factor authenticat...
BLOG POST - https://www.cisecurity.org/insights/blog/tracing-the-evolving-levels-of-support-for-webauth...
Tracing the Evolving Levels of Support for WebAuthn
There are a large number of products that support WebAuthn and other standards in the FIDO Framework. Let's examine some of these now....
BLOG POST - https://www.cisecurity.org/insights/blog/how-dmarc-advances-email-security
How DMARC Advances Email Security
While some identity management protocols such as multi-factor authentication have made modern advancements, others – like email authentication – have ...
BLOG POST - https://www.cisecurity.org/insights/blog/authentication-and-authorization-using-single-sign...
Authentication and Authorization Using Single Sign-On
By: Kathleen M. Moriarty, CIS Chief Technology Officer In order to prevent credential theft from phishing attacks, there is a push for multi-factor au...
ADVISORY - https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-citrix-adc-and-gateway-coul...
2022-132: Multiple Vulnerabilities in Citrix ADC and Gateway Could Allow for Authentication Bypass
Multiple vulnerabilities have been discovered in Citrix ADC and Gateway, the most severe of which could allow for Authentication Bypass. Citrix ADC...
MEDIA MENTION - https://www.cisecurity.org/about-us/media/media-mention/what-is-a-one-time-password-us-news...
What is a One-Time Password? | US News – U.S News and World Report Money
One-time passwords can help prevent ID theft, reduce the need for IT support, and help resist cyberattacks called replay attacks....
BLOG POST - https://www.cisecurity.org/insights/blog/cis-password-policy-guide-passphrases-monitoring-a...
CIS Password Policy Guide: Passphrases, Monitoring, and More
Love them or hate them, but passwords have undeniably been a time-tested and imperfect method for user authentication that can protect organizations f...
SPOTLIGHT - https://www.cisecurity.org/insights/spotlight/cybersecurity-spotlight-passwords
Election Security Spotlight – Passwords
What it is Passwords are a critical yet basic authentication mechanism in information security that consists of a combination of alphabetic, numeric, ...
PAGE - https://www.cisecurity.org/ms-isac/dhs-issues-binding-operational-directive-on-enhancing-em...
DHS Issues Binding Operational Directive on Enhancing Email and Web Security
Date Issued: October 17, 2017 The U.S. Department of Homeland Security (DHS) released Binding Operational Directive (BOD) 18-01 directing federal agen...
BLOG POST - https://www.cisecurity.org/insights/blog/why-oauth-is-so-important-an-interview-with-justin...
Why OAuth is so Important: An Interview with Justin Richer
This is the third article in this series by Kathleen Moriarty, CIS Chief Technology Officer. In this article, Moriarty interviews Justin Richer, an in...
BLOG POST - https://www.cisecurity.org/insights/blog/the-llm-misinformation-problem-i-was-not-expecting
The LLM Misinformation Problem I Was Not Expecting
Kathleen Moriarty discusses an unexpected LLM misinformation problem: students incorporating non-vetted AI results into their assignments....
BLOG POST - https://www.cisecurity.org/insights/blog/11-cyber-defense-tips-to-stay-secure-at-work-and-h...
11 Cyber Defense Tips to Stay Secure at Work and Home
To uphold your personal responsibility for cybersecurity, here are 11 steps that you can use to strengthen your cyber defense at home and at work....
BLOG POST - https://www.cisecurity.org/insights/blog/mimikatz-the-finest-in-post-exploitation
Mimikatz: The Finest in Post-Exploitation
Part 2 in a series on Malware Overview The MS-ISAC continuously observes attacks using the post-exploitation credential stealing tool Mimikatz. Many c...
MEDIA MENTION - https://www.cisecurity.org/about-us/media/media-mention/where-does-zero-trust-begin-and-why...
Where does zero trust begin and why is it important?
Zero trust architectures reinforce the point that no layer of the stack trusts the underlying components, whether that be hardware or software....
BLOG POST - https://www.cisecurity.org/insights/blog/how-to-secure-your-online-identity-with-security-k...
How to Secure Your Online Identity with Security Keys
An intern with our CTO office embarked on a short project to protect her accounts with security keys. Here's what her experience was like....
SPOTLIGHT - https://www.cisecurity.org/insights/spotlight/election-security-spotlight-what-is-email-sec...
Election Security Spotlight – What Is Email Security?
In this Election Security Spotlight, the Elections Infrastructure Information Sharing an Analysis Center (EI-ISAC) provides an overview of email secur...
BLOG POST - https://www.cisecurity.org/insights/blog/where-does-zero-trust-begin-and-why-is-it-importan...
Where Does Zero Trust Begin and Why is it Important?
By: Kathleen M. Moriarty, CIS Chief Technology Officer Zero trust is an important information security architectural shift. It brings us away from the...
BLOG POST - https://www.cisecurity.org/insights/blog/6-cybersecurity-tips-to-keep-your-workplace-safe-o...
6 Cybersecurity Tips to Keep Your Workplace Safe Online
In the office, cybersecurity is everyone’s responsibility. By reminding your employees of these simple online safety best practices, your organization...
SPOTLIGHT - https://www.cisecurity.org/insights/spotlight/election-security-spotlight-swatting
Election Security Spotlight – Swatting
In this Election Security Spotlight, the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) provides an overview of swatting....