Multi-Factor Authentication & Your Business 

Cyberattacks against businesses continue to surge. In 2020, the FBI reported cybercrime incidents are up 70% and the costs organizations may face are crippling. The average ransom payment alone is $155,000 which does not include the additional expenses associated with business downtime, systems restoration, and reputational harm.

While there is no silver bullet to protect yourself against these evolving threats, Multi-Factor Authentication (MFA) has become a fundamental control every business should have in place. In fact, MFA can block as much as 99.9% of cyberattacks. MFA is an electronic authentication method requiring two or more security factors to be successfully verified prior to granting access to a system or network. The best practice is to implement MFA for remote network and email access, as well as local administrative and privileged access.

Why Does MFA Matter?

The sophistication of hackers and cybercriminals makes it relatively easy to steal a valid user’s login credentials. However, if you require more security access factors, the attackers need to steal more credentials. For example, a user falls victim to a phishing scheme and gives up their username and password to a cybercriminal. With this information, they now have everything they need to infiltrate your systems. If you have MFA, the attack will fail unless the criminal is also able to physically steal that user’s smartphone which would take significantly more work and reduces the likelihood your network will become compromised.

What Are Next Steps?

While even the best cybersecurity protocols cannot prevent every situation, enabling MFA has become critically important to stay resilient from cyber threats and is one of many best practices, in addition to regularly testing and securing backups, remote access management, and periodic employee training on social engineering and business email compromise. If you think your organization lacks proper coverage, you’re not alone. Our Holmes Murphy team can guide you to additional resources to make sure your cyber risk management program is comprehensive around prevention, mitigation, and financial protections.

  • Enable MFA: Collaborate with your organization’s leadership and IT department to determine the best course of action to implement MFA for remote, local, and privileged access.
  • Engage Cybersecurity Specialists: If you need guidance selecting the right third-party cybersecurity service provider, Holmes Murphy has a proven network of vendors and can help you get connected.
  • Secure Insurance: More than ever, now is the time to make sure you have a robust and up-to-date cyber insurance policy. Remember, many cyber insurance policies may offer you free expert consultations, discounted software services, and other risk reduction tools at no additional cost.

Evolution of the cyber threat landscape and cyber insurance carriers experiencing record losses has led to a recalibration of cyber insurance underwriting. Because of this, Holmes Murphy is taking a proactive approach to help our clients gain an understanding of the current marketplace and assist in determining a course of action leading up to your renewal. This led to the creation of our Cyber Questionnaire — a resource intended to identify areas of cybersecurity success and opportunities for improvement within your organization. To learn more about the Cyber Questionnaire and next steps, feel free to reach out to us. It’s a sensitive time, and we’re here to help.

For more information,

contact Gerald Johnson


or 515-223-6826