How likely is an organization to have misconfigured multi-factor authentication (MFA) settings?

Identity & Access Management (IAM)Threat & Vulnerability Management

Very likely6%

Likely44%

Somewhat likely23%

Somewhat unlikely13%

Unlikely8%

Very unlikely3%

Unsure

583 PARTICIPANTS
3.5k viewscircle icon1 Upvotecircle icon1 Comment
Sort by:
CTO in Software3 years ago

The "basics" of MFA are usually straightforward and not very challenging to get right. The challenging part is what happens next, I often refer to it as "operationalizing" security - driving adoption and awareness, providing training, controlling configuration drift, etc.

Content you might like

Any tips for evaluating/implementing solutions for application detection and response? What’s your experience been like with these tools so far?

Is cybercrime a more lucrative career than becoming a cybersecurity professional?

Yes61%

No32%

Not Sure5%

View Results

How are you currently leveraging your cyber-risk quantification methodologies at your organization?

Prioritizing cyber risks43%

Communicating to risk owners64%

Communicating to C-Suite56%

Communicating to Board24%

Aligning cyber risks with other risk practices15%

View Results

What models are in place for risk partners based in Line 2? What are the jobs to be done? How do they operate? What does the structure/operating rythms look like?

Read More Comments

As organizations deploy LLMs and other AI systems, how do you recommend security teams address risks such as data leakage, prompt injection and adversarial manipulation? What frameworks or practices should be prioritized to make AI security programs resilient from day one?