Name: Carmax: Combating Phishing with Integrated Physical and Digital Security
Start: 2024-04-09T16:00:00Z
End: 2024-04-09T16:00:32.000Z
Location: BrightTALK
Rating: 0

Axiad is an identity security company tackling the growing threat of compromised credentials, which drive over 70% of enterprise breaches. The sprawl of human and non-human identities across organization silos creates security blind spots that existing tools fail to secure. Axiad tackles this problem head-on, detecting identity risks and poor credential hygiene across systems, providing actionable insights, and enhancing security without needing a complete overhaul. Axiad makes identity simple, effective, and real. Discover more at axiad.com.

LIVE WEBINAR!

Phishing attacks continue to be one of the most effective methods for credential theft, bypassing traditional multi-factor authentication (MFA) solutions that rely on weak or outdated factors. As organizations move toward phishing-resistant authentication methods, ensuring accessibility and scalability for all users remains a challenge. Adopting a modern ICAM approach enables strong authentication that is both secure and user-friendly.

In this webinar, we explore:

— The latest advances in phishing-resistant MFA, including FIDO and certificate-based authentication
— Why traditional MFA methods are no longer sufficient against modern phishing threats
— Strategies for implementing phishing-resistant authentication at scale

Join us as we discuss how organizations can strengthen authentication across their workforce, partners, and customers—without adding unnecessary complexity or friction.

MFA: Phishing Resistance for Everyone

Financial Institutions must balance stringent security requirements with seamless access for employees, customers, and third-party partners. Traditional IAM solutions often force organizations into rigid authentication models, creating friction for users while limiting scalability. The shift to Identity, Credential, and Access Management (ICAM) offers the flexibility needed to accommodate diverse user populations and evolving security demands.

In this webinar, we explore:

— The limitations of traditional IAM in financial services and the need for greater authentication flexibility
— How ICAM enables scalable, secure access with multiple credential options
— Best practices for implementing optionality in authentication without sacrificing security or compliance

Join us as we discuss how financial institutions can embrace an ICAM strategy that enhances both security and user experience, ensuring seamless and secure access for every identity.

Access For Everyone: IAM Optionality for Financial Institutions

Federal agencies must modernize identity, credential and access management (ICAM) while ensuring compliance with evolving security mandates. Achieving an Authority to Operate (ATO) is just the beginning—true operational efficiency requires scalable, centralized solutions that align with ICAM best practices. As agencies look to modernize, they must ensure their IAM strategies are proven, adaptable, and ready to support thousands of users across multiple environments.

In this webinar, we explore:

— The role of FedRAMP-authorized solutions in streamlining IAM modernization
— How agencies can implement scalable, centralized ICAM frameworks without disrupting operations
— Best practices for ensuring IAM solutions meet both compliance and operational efficiency goals

Join us as we discuss how government agencies can modernize identity management with secure, proven, and scalable solutions that support mission-critical operations.

OE for ICAM: Operational Efficiency that's FedRAMP Proven, & Ready to Scale

Identity is the first line of defense for securing critical infrastructure. However, as organizations scale, managing credentials across multiple deployment models—cloud, on-prem, and hybrid— as well as multiple environments—Windows, Mac, and Linux— have become increasingly complex. Adversaries are exploiting gaps in identity, credential, and access management (ICAM) to target essential systems, making credential security a top priority for security leaders.

In this webinar, we dive deep into real-world use cases of leveraging a flexible solution to ensure operational resilience and regulatory compliance. You will discover:

— How evolving threats are exploiting identity vulnerabilities in critical infrastructure
— Why credential management is essential to eliminating identity-based attack vectors
— How to simply credential management by unifying authentication, automating credential workflows, and enforcing zero-trust principles

Front Line: Identity Security Best Practices for Critical Assets and Infrastructure

Identity is the root of cybersecurity. However, the rapidly increasing number of identities we use has made them the primary target for adversaries and made “identity risk” a Top Three battle for CISOs. In this webinar, we explore: 

— How the Identity Diaspora brings new, escalating risks 
— How a range of tools (IdRM, ITDR, and ISPM) look to address them 
— How cyber teams need a way to Identify these risks, Quantify their impact, and Fortify identities against them  

We also hear how Leidos—a global leader in defense, aviation, IT, and biomedical research—plans to use identity fabric concepts to address these new threats and stay ahead of them.

