October is Cybersecurity Month in the United States, but with the increasing rates of cybercrime, both from international and domestic sources, there is no month where cybercrime isn’t a constant, potentially catastrophic threat. The SolarWinds attack attributed to Russia in 2020, recent attacks on the water supply and other national infrastructure, and the increasing rate at which people have started working from home after the pandemic, has increased our awareness of cybercrime and our need to be constantly vigilant.
The elimination of passwords
One of the key components of this new era of cybersecurity is the elimination of passwords. Starting in September (but the result of steps taken over the last several years) Microsoft has gone completely passwordless, and even allows users to delete former passwords used for their Microsoft accounts. “If you have a Microsoft account, you can use the Authenticator [app] and within a few steps you can be passwordless," says Vasu Jakkal, Microsoft corporate vice president of the Microsoft Security, Compliance, Identity and Management division.
Jakkal adds that during the pandemic “the number of attack surfaces has increased exponentially, so that was a big driving factor for us in accelerating a lot of our security initiatives.”
“Passwords alone are no longer effective at keeping users safe.”
Guemmy Kim, Google's director of account security and safety adds “The reality is passwords alone are no longer effective at keeping users safe.”
Meanwhile biometrics products and services continue to expand in popularity and have taken the forefront of the cybersecurity conversation. Biometric companies BIO-key, Plurilock and Onfido were recently recognized by the Cybersecurity community, and others are regularly in the headlines as well.
If there is any silver lining to our new reality of cyber threats it is that new solutions are on the horizon as well.