phishing

Okta’s Enhanced Smart Card Auth Helps Keep Gov Resources Safe

Nearly two decades ago, the U.S. Homeland Security Presidential Directive 12 (HSPD-12) established a new identity policy for federal employees and contractors. Its goal was a strong, government-wide approach to secure both physical and logical access. Today, the Personal Identity Verification (PIV) and Common Access Card (CAC) standards are…

Here’s How to Resist Phishing in a Heterogeneous Workforce

Here’s How to Resist Phishing in a Heterogeneous Workforce Organizations manage a broad ecosystem of users, from employees and contractors using the same access points to business partners collaborating throughout the supply chain. How do you keep this dynamic world connected, flowing, and, most importantly, safe from social engineering, like…

Cyber Security Awareness Month: The Problem with Passwords

Passwords are a fixture of our modern digital world that cause no end of frustration and angst. I am sure this scenario is a familiar one: ‘Incorrect password, please try again’ <forgot password> ‘Please enter a new password’ <input incorrect password (because, hey, it wasn’t the right one anyway)> ‘The password you have entered has…

Cyber Security Awareness Month: 4 Ways to Participate

We live in a world of modern digital companies and users have never had so much freedom. We can build anything with cloud apps and services. We can work from anywhere. Learn from anywhere. Shop and surf from anywhere, on any device. But so can the bad guys. What is Cyber Security Awareness Month? Back in 2004 when more of the global interactions…

MFA Fatigue: A Growing Security Concern

The internet has never faced so much existential risk from people who want to harm companies and their users. While many organizations understand that there’s a link between identity and security, few fully grasp how foundational identity is to a modern security strategy. Organizations with gaps in their identity security are significantly more at…

Okta Helps Federal Agencies Easily Deploy Phishing-Resistant MFA

A recent report from the Anti-Phishing Working Group (APWG) revealed phishing attacks for the first quarter of 2022 exceeded one million—the highest on APWG record. As attacks increase, it’s reasonable to expect targeted phishing attacks to increase as well.  The U.S. government is defending itself against this growing threat via mandates and…

What Is Spear Phishing?

Spear phishing is a form of cyber attack targeted at a particular person or small set of individuals. In these scams, bad actors research their chosen targets and attempt to convince them to surrender sensitive data or financial information. Spear phishing attacks may also aim to infect user devices with malware, allowing attackers to steal the…

What Is a Data Breach?

A data breach happens when cybercriminals gain unauthorized access to a system or network, allowing them to search for sensitive data pertaining to a business and its customers, and using it to extract some form of illegal value. Attackers might sell this data on the dark web, directly engage in fraud, hold the information for ransom, or use it to…

The Enterprise Strikes Back: A Star Wars Story

I spent many of my childhood weekends watching Episodes IV-VI of Star Wars, the world's most famous “space opera.” Recently, it occurred to me that if the Galactic Empire had adopted a Zero Trust security model, it might have prevailed over Skywalker and the Rebels. Specifically, one could argue that the destruction of the Death Star was caused by…

5 Tenets of a Robust Security Infrastructure

The global number of cyber-attacks reached an all-time high last year and shows no indication of slowing down. In fact, cyber-attacks and data fraud are two of the top 10 global risks for this upcoming decade according to the World Economic Forum (WEF) Global Risk Report. The National Counterintelligence and Security Center (NCSC) recently…

Archive