Cyber coverage and MFA


Multi-factor Authentication (MFA) is now required by most cyber insurers.  Many insureds are discovering that without MFA in place, they are unable to obtain Cyber Liability coverage. 

Authentication is a process of verifying that a user’s identity is genuine. MFA verifies user identity by requiring that two or more pieces of information be provided. To access online services a member organization may require that employees provide an additional a pin or a password, confirmation by text on their phone or a fingerprint or scan.

According to a recent article by the Cybersecurity and Infrastructure Security Agency (CISA), Microsoft users who enable MFA are 99% less likely to get hacked. In fact, implementing MFA makes it more difficult for a threat actor to gain access to information systems, such as remote access technology, email and billing systems.

For more information on MFA or other cybersecurity best practices, please reach out to your Preferred Loss Control consultant and visit the CISA website.

Skip to content