Federal CISO doubles down on phishing-resistant MFA following Lapsus$ review

The Lapsus$ group launched a global cyber attack by exploiting weak identity management technology in government agencies and organizations. The Cyber Safety Review Board’s report underscores the need for phishing-resistant multifactor authentication to secure data and networks. The board also recommends a switch from text message and voice multifactor authentication codes to advanced security measures such as token-based methods and network intrusion detection systems. The report suggests a 10-year modernization plan to replace legacy systems and implementing “a world without passwords”.