How likely is an organization to have misconfigured multi-factor authentication (MFA) settings?

Identity & Access Management (IAM)Threat & Vulnerability Management

Very likely6%

Likely42%

Somewhat likely22%

Somewhat unlikely15%

Unlikely11%

Very unlikely2%

Unsure

584 PARTICIPANTS

3.6k views1 Upvote1 Comment

Sort by:

CTO in Software4 years ago

The "basics" of MFA are usually straightforward and not very challenging to get right. The challenging part is what happens next, I often refer to it as "operationalizing" security - driving adoption and awareness, providing training, controlling configuration drift, etc.

Content you might like

Where are you vulnerable to cyber attacks? Select all that apply.

Weak multi-factor authentication (MFA)29%

Errors in assigning the correct access permissions42%

Out-of-date software55%

Weak security controls on VPN22%

Lack of strong password policies22%

Unprotected cloud services36%

Susceptibility to phishing attempts21%

Insufficient endpoint detection & response (EDR) capabilities12%

Other (please list in the comments)

View Results

Has your organization experienced any impact (direct or indirect) from the executive orders aimed at government spending? Were you able to do anything to plan ahead for this? What precautionary steps should one be taking?

How often do you survey your organization for new, emerging risks? My company currently does quarterly surveys and I am contemplating dropping it down to 2x/year. Appreciate the insights!

When it comes to the vulnerability management process, where can current AI capabilities provide the most value? Have you had success with using AI-enabled tools specifically for deduplication, false positive reduction, prioritization, etc.?

What is the most difficult stage of IoT security?

Hardware-based security (TPM)21%

Public key infrastructure (PKI) for cert-based identity57%

Identity onboarding at manufacturer15%

Integration with the cloud5%