In the recent times of widespread technology, we have seen a rise in cybersecurity issues, with hacking being a prominent issue among companies. In a recent survey done by Axiad, it was found that 49% of respondents identified phishing attacks to be most likely. While this obligation of appropriate anti-phishing measures is a self-explanatory requirement, most organizations have, however, been literally dragging their feet in adopting effective countermeasures, citing concerns ranging from change fear and cost implications to negative perception associated with implementation complexity.
Overcoming resistance to change
According to the Axiad survey, 64% of the respondents claim that it is the “fear of change” that keeps them hooked to the traditional method of password-based authentication and non-phishing-resistant multi-factor authentication (MFA). However, this becomes a big challenge in the process of adopting this kind of authentication in a compromising organization to phishing attacks, since there will be resistance to the change at one level or the other.
True phishing-resistant MFA technology is emerging as a better option for organizations, filling the gap left by traditional MFA within their security layer. These technologies do not require any kind of human intervention, and as such, they greatly mitigate the risk of being exposed to cyber threats by nefarious players. The two approaches that are now able to truly resist phishing are Certificate-Based Authentication (CBA) technology and certification with Fast Identity Online (FIDO).
Certificate-Based Authentication (CBA), validated by Public Key Infrastructure (PKI), is a known and mature security measure. In contrast to most MFA systems, which tend to be very easily deployed, its implementation might seem fairly daunting. It is noteworthy that many larger organizations will have an already existing PKI infrastructure. This will also facilitate the operation of the company’s PKI as a service, which is through transferring the staff and technical functions to the service provider, while the organization remains, with its staff, left to focus on the deployment of authentication.
Overcoming Implementation Challenges
Performing phishing-resistant MFA looks intimidating at first glance, but it isn’t something unachievable. This implementation can be facilitated by enterprises using their PKI infrastructure or through PKI-as-a-service offerings. FIDO Passkeys, on their part, will see to it that the use of it does not block the adoption of this mode but also offers a user-friendly option.
Phishing-resistant MFA is a strategic transition that would have to take into consideration the general deployment environment in light of the determination of the authenticity of the parameters for its final users and their departmentalization, importance, and high-risk categories. Accordingly, education and training of employees about the same should be proactive in nature and designed to bring about the readiness of stakeholders with respect to the migration of systems onto a more secure framework of authentication.
In addition, organizations should implement MFA that is phishing-resistant to further strengthen their cybersecurity postures and effectively decrease the risks related to phishing attacks. This has been of great help for organizations in the unification of the authentication system and the power to make changes to the service by themselves, hence helping to cut on the cost and simplify the process.
Original story from a survey done by Axiad