The White House announced a comprehensive plan on Feb. 9 to strengthen the nation’s cybersecurity, protect America’s privacy and safeguard intellectual property in the face of security threats — which are rapidly increasing in both frequency and sophistication.
The problem President Obama and his security team are tackling centers on authentication. There has been an explosion of fraudulent activity in recent months — and the problem is about scale. The number of smartphones, tablets and other connected devices being used to access the Internet actually outnumbers humans on the planet. Each of these devices presents a highly vulnerable target for both digital criminals — both individuals and organizations — armed with advanced phishing tools and other similar weapons. The attacks that we know of in the U.S. have reached hundreds of thousands per day.
Not all attacks are successful. But when they are, they can be devastating from an economic or personal safety standpoint. As an example, in early February, a hacker published personal contact information for more than 20,000 FBI employees. This was just a few days after the same person or persons published the same type of personal information for 9,000 Department of Homeland Security (DHS) employees. The DHS information was accessed through a hack into the U. S. justice Department email system.
The FBI and DHS hacks compromise the security and effectiveness of critical government workers. Other hacks, of course, cause massive economic damage to private enterprise. Of all the now-famous incidents, the hack on Sony perhaps got the most press. Hackers, presumably working on behalf of a foreign government agency, stole and published personal information about Sony employees and their families, company e-mails, executive salary information and copies of then-unreleased Sony films.
Clearly, these kinds of attacks cannot be prevented on a case-by-case basis. Security has evolved to a discipline that focuses on automation and effectively addresses scale. The President’s Plan (Cybersecurity National Action Plan) includes four key actions:
The fourth step noted above is all about helping people keep themselves — and their data — safe. It’s about establishing, managing and protecting identities. And it’s about authentication. President Obama’s plan clearly includes a strong push in this direction. According to the White House statement, “The president is calling on Americans to move beyond just the password to leverage multiple factors of authentication when logging-in to online accounts. Private companies, nonprofits and the federal government are working together to help more Americans stay safe online through a new public awareness campaign that focuses on broad adoption of multi-factor authentication.”
The identity experts at Entrust Datacard have been working on solutions that go beyond passwords for years. Our solutions are based on the idea that there are simply too many devices to manage. That’s a futile effort, especially given how many devices there are and how mobile we’ve become. Also, because most breaches are the result of compromised credentials, our authentication solutions move beyond passwords and incorporated technologies that establish and manage trusted identities — identities that cannot be stolen, faked, forged, assumed or otherwise compromised.
We pioneered many of our core technologies required for trusted identity, including authentication, encryption, digital signing, PKI and SSL certificates. Our deep expertise in these technologies — and our recent investment in accelerating innovation surrounding them — positions Entrust Datacard to be in a familiar market leadership role as the world moves in this direction.
To learn more about Entrust Datacard’s authentication solutions, read our latest white paper.