Cybersecurity and Infrastructure Security Agency (CISA) Releases Guidance on Phishing-Resistant and Numbers Matching Multi-factor Authentication. Check out CISA’s latest cybersecurity updates to protect you and your organization against cyber threats .
CISA has released two fact sheets to highlight threats against accounts and systems using certain forms of multi-factor authentication (MFA).
It is strongly recommended all organizations implement phishing resistant MFA to protect against phishing and other known cyber threats.
If an organization using mobile push notification-based MFA is unable to implement phishing-resistant MFA, CISA recommends using number-matching to mitigate MFA fatigue.
Although number matching is not as strong as phishing-resistant MFA, it is one of the best interim mitigation for organizations who may not immediately be able to implement phishing-resistant MFA.
Users and organizations can visit CISA.gov/MFA for more information on MFA, including an infographic of the hierarchy of MFA options.
Do you need to hire cybersecurity talent, or a virtual Chief Information Security Officer to help secure and protect your organization against cyber attacks? Email Bolt Resources today and one of our Cybersecurity Workforce Advisors will contact you shortly!