Tech & Gadgets

Why MFA Alone Is Not Enough: The Critical Role of Security Awareness Training

The evolving and sophisticated nature of phishing campaigns has made email-borne cybersecurity threats more effective than ever before at penetrating organizations. Credential phishing was the threat of choice in 2023, accounting for 91% of active published threat reports. This represented a 67% increase in volume compared to 2022, which can be attributed to the increased effectiveness of cyberattacks that abuse stolen credentials, particularly in environments without robust Multi-Factor Authentication (MFA).

One example of this is the cyberattack on Change Healthcare, where stolen credentials were used to gain access to a server that lacked MFA. This absence was attributed to the company’s recent acquisition by UnitedHealth, which was in the process of upgrading its systems. This breach exposed the sensitive health data of millions of Americans, underscoring the critical need for basic cyber hygiene, including robust password management and MFA.

Max Gannon

Team Manager Cyber ​​​​Intelligence at Cofense.

Going beyond MFA and unique passwords

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
situs toto toto 4d rupiahtoto toto slot