In this episode of CISO Tradecraft, host G Mark Hardy discusses various mishaps that can occur with Multi-Factor Authentication (MFA) and how these can be exploited by attackers. The talk covers several scenarios such as the misuse of test servers, bypassing of MFA via malicious apps and phishing scams, violation of the Illinois Biometric Information Protection Act by using biometric data without proper consent, and potential future legal restrictions on biometric data usage. G Mark also highlights the significance of correct implementation of MFA to ensure optimum organizational security and how companies can fail to achieve this due to overlooking non-technical issues like legal consent for biometric data collection.
Transcripts: https://docs.google.com/document/d/1FPCFlFRV1S_5eaFmjp5ByU-FCAzg_1kO
References:
Chapters
#40 - Risky Business
#39 - Stressed Out? Find your Ikigai and 6 Invaluable Factors
#38 - CMMC and Me
#37 - Cyber Security Laws & Regulations
#36 - IPv6 Your Competitive Advantage (with Joe Klein)
#35 - Setting Up an Application Security Program
#34 - Metrics that Matter
#33 - 10 Steps to Cyber Incident Response Playbooks
#32 - Brace for Incident (with Bryan Murphy)
#31 - Executive Order on Improving the Nation’s Cybersecurity
#30 - Cloud Drift (with Yoni Leitersdorf)
#29 - Identity and Access Management is the New Perimeter
#28 - AI and ML and How to Tell When Vendors Are Full of It
#27 - Roses, Buds, & Thorns
#26 - Blockchain for CISOs
#25 - Slay the Dragon or Save the Princess?
#24 - Everything you wanted to know about Ransomware
#23 - NSA’s Top 10 Cybersecurity Mitigation Strategies
#22 - Modern Software Development Practices
#21 - Your First 90 Days as a CISO (with Mark Egan)
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
A Prairie Home Companion: News from Lake Wobegon