The Identity Diaspora: Modern Identity Risks and How to Manage Them

To maintain resilience against modern cyber-attacks, modern enterprises need to support a wide range of authentication credentials: from X.509-based certificates to FIDO passkeys, from LDAP to OAuth, and from Kerberos to hardware-hosted tokens. Managing the lifecycles of these disparate credentials, from issuance to revocation or renewal, is no easy task. Some (like FIDO) were designed for individual user authentication, and some (like LDAP) were developed for large-scale IT admin automation. Unifying these different approaches in an advanced but simple credential management system is the path to resilient, enterprise-class authentication.   

Microsoft’s Entra ID is an industry-leading identity and access management solution that provides authentication and authorization services across a broad swath of products uses. Axiad is a leader in credential management for complex government and private sector use cases. In this webinar, these two teams will join forces to show how new Entra ID APIs for centralized passkey creation and management can be leveraged through advanced credential management solutions.

Attendees to this session will learn how Microsoft’s new Entra ID FIDO2 provisioning APIs can be harnessed by the Axiad Cloud credential management solution to deliver FIDO2 passkeys in the ways enterprises need them: in phishing-resistant forms; on behalf of IAM administrators; and in a unified, single-workflow system that works with other credential types.   
 
Key topics include:
• How Entra ID’s new FIDO2 APIs help manage passkeys so they can be pre-provisioned for users and create a simpler experience on first-time usage.  
• How to enable credential-agnostic authentication processes that are simple and scalable.  
• Best practices for integrating these two technologies into existing IT infrastructures.

This webinar is essential for IT security professionals, federal agency representatives, and anyone involved in designing or managing credentialing processes.

Simplifying Credential Management: FIDO2 + Entra ID + Axiad

Join us for an informative webinar on the latest advancements in secure identity management
for federal agencies. This session will delve into the processes and benefits of issuing PIV-
Compatible and derived credentials using Axiad Cloud, a FedRAMP solution, in conjunction with
YubiKeys. Attendees will gain a comprehensive understanding of how they can streamline the
credentialing process and ensure compliance with federal standards while enhancing security
and efficiency.
 
Key topics include:
- An overview of PIV-Compatible and derived credentials and their significance in federal identity management.
- Step-by-step guidance on leveraging Axiad Cloud for seamless credential issuance and lifecycle management.
- The role of Yubico authenticators to enhance security and provide phishing-resistant multi-factor authentication.
- Best practices for integrating these technologies into existing federal IT infrastructures.

This webinar is essential for IT security professionals, federal agency representatives, and
anyone involved in government credentialing processes. Join us to learn how to fortify your
security posture with cutting-edge solutions from Axiad and Yubico.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Enhancing Federal Security: Issuing PIV-Compatible Credentials

During this second webinar in our FIDO series, we focus on FIDO Passkeys. We break down the complexity of Passkeys and provide a holistic view of their role in authentication.

FIDO 101 E2: Demystifying Passkeys & Understanding Their Role in Authentication

Certificate-based authentication (CBA) has been a staple of governments and high security environments for decades, and remains a favorite amongst security experts due to its reliability and effectiveness in physical environments. However, when it comes to CBA on mobile, users have had little patience with its vendor requirements and cumbersome phone adapters. Now with Axiad and Yubico, there’s a new way to bring more security—and less friction—to mobile devices. 

