Press release

RSA to Demonstrate Identity Security Innovations Critical to Meeting NIST CSF 2.0 and Eliminating Passwords at RSA Conference 2024

0
Sponsored by Businesswire

RSA, the security-first identity leader, announced new product enhancements at RSA Conference 2024 to help organizations meet the National Institute of Standards and Technology’s Cybersecurity Framework 2.0 (NIST CSF 2.0) advanced security standards and eliminate passwords.

NIST CSF 2.0 provides public and private sector organizations with the best practices needed to refine their cybersecurity architecture and defend themselves from the most frequent and highest-impact attacks. Specifically, CSF 2.0 addresses a threat landscape now dominated by identity-driven threats and makes extensive recommendations to counteract them.

“NIST CSF 2.0 makes it clear that, no matter the size and no matter the sector, every organization is only as secure as its identities,” said RSA CEO Rohit Ghai. “The most recent framework represents a new gold standard for developing cyber resilience in the age of AI, demonstrates why every organization needs a unified identity platform to account for an extended threat landscape, and details how all organizations can implement those recommendations to adapt to far more dangerous threats.”

In the video, Mr. Ghai notes that, after examining the root causes of recent data breaches, “The data is getting too hard to ignore. The impact of incidents too dire to fathom. Securing identities is an absolute imperative,” before sharing implementation guidance for NIST CSF 2.0. At RSAC 2024, RSA will demonstrate the identity security capabilities that organizations need to evolve their cybersecurity practices and meet the highest CSF maturity tiers at Booth N-6253, including:

  • AI / ML-driven risk intelligence to defend against advanced identity threats

  • Risk-based identity governance and administration (IGA) solutions to identify and mitigate excess entitlements and ensure compliance

  • A broad range of phishing-resistant and passwordless authentication capabilities to support the needs of today’s hybrid, remote, and third-party users

  • Automated joiner-mover-leaver (JML) workflows that provision birthright- and role-based entitlements and that revoke access upon exit, ensuring that least privilege is maintained throughout the user lifecycle

RSA Announces Enterprise-Ready, Secure Passwordless Innovations at RSAC 2024

At RSAC 2024, RSA introduced additional enhancements that will expand on its leadership in secure passwordless authentication which will be available this year:

  • RSA Authenticator App to support Mobile Passkeys: this summer, the RSA Authenticator app for iOS and Android will support device-bound FIDO passkeys, providing security-conscious organizations with a passwordless alternative to synched passkeys

  • Secure self-service credential recovery: a new workflow that will allow users to pre-register a second FIDO authenticator or use synched passkeys without help desk support

  • Bring-Your-Own-Authenticator (BYOA) combined with best-of-breed security: RSA customers can use third-party authenticators—including FIDO2, FIDO U2F, or OATH H-OTP—as part of their RSA® ID Plus deployments while still leveraging decades of RSA’s security-first pedigree and proprietary solutions to fortify the use of open standards

These pending enhancements follow on significant secure passwordless capabilities that RSA has recently released. These include QR code-based authentication, an expanded access policy for ID Plus that provides greater support for passwordless across the platform, and the DS100, the only dual-protocol authenticator solution combining both FIDO2 software and OTP hardware authentication in one device.

“The only obituary I ever want to read is the one that’s written for passwords,” said RSA Chief Product and Technology Officer Jim Taylor. “We know how security-first enterprises operate, and we know why they’ve historically questioned whether passwordless is secure enough for enterprise use. They’re right to wonder—not all passwordless authentication is created equal. Organizations need secure passwordless capabilities that cover all users and use cases.”

RSA Launches 2024 ID IQ Survey

Launched today, the 2024 RSA ID IQ Survey asks users to assess their organizations’ identity security architecture, quantify the costs of identity-related data breaches, predict AI’s cybersecurity potential, and more. Responses will be kept confidential and aggregated into a report detailing the main findings.

“The tech industry shapes identity, and identity shapes the world,” said RSA CMO Laura Marx. “We’re launching the 2024 RSA ID IQ Survey because the rise of AI, escalating threats, and the quest for passwordless are fundamentally changing identity—and our research will demonstrate the new risks, opportunities, and realities that will result from that change.”

The 2023 RSA ID IQ Report received more than 2,300 responses from across more than 90 countries and found that 9 in 10 respondents believed that AI would have a significant role in improving identity security.

Resources

NIST CSF 2.0 Implementation Guidance Solution Brief

Cyber Resilience in the Age of AI | Rohit Ghai video

Complete the 2024 RSA ID IQ Survey

Learn more about ID Plus

DS100 Data Sheet

About RSA

The AI-powered RSA Unified Identity Platform protects the world’s most secure organizations from today’s and tomorrow’s highest-risk cyberattacks. RSA provides the identity intelligence, authentication, access, governance, and lifecycle capabilities needed to prevent threats, secure access, and enable compliance. More than 9,000 security-first organizations trust RSA to manage more than 60 million identities across on-premises, hybrid, and multi-cloud environments. For more information, go to RSA.com.