T-Mobile promises to try not to get hacked again

Corporate management – T-Mobile's Chief Information Security Officer will provide regular reports to the Board of Directors on T-Mobile's cybersecurity posture and the business risks posed by cybersecurity. This is a basic requirement for all well-run companies. Corporate boards need both transparency and cybersecurity expertise to govern effectively. This commitment ensures that board visibility on cybersecurity remains a top priority moving forward.

Modern zero trust architecture – T-Mobile has agreed to move to a modern zero trust architecture and segment its networks. This is one of the most important changes companies can make to improve their security posture.

Robust identity and access management – T-Mobile is committed to broadly adopting multi-factor authentication methods across its network. This is a crucial step in securing critical infrastructure such as our telecommunications networks. Abusing authentication methods, such as revealing, stealing, or intentionally selling credentials, is the most common cause of security breaches and ransomware attacks. Consistent application of proven identity and access methods does more to improve cybersecurity than almost any other single change.