Adopting Zero Trust: The Illusion of Passwordless
Adopting Zero Trust10 Elo 2023

Adopting Zero Trust: The Illusion of Passwordless

The illusion of going passwordless with Derek Hanson, Vice President Solutions Architecture and Alliances at Yubico. You can read the show notes here.

True or False: The concept of passwordless is new. False.

This is shocking, we know.

Considering the amount of hype around the concept, it certainly can feel like a new concept since the masses are becoming more familiar with it; however, the message is a bit jumbled.

For ages, we’ve used things like biometrics (fingerprints or iris scans) and even a PIN to access money on a debit card, but more recently, there has been an increase in misrepresentations about how secure passwordless technology is, simply because there is not a password involved. As cybersecurity practitioners, we know that the simple removal of passwords alone won’t prevent a successful phishing attack, which means multifactor authentication needs to play a role in getting us closer to the Zero Trust concept.

Fortunately, we have a guest this week who is well-equipped to help us navigate the ins and outs of passwordless concepts, passkeys, and the split between identification and authentication. Derek Hanson is the Vice President of Solutions Architecture and Alliances at Yubico, who has spent the last 8 years contributing to the shaping of a physical piece of hardware, Yubikeys, designed to improve authentication. Prior to that, he worked at Costco, focusing on identification and IAM. But first, let’s improve your personal security stack…

Giveaway - Yubikeys!

If you already have a Yubikey, you already know there is always an opportunity for one more in your stack. If you’re new to Yubico’s offering, this is the perfect time for you to grab your very own YubiKey 5C NFC and gain phishing-resistant MFA. It even works with most password managers, too.

To enter, we’ve given you a bunch of options on how you can increase your odds of winning one of two keys. You must be based in the US, though.

[**Enter the giveaway here](https://www.rafflecopter.com/rafl/display/c9435e741/?).**

We’ll close the giveaway in about two weeks and announce it in our next episode.

Hosted on Acast. See acast.com/privacy for more information.

Jaksot(58)

Adopting Zero Trust: Philosophy of Prevention with iHeartMedia’s Janet Heins

Adopting Zero Trust: Philosophy of Prevention with iHeartMedia’s Janet Heins

Season two, episode 13: Cybersecurity prevention on a global scale with Janey Heins, Global CISO for iHeartMedia. At the heart of Zero Trust is the idea of prevention. If you don’t trust anything or a...

27 Heinä 202344min

Adopting Zero Trust: Continuous Trust

Adopting Zero Trust: Continuous Trust

Over the past two years, we’ve explored the ins and outs of Zero Trust, ranging from the concept as a strategy down to the more technical components, such as how it impacts the physical world as found...

13 Heinä 202329min

Adopting Zero Trust: Nonfederated Apps

Adopting Zero Trust: Nonfederated Apps

Last episode, we brought to you a wild story of a victim who was SIM-swapped four times, and this week we’re back to basics with some fresh research and a closer look at a critical piece of Zero Trust...

29 Kesä 202354min

Adopting Zero Trust: SIM Swapped

Adopting Zero Trust: SIM Swapped

Taking a break from our usual format, this week we chat with a victim-turned-CEO who was hit by SIM-swapping attacks. However, not all harsh starts have to end that way, and Haseeb Awan made the best ...

15 Kesä 202359min

Adopting Zero Trust with Bloomberg: Implemented

Adopting Zero Trust with Bloomberg: Implemented

Season two, episode nine: Featuring Bloomberg’s Head of Information Security Architecture and the Information Security Program, Phil Vachon. Catch this episode on YouTube, Apple, Spotify, Amazon, or G...

25 Touko 202351min

Adopting Zero Trust with Bitwarden: The Mighty Password

Adopting Zero Trust with Bitwarden: The Mighty Password

There’s no avoiding it, the headlines have not been kind to the ways we access systems today. Users are still using 1234, password, and even their dog's name. Not just using these weak passwords but a...

11 Touko 202354min

Adopting Zero Trust: Empathetic Leadership with Kyndryl’s Kris Lovejoy

Adopting Zero Trust: Empathetic Leadership with Kyndryl’s Kris Lovejoy

For many, cybersecurity is seen as a cost center that reduces risk to the business. This can be oversimplified to something akin to how HR reduces people-related risks but comes with layer on top of l...

27 Huhti 202357min

Adopting Zero Trust: Cybersecurity Innovation with Stanford Fellow AJ Grotto

Adopting Zero Trust: Cybersecurity Innovation with Stanford Fellow AJ Grotto

For more than a decade, Zero Trust as a concept has moved from a philosophy and now into a practical architecture and strategy that organizations can adopt. While Zero Trust encapsulates much of what ...

13 Huhti 202339min