MFA

New York's cybersecurity regulation for financial services requires covered entities to maintain comprehensive security programs including CISO designation, MFA, encryption, and incident reporting. The 2023 amendments are fully effective as of November 2025.

HHS proposed sweeping changes to the HIPAA Security Rule in January 2025, eliminating the addressable vs. required distinction and mandating encryption and MFA. Finalization targeted for May 2026.

A practical guide to implementing identity and access management (IAM), covering authentication, authorization, privileged access, lifecycle management, and Zero Trust identity principles.

A credential theft campaign targeting Snowflake customer accounts without MFA resulted in data theft from over 165 organizations including Ticketmaster, AT&T, Santander, and Advance Auto Parts.