Yubico, the Swedish-founded company behind the hardware-backed passkey YubiKey, has officially become a member of the European Cyber Security Organisation (ECSO). This strategic alliance is set to boost efforts in advancing phishing-resistant authentication and modern digital identity standards across Europe, at a time when identity-based cyber threats are escalating.
The membership arrives as European organisations grapple with a significant increase in sophisticated credential-based attacks, which are increasingly bypassing traditional passwords and less secure multi-factor authentication (MFA). With AI-driven phishing attacks targeting digital identities reportedly surging over 200% in Europe, the collaboration between Yubico and ECSO aims to provide a more robust defence for businesses, governments, and critical infrastructure.
Dr Joanna Świątkowska, secretary general at ECSO, highlighted Yubico's expertise in authentication and identity protection as crucial for ensuring Europe's digital sovereignty. Yubico, founded in Sweden in 2007, maintains its European headquarters and manufacturing in Stockholm, underscoring its deep European roots despite its global operations across 160 countries.
The partnership will focus heavily on education and best practices, encouraging the wider deployment of modern, hardware-backed passkeys like the YubiKey. This initiative seeks to replace insecure legacy MFA methods and establish clearer accountability chains within automated enterprise environments. This aligns with broader European cyber policy shifts, including the ongoing momentum around European Digital Identity (EUDI) wallets, where Yubico has been instrumental in advocating for hardware-backed, phishing-resistant passkeys.
Jerrod Chong, chief executive officer at Yubico, emphasised the company's commitment to European security and digital sovereignty, citing its presence in countries like France, Germany, and the UK. The collaboration with ECSO is expected to help organisations responsibly scale passwordless authentication, close the identity verification gap, and secure both human and non-human identities across enterprises.