Senior Sales Engineer / Solutions Engineer

Yubico, a provider of hardware authentication security keys, has appointed Poupak Enbom as chief marketing officer. The company, which trades on Nasdaq Stockholm, created the YubiKey and co-developed authentication standards including FIDO2 and WebAuthn. Enbom brings cybersecurity and identity security experience, having led global go-to-market organisations across sales and marketing. At Yubico, she will oversee global marketing and business development, focusing on hardware-backed authentication and passwordless adoption as organisations address AI-driven security threats. Founded in 2007 and headquartered in Stockholm, Santa Clara and Singapore, Yubico's technology secures users in over 160 countries. The company has been recognised by TIME as one of the 100 Most Influential Companies and by Fast Company as amongst the Most Innovative Companies.

YubiKey as a service expands enrolment options. 24 Mar 2026 Quick Read Summary is AI-generated, newsdesk-reviewed * Yubico expands YubiKey enrolment services to enhance phishing resistance and passwordless security. * New Enrolment app and SDK simplify YubiKey deployment for Microsoft and PingID environments. * Flexible options allow enterprises to integrate YubiKey directly into existing workflows. Yubico, a well-known player in the cybersecurity landscape and the creator of the YubiKey, has unveiled an expansion of its Enrolment services at the RSA Conference. These services, provided exclusively through YubiKey as a Service, now encompass new options for seamless and secure enrolment of YubiKeys in Microsoft and PingID environments. This development aims to expedite the shift towards phishing-resistant, passwordless authentication while customising and securing the EntraID and PingOne PingID registration and account recovery processes. Broadening Enrolment services. As part of its strategy to broaden Enrolment services, Yubico has introduced a new Enrolment app, YubiKey as a Service - Enroll. Currently in Limited Early Access for Android users, this app will be refined with feedback from enterprise clients and eventually released as both a standalone app and an SDK. These tools are designed to facilitate a tailored onboarding experience for IT and HR staff, streamlining the process for new users. Tackling cybersecurity threats. Yubico offers several enrolment solutions to suit different organisational requirementsAlbert Biketi, Yubico's chief product and technology officer, commented on the urgency of this initiative, stating, "As cyber attacks become more sophisticated, organisations are increasingly seeking faster ways to eliminate passwords and protect users from phishing-based credential theft." The enhanced YubiKey as a Service provides IT and business managers with simplified methods for enrolling and recovering YubiKeys, integrating easily into existing workflows for a swift transition to passwordless security measures. Versatile enrolment solutions for enterprise needs. Yubico offers several enrolment solutions to suit different organisational requirements. Clients can opt for a fully managed service with pre-configured YubiKeys or utilise an app or SDK onsite, empowering IT and non-technical personnel to enrol YubiKeys on behalf of users. The FIDO Pre-reg service delivers factory-programmed YubiKeys directly to employees, facilitating immediate passwordless access and is available with Okta and Versasec, with Microsoft supporting Early Access. Technological options for enrolment. The YubiKey as a Service - Enroll app and SDK simplify user registration and recovery of YubiKeys, allowing organisations to embed these processes into their existing applications. This offering is in Limited Early Access for customers using Microsoft and Ping Identity. Another tool, YubiEnroll, is a free command line interface allowing technical teams to quickly enrol YubiKeys for distribution, particularly where turnkey delivery isn't available. Highlights of the Enrolment services expansion. * Secure, straightforward setup from any location with Yubico handling backend provisioning. * End-to-end encryption ensures all data used in key configuration is secure and tamper-proof. * Various delivery options include direct shipping or using logistics partners for global fulfillment. * Automatic tracking of enrolment and activation events supports compliance and oversight. * Keys can be reset and reassigned efficiently when employees change roles or leave. By integrating adjustable enrolment choices with hardware-secured phishing resistance, YubiKey as a Service empowers enterprises to deploy robust authentication across global operations while maintaining comprehensive governance and control. The YubiKey as a Service - Enroll app's development will continue through early feedback, ensuring it meets the needs of SMS and PingID systems effectively.

