How to Prevent Attacks that Bypass MFA
What you'll learn:
- Evolving attacks tactics from on-the-field security researcher
- Best practices to strengthen authentication and prevent MFA bypass attacks
Implementing multi-factor authentication (MFA) is one of the most effective ways to reduce the risk of a data breach. The popularity of cloud-based services and mobile authenticators applications have made it easy for organizations to adopt MFA solutions, which makes it hard for cybercriminals to gain unauthorized access and has brought about an evolution in attack tactics. Tactics such as MFA Fatigue, a.k.a. prompt bombing, and Adversary-in-the-Middle (AiTM) phishing attacks are more targeted and sophisticated. Security professionals are calling for more secure authentication factors or phishing resistant factors where possible.
Join Nick Biasini, Head of Outreach for Cisco Talos and Ganesh Umapathy, Cisco Duo Product Marketing for an engaging discussion on how attackers are bypassing MFA and what you can do to prevent them.
Presenter Info
Ganesh Umapathy, Product Marketing Manager, Duo Security
Ganesh is a product marketing manager at Duo. He is responsible for go-to-market strategy, product launches, content creation and sales enablement. Ganesh has over 10 years of experience working in the technology industry in varying capacities across engineering, product management and product marketing roles. Ganesh holds an MBA from University of Washington, Seattle, and a bachelor’s degree in Electronics & Instrumentation Engineering from India.
Nick Biasini Head of Outreach, Cisco Talos
Nick Biasini’s interest in computers and technology started at a young age when he tore apart his parents' brand new 486SX PC. Ever since he has been tinkering with computers in one way or another. In his current role, Biasini serves as the Head of Outreach for Cisco Talos leading the team responsible for the majority of the published research. Before that Biasini was responsible for exposing new details to major threats, with a focus on crimeware. This includes identifying techniques like Domain Shadowing, helping to stop large scale malware campaigns, and revealing clever spam campaigns. Biasini has a master’s degree in digital forensics from the University of Central Florida and has worked in both public and private sector positions in the security industry for more than fifteen years.