Security
Go to Okta.com ↗

Brett Winterford

Brett Winterford
Regional CSO, Okta APJ

Brett Winterford is the regional Chief Security Officer for Okta in the Asia Pacific and Japan. 
He advises business and technology leaders on evolving threats and helps them harness advances in identity technology to drive business outcomes and mitigate risk.
Prior to Okta, Brett held a senior security leadership role at Symantec, and helmed security research, awareness and education at Commonwealth Bank.
Brett is also an award-winning journalist, having long ago been the editor-in-chief of iTnews Australia and a contributor to ZDNet, the Australian Financial Review and the Sydney Morning Herald. Most recently, he was the founding editor of the Srsly Risky Biz newsletter, a companion to the Risky Business podcast, providing the cybersecurity, policy, defense and intelligence communities with a weekly brief of the news that shapes cyber policy. 

Brett Winterford

Protecting Administrative Sessions in Okta

Privileged users have always been and should always expect to be under constant attack from motivated adversaries. Over the last 90 days, Okta has devoted many of our most skilled resources into a program of work that dramatically hardens the Okta Admin Console, resulting in a number of new features, a subset of which are listed below. New Feature Description Availability ASN Session Binding Okta automatically revokes an administrative session...

Read more
Brett Winterford

Go “Secure by Default” With Custom Admin Roles for IT support staff

The Takeaway: Creating custom roles for your help desk staff supports a “least privilege” approach. In late August, Okta’s Defensive Cyber Operations team outlined a social engineering campaign in which a target’s IT support staff - that is, the team responsible for common help desk tasks, were tricked into resetting the authenticators of users with the most privileged roles in an organization.  One of the many recommendations made in response to this event was to constrain the permissions of...

Read more
Defensive Cyber Operations and Brett Winterford

An Unexpected Endorsement for WebAuthn

Okta Security endorses phishing resistant authentication at every opportunity. We’ve long argued enrolling users in Okta FastPass, FIDO2 WebAuthn authenticators or Smart Cards, and enforcing phishing resistant authentication flows will: Protect users against real-time phishing proxies and other forms of session hijacking. Solve for far more attacks than simply adding Number Challenge to Push notifications to defeat MFA Fatigue. Offer detection opportunities via System Log and the automation...

Read more