Securing agentic AI: why automation still needs human oversight. Sheryl Chamberlain March 19, 2026 Co-authored with Naveen Kaul, IBM Consulting, partner and global IAM leader, IBM Across industries, organizations are entering a new era of productivity powered by AI agents - systems capable of analyzing data, executing workflows and making decisions at unprecedented speed. From financial operations to software development and enterprise knowledge management, AI is becoming a digital workforce that can operate alongside humans. But as automation accelerates, these threats expose a dangerous possibility that an AI agent operating with valid credentials could execute high-risk actions at machine speed, without meaningful human oversight. This brings an important question for leaders across technology, finance and risk: How do Yubico Inc. ensure automation moves at machine speed without compromising trust, governance or accountability? The answer lies in a new model of Human-in-the-Loop authorization - one that allows AI to act autonomously in most cases, but requires cryptographically verified human approval when the stakes are high. Yubico Inc. is excited to partner with IBM and Auth0, forming a powerful partnership to secure agentic applications and harness the power of AI while ensuring trust and governance for high-risk actions. Together, Yubico Inc. ensure that products are secure by design so teams can move AI agents from pilot to production with confidence - solving the 'autonomy vs. accountability' gap through Asynchronous Authorization, using Human-in-the-Loop approvals to bridge that final mile of trust. AI agents as 'digital workers': the power and risk of agentic AI. AI agents are no longer limited to answering questions - they can take action across enterprise systems. Imagine the possibilities this brings organizations: * Developers using AI agents to write, review and deploy code across large software environments * Treasury teams using AI to analyze liquidity and initiate financial transfers across global accounts * Legal and compliance teams accessing sensitive internal documents through AI-powered workflows * Procurement systems automatically approving vendors and executing payments * Security teams using AI to orchestrate incident response across multiple systems These capabilities promise dramatic improvements in speed, productivity and decision-making - but they also introduce a new challenge. AI agents are becoming what security leaders call "digital workers." They operate with legitimate credentials, interact with sensitive systems and increasingly have the authority to execute real actions. This raises a fundamental governance question: How do organizations prove that the right human intervened or authorized critical decisions made by AI? Speed without trust becomes a liability. The cyber threat landscape showcases the growing security pressure facing organizations adopting AI-driven workflows: * 87% of organizations reported that the risk associated with AI vulnerabilities has increased * 85% of security professionals feel that traditional detection approaches are obsolete * 77% of organizations lack foundational data and AI security practices The risks that automation brings to specific groups is widespread, impacting individuals across an organization. As Yubico Inc. consider these risks, there are a few important implications: * In financial systems, that could mean increased fraud with unauthorized transfers. * In development environments, it could mean untested code entering production Or, if a developer uses agents to write and deploy code at scale, risks include the accidental deletion of a production environment. * In enterprise knowledge systems, it could mean extraction of sensitive data. Traditional identity systems were never designed for this model because they assume a simple flow: Human authenticates and authorized | system grants access | action occurs But when AI agents act autonomously, the identity layer must answer a more complex question: Who authorized the action, and can Yubico Inc. prove it? The 'Human-in-the-Loop' model: A powerful new architecture for trusted AI. The solution is not to slow down AI or require humans to approve every action. Instead, organizations must identify specific categories of actions where human authorization is required. For example: * Financial transfers above a defined threshold * Transactions involving new counterparties * Access to highly sensitive documents or intellectual property * Deployment of production code in critical systems * Security actions that could affect system availability In these cases, human authorization becomes a structural control - not a workflow preference. And it must be enforced cryptographically, not simply recorded in logs after the fact. This is where the collaboration between IBM, Auth0 and Yubico establishes a powerful model for governing agentic AI systems. Together, these technologies create a workflow that combines AI speed with human accountability. This capability unlocks countless new enterprise use cases and frees up a wide range of personas who can achieve superhuman levels of productivity and efficiency without undermining the integrity of a process and outcome. * IBM brings AI Intelligence to the forefront and drives efficient workflows * IBM's WatsonX AI agents analyze data, reason through tasks, and propose actions within enterprise workflows. Each action flows through a policy-driven consent engine that evaluates whether additional authorization is required. For routine operations, the AI proceeds automatically and for high-risk actions, the system escalates. * Auth0 enables identity orchestration for better decisions and outcomes * When escalation occurs, Auth0's identity orchestration layer initiates a secure approval flow using the Client-Initiated Backchannel Authentication (CIBA) standard. This process sends a secure, out-of-band request directly to the authorized human decision maker. The request includes rich authorization details, such as "Approve $500,000 transfer to Vendor X." The decision maker can review the request and approve or reject the action. * Yubico delivers the hardware-backed root of trust, ensuring the right human is in the loop * For the high-value, high-risk or high assurance actions, authorizations would require a trusted and authenticated human to authorize a workflow using a hardware-backed root of trust - the YubiKey. The authorized user must physically tap the key, creating cryptographic proof of presence, ensuring that: * The approving individual is physically present * The authorization cannot be replayed or remotely manipulated * The approval is tied to a specific verified identity In effect, the YubiKey becomes the final human controlled point protecting critical enterprise actions. This creates strong guarantees for regulatory compliance, risk management, financial accountability and business continuity. Most importantly, it provides non-repudiation - the clear proof that a specific, verified human authorized the action. Building the autonomous future securely and responsibly. The next wave of enterprise productivity will be driven by AI agents capable of acting and not just advising. They will write code, execute transactions, approve workflows and orchestrate decisions across complex systems. And the real question facing leaders will no longer be: "Can we automate this?" It is now: "How do we govern automation responsibly?" By combining IBM's AI orchestration, Auth0's identity flows and Yubico's hardware-backed security keys, organizations can enable AI-powered automation while ensuring that the right human remains in control and authorizes critical decisions. The result is a new foundation for the autonomous enterprise - AI operating at machine speed, secured by human trust. If you're attending RSAC, don't miss its session in person or on-demand on Tuesday, March 24 at 5:00pm in the North Expo Briefing Center. Yubico and IBM will explore how to build trusted identity, achieve cyber resilience, and ensure business continuity with an efficient, secure passwordless strategy in the modern cyber age of AI-powered threats.