Yesterday, the Office of Management and Budget (OMB), the Office of the National Cyber Director (ONCD), the National Security Council (NSC), and the Cybersecurity and Infrastructure Security Agency (CISA) jointly hosted a Multifactor Authentication (MFA) Modernization Symposium. The event brought together leaders from industry and government to discuss how the Federal government can support and benefit from advances in phishing-resistant authentication, including by incorporating a broader array of commercially available technologies into federal environments.
Federal Chief Information Officer Clare Martorana, Federal Chief Information Security Officer and Deputy National Cyber Director for Federal Chris DeRusha, and CISA Executive Director Brandon Wales kicked off the day-long event by emphasizing the importance of modernizing our approach to authentication to achieve a simple, seamless, and secure digital experience.
“How we prove who we are online is one of the cornerstones of providing a positive, intuitive, and trusted digital experience,” said Federal Chief Information Officer Clare Martorana. “Today’s symposium builds upon our efforts to ensure we are delivering the access and ease of use Federal employees and the American people should expect from their government.”
“Security does not need to be complex or customized to be the best choice,” Federal Chief Information Security Officer and Deputy National Cyber Director Chris DeRusha said. “Today we are focused on leveraging the best practices of the private sector to advance how this Administration meets its goals of improving the nation’s cybersecurity, as laid out in the President’s Executive Order on cybersecurity and the National Cyber Strategy.”
“You need more than a password to stay safe online—and that’s where multi-factor authentication steps in to ensure your data is better protected against malicious cyber actors,” CISA Executive Director Brandon Wales said. “CISA has consistently urged organizations to implement MFA for all users to ensure any critical data is harder to access. Today’s symposium is about coming together to map out the vision we are all striving towards making a reality.”
The event featured two tracks that engaged both executives and technical subject matter experts in in-depth conversations about this critical technology ecosystem. The event offered participants an opportunity to explore how the public and private sectors can align their technology strategies to address shared security goals in an interoperable and usable way.
At the close of the event, Deputy National Security Advisor for Cyber and Emerging Technologies Anne Neuberger delivered remarks stating, “MFA is personally for me a priority. If there are barriers that government policies are placing on your ability for customers to adopt MFA and securely do business, we want to know about those. It’s clearly critical to protecting sensitive data and it’s our collective responsibility.”
Agency officials agreed to continue to engage the private sector as the Federal government develops and updates its cybersecurity policies to better support the adoption of contemporary MFA technologies. Private sector leaders reaffirmed their intent to continue evolving technology standards and implementations to support the needs of the U.S. Government and other large, security-critical enterprise environments to help the nation keep pace with evolving threats.