Join Axiad and Yubico on March 30th to learn how your organization can achieve phishing-resistant authentication with CBA on mobile. We’ll discuss: 
• Phishing-resistant MFA trends and requirements
• FIDO and CBA, the only two technologies that deliver phishing-resistant authentication
• Why tech giants like Microsoft are investing in CBA with Microsoft Azure AD CBA
• How to deploy a YubiKey for authentication with a certificate provisioned and managed by Axiad Cloud

A New Way with CBA: Bringing Phishing-resistant Authentication to Mobile

FIDO is an acronym for “Fast Identity Online,” and the FIDO Alliance is a non-profit group whose mission is to develop authentication standards to help reduce the world’s over-reliance on passwords. With some of the largest companies and governments in the world having voted to standardize FIDO’s protocols, questions are naturally emerging on how (and when) to best leverage them.  

Join us on February 9 for a crash course on FIDO—what it is, how it could benefit you, and how to maximize your investment in it. In this 30-minute webinar, we’ll discuss:

• the history of FIDO and an overview of its key terms
• the fundamentals of authentication and multi-factor authentication (MFA), and their overlap with FIDO 
• top use cases for applying FIDO, and best practices for implementation
• potential misconceptions and downfalls, and when alternatives may be a better path forward

Read more: https://www.axiad.com/blog/guide-to-fido-and-fido-2-passwordless

FIDO 101 E1: Understanding FIDO and What It Can Do for You

The Peel Regional Police (PRP) team is the third largest municipal police service in Canada with 2,100 uniformed members and close to 875 support staff. Composed of five major divisions supported by community police stations, the team is responsible for a broad range of policing duties from airport security and traffic to community-related services and improving community safety and well-being. With such a broad range of environments and systems, the stakes are high when it comes to authentication. 
 
Join the Peel Regional Police and Axiad on December 8th to learn:
- The authentication challenges they face—and how yours might compare
- The tipping point that meant they needed to transition
- Their selection criteria and best practices for finding a new approach
- Why they selected Axiad as their vendor of choice 
- The challenges they foresee for the future

How the Peel Regional Police Found the Right Authentication Solution for Them

The Azure Active Directory CBA feature brings certificate-based, phishing-resistant authentication to the cloud. But how do you manage certificates for this new feature without the headaches of managing PKI? During this webinar, Axiad and Microsoft will show you how easy it can be to bring certificate-backed strong authentication to the cloud by using a completely cloud-native approach, and we’ll discuss how organizations can move from on-prem applications (i.e. AD FS) to Azure AD with help from Axiad Cloud.

Phishing-resistant Authentication in the Cloud with Azure AD and Axiad Cloud

Securing all your users and implementing a Zero Trust strategy isn’t easy. A strong authentication strategy is a critical starting point, and doing so with FIDO2 is a smart step forward. But what are some practices to deliver on enterprise-wide strong authentication? Can FIDO2 fit the bill, or do we need more tools in our authentication toolbox? How are FIDO2 and certificate-based authentication like PIV different?
 
Join Axiad and FIDO on September 22 to learn how your business can provide secure access without passwords. We’ll discuss:

- Why organizations around the globe are increasingly leveraging FIDO2
- How FIDO2 differs from PIV
- Strategic considerations and best practices for FIDO2 implementation
- Actions you can take to secure every person, machine, and digital interaction in your ecosystem

Combining the Old and the New: Best Practices for FIDO2 and PIV for Zero Trust

With 84% of organizations having experienced an identity-related breach in the last year, investments in identity security are at an all-time high. On top of that, many are moving away from legacy approaches to authentication and toward a passwordless future.  

For organizations that have a heterogeneous IT ecosystem and varying internal requirements, the path to passwordless isn’t always clear. Due to this underlying complexity, security executives are often forced to take a fragmented approach to authentication, which can create significant user and administrative friction, high costs, and most importantly—gaps and inconsistencies that can be exploited by bad actors.

