Double Down on Cybersecurity: Why Multifactor Authentication Matters

Sometimes, it only takes one weak password to open the door to a significant cyber incident.

In one case highlighted by Verizon’s Data Breach Investigations Report, the lack of enforced multifactor authentication (MFA) gave cybercriminals the opportunity they needed. Using stolen credentials, a financially motivated actor gained access to a system filled with high-value data. Combined with outdated password policies and a bit of bad luck, it created the perfect storm for a cyberattack. The lesson is clear: turning on MFA can make all the difference. By adding one simple step to your login process, you can stop most unauthorized access attempts before they start.

Your Digital Double Lock

Think of MFA, also known as two-step verification or two-factor authentication, as a second lock on your digital door. Even if someone steals your password, they still need another form of verification to get in.

Enabling MFA is quick and straightforward:

Turn it on across your accounts and devices using an authenticator app or your mobile phone.
Choose your method—you might enter a code sent by text or email, or use biometric verification such as a fingerprint or face scan.

Whenever you see the option to enable MFA, take it. It is one of the easiest and most effective ways to protect your email, financial accounts, social media, and identity.

Cyber Awareness: The First Line of Defense

Technology helps, but awareness and education are just as important. That is why CIRMA offers a Cyber Webinar Series to help members strengthen their cybersecurity knowledge. These sessions cover practical topics such as creating strong passwords, spotting phishing attempts, enabling MFA, and protecting sensitive data.

CIRMA also supports national efforts from organizations such as the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance, both of which promote Cybersecurity Awareness Month each October. Their free online materials, including training videos and downloadable guides, offer helpful advice for building stronger cyber habits.

Training That Fits Your Schedule

Protecting your organization does not have to be complicated or time-consuming. CIRMA’s exclusive online training and education platform gives members 24/7 access to e-learning resources on cybersecurity and other essential risk management topics. Has your municipality or school board taken advantage of these opportunities? Contact your CIRMA Risk Management representative to get started and learn more about CIRMA’s Cyber Webinar Series, available through the Vector Solutions platform.

This training resource helps employees understand cyber risks, prevent costly incidents, and build a stronger culture of cybersecurity awareness.

One Simple Step, Lasting Protection

Cyber threats are constantly evolving, but your defenses can evolve too. By enabling multifactor authentication, staying informed, and encouraging regular employee training, you can significantly reduce the risk of cyberattacks. Small actions, like turning on MFA, can have a significant impact. Together, we can build a safer and more secure digital community for everyone.

Additional Resources:

CISA

Secure Our World: https://www.cisa.gov/secure-our-world

Turn on MFA: https://www.cisa.gov/secure-our-world/turn-mfa

Stay Safer with Multifactor Authentication: https://www.cisa.gov/sites/default/files/2024-09/Secure-Our-World-MFA-Tip-Sheet.pdf

National Cybersecurity Alliance

Enable MFA: Your Online Security Seatbelt https://www.staysafeonline.org/events/enable-mfa-your-online-security-seatbelt

National Cybersecurity Alliance: Cybersecurity Awareness Month: https://www.staysafeonline.org/cybersecurity-awareness-month

Verizon 2025 Data Breach Investigation Report

https://www.verizon.com/business/resources/T94f/reports/2025-dbir-data-breach-investigations-report.pdf

Cyber Resources Created for CIRMA Members: