Federal cybersecurity: Advancing phishing-resistant MFA

Staff Editor 2026-05-27
Federal cybersecurity: Advancing phishing-resistant MFA

Federal cybersecurity: Advancing phishing-resistant MFA

https://insights.samsung.com/2026/05/27/advancing-phishing-resistant-mfa/

Publish Date: 2026-05-27 11:00:00

Source Domain: insights.samsung.com

Identity threats are rising across federal cybersecurity, highlighting the need for agencies to evolve beyond legacy multifactor authentication (MFA) to minimize cyberattacks.  

According to the Cybersecurity and Infrastructure Security Agency (CISA), more than 90 percent of successful cyberattacks start with a phishing scheme. These identity-driven attacks continue to challenge traditional, perimeter-based defenses and are prompting federal agencies to adopt phishing-resistant MFA as a baseline. 

As missions become more distributed, agencies must enable trusted access wherever work happens without weakening assurance. To support these zero-trust access strategies, Samsung partners with federal agencies to enable an identity-first posture and provide a baseline platform for Zero Trust security architectures.  

The foundation of zero trust

Federal Zero Trust guidance emphasizes that agencies should initially focus on identity management as the central component of any zero-trust policy decision. In fact, the Office of Management and Budget’s M-22-09 mandates continuous verification of users, devices and sessions across all access requests. Similarly, NIST Special Publication 800-63-3 defines how digital credentials must be proven, authenticated and managed across their lifecycle. To achieve this level of identity confidence through continuous verification, agencies must first ensure that the initial starting point for every access decision is backed by high-assurance, phishing-resistant authentication.

Beyond traditional MFA

Modern attacks often focus on users over the infrastructure itself. Phishing enables bad actors to bypass traditional controls completely by masquerading as an internal member. Once an adversary can successfully impersonate a user, they leverage valid permissions to access corporate data without triggering traditional security controls. This makes credential compromise the most efficient path into federal…

Source

More Stories

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Staff Editor 2026-06-06
Franklin Student is a Cyber Security Champ at Bridgewater State

Franklin Student is a Cyber Security Champ at Bridgewater State

Staff Editor 2026-06-06
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy