Jason Rader | Source | Vice President, Chief Information Security Officer at Insight Enterprises
Jason Rader
Jason is the Chief Information Security Officer at Insight. Jason leads the charge to help organizations develop innovative solutions that transform the culture of an organization to align with mitigating the risk of cyberthreats. He builds upon more than 25 years of experience to develop Insight’s end-to-end security consulting portfolio and share Insight's transformation journey with fellow security leaders. He has also worked on a wide range of special projects, including developing wireless security and penetration testing curriculum used by universities and training Department of Defense red teams on ethical hacking techniques.
-
Insight Enterprises
Vice President, Chief Information Security Officer
-
Cyberattacks Are Bypassing Multi-Factor Authentication
Cyber attackers are learning how to bypass MFA and data centers need to start looking at more advanced security measures. Until then, compensating controls need to be put in place to protect against breaches.
Article
-
And existing MFA infrastructure will continue to serve a purpose. Threat actors will usually start by trying to break into accounts that have the weakest security. If they’re systematically going through a list of accounts, they’ll try until they find one that doesn’t have an MFA requirement. This is why all accounts should have it enabled. This is particularly true for data centers that have been around for a decade or more. The bad guys will exploit this and bypass MFA altogether. I would say the adversaries will be successful a high percentage of the time if they can locate an account without MFA enabled or if legacy authentication is enabled — because all they have to do is guess the password.