Join this 30-minute webinar with Axiad on July 21 to learn more about:
• How you can shift from a fragmented to a holistic approach to authentication
• Best practices for building an integrated authentication solution in your organization
• What to look for in order to remove friction without compromising on security
• How you can take a step-by-step approach to enterprise-wide passwordless orchestration

Holistic Authentication: Closing the Gaps in Your Passwordless Strategy

Over the past year, complex cyberattacks have skyrocketed—and it is no surprise that the U.S. defense industrial base and government contractors are primary targets. In this context, following the DoD Cybersecurity Maturity Model Certification (CMMC) is now more important than ever. Typically seen as phishing and account takeovers targeting digital identities, these attacks result in data exposure, denial of service, erosion of data integrity, and risk to critical assets. 

What if the solution was not to make passwords stronger, but rather to remove them entirely?
 
Join Axiad and Atos on April 14th to learn why passwordless phishing-resistant Multi-factor Authentication is the most secure and practical defense. 

We’ll discuss:  
1) General challenges of implementing CMMC identification and authentication controls
2) Actions to validate your workforce and machine identities in compliance with CMMC
3) What to look for in a phishing-resistant Multi-factor Authentication solution

Securing Government Contractors under CMMC with Phishing-resistant MFA

Cloud Authentication solutions are no longer just a trend, but the norm for organizations looking to modernize their cybersecurity. The essential question is how do you select a cloud platform that you can trust as if it were your own?

Enter: the Virtual Private Cloud (VPC). A model where each organization can benefit from the flexibility and scalability of the cloud, without having to compromise on security or compliance. The VPC serves as an extension of your own infrastructure, which only you can access, removing the concerns inherent to a mutualized cloud platform shared amongst thousands of customers.

Join Axiad on April 1st to learn how a VPC can help you avoid costly data breaches, while still reducing your costs and complying with strict mandates and regulations.

We'll discuss:
1) Benefits of a Virtual Private Cloud vs. a shared infrastructure
2) Why a VPC doesn't have to be time-consuming or costly
3) Questions you should be asking your cloud authentication vendor

Cloud Authentication: Why having your own Virtual Private Cloud matters

Enterprises have realized passwords are not secure enough to protect their data and information. However, they are struggling to get their workforce to move to passwordless once and for all. These adoption issues are often caused by the difficulty for users to issue, manage, and renew the various identity credentials required for passwordless. In many cases employees become discouraged and find workarounds in their security system instead of utilizing their credentials so they can remain productive.
 
Join cybersecurity experts Jerome Becquart, COO, Axiad, and Holger Schulze, CEO and Founder, Cybersecurity Insiders, to discuss why users will be more likely to adhere to security best practices if they are empowered to manage and renew their credentials without your IT team’s help. Learn how to successfully reach passwordless by putting users front and center:
 
- The current challenge of moving your workforce to passwordless authentication
- How remote and hybrid work have heightened these issues
- The impact of employees finding workarounds in your passwordless system
- Why a user-centric approach is the only way to break up with passwords for good

How to Break Up With Your Passwords Through User Empowerment

With the implementation of increasingly sophisticated cybersecurity technology, hackers have turned to social engineering to steal companies’ valuable data. The last couple of years have seen explosive growth in phishing attacks, many involving impersonation of employees. This makes authentic identities a cornerstone of any corporate cyber security posture. Carmax has implemented an identity and access management solution by partners Axiad and IDEMIA that uses IDEMIA’s PIV-based smart cards as a combined physical and digital access token, with certificate-based authentication (CBA) and identity and access management (IAM) system from Axiad. This talk discusses how this has been implemented by Carmax and how this passwordless, token-based solution can serve as an effective means for protecting sensitive corporate data.

Carmax: Combating Phishing with Integrated Physical and Digital Security

Passkeys

Cyberattack

Zero-trust access

Phishing

Identity Management

Passwordless authentication

Multi-Factor Authentication

Security Strategy

Access Management

Security Convergence

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Get powerful help desk and support insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on the help desk and support strategies that effect business value and growth.

Help Desk and Support

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Carmax: Combating Phishing with Integrated Physical and Digital Security

Presented by

About this talk

More from this channel