Complimentary tool aimed to inform security professionals of vulnerabilities in MFA, authored by KnowBe4’s Roger Grimes
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced a new complimentary tool called the Multi-Factor Authentication Security Assessment (MASA), which provides security professionals with advice on implementing a multi-factor authentication (MFA) strategy as well as practical advice on how to defend against MFA hacks.
According to Deloitte’s Addressing Cyber Threats: Multi-Factor Authentication for Privileged User Accounts report, 48% of cybersecurity breaches are not preventable by strong multi-factor authentication, leaving the MFA open to be hacked.
MASA is a survey-based tool that security professionals use by answering relevant technology questions about how their MFA solution works. MASA then uses those answers to determine that individual’s particular risks. The tool generates a summary report that highlights the specific risks that the particular MFA solution has with best practice information and recommendations on how to better defend the environment.
“Implementing MFA is usually a security improvement over single-factor authentication, however, like any security solution, it’s still hackable,” said Roger Grimes, data-driven defense evangelist, KnowBe4. “This new tool is intended to assist organizations in their overall security program analysis by revealing how MFA can be maliciously hacked in a number of ways. By providing security professionals with this information, we hope to better inform them of the decisions they make when it comes to security.”
This tool was authored by Grimes. He has over 30 years of experience in computer security and has provided risk assessments to some of the world’s largest companies.
For more information on KnowBe4’s Multi-Factor Authentication Security Assessment tool, visit https://www.knowbe4.com/multi-factor-authentication-security-assessment.
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 28,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as the last line of defense.
Number 161 on the 2019 Inc. 500 list, #34 on 2018 Deloitte’s Technology Fast 500 and #2 in Cybersecurity Ventures Cybersecurity 500. KnowBe4 is headquartered in Tampa Bay, Florida with European offices in England, the Netherlands, Germany and offices in Brazil, Australia, Japan, South Africa and Singapore.