MFA Pass or Fail? How CISA, PCI, and the FBI Are Auditing MFA

This video highlights the recent changes in public and private sector cybersecurity regulations impacting MFA implementations. We'll explore new benchmarks for authentication methods, examine how some regulations have raised acceptable tokens and methods standards, and discuss the implications for organizations moving forward.

Additionally, we'll discuss how organizations can achieve enhanced security while simplifying the end-user experience by leveraging passwordless authentication methods such as Certificate-Based Authentication and FIDO2 standards.

Viewers will learn💡

👉 How organizations like the FBI, PCI SSC, and CISA have updated their MFA recommendations to counter advanced threats.

👉 Why certain authentication methods—such as one-time passwords (OTPs), push notifications, and out-of-band messages—are now considered less secure and may not meet current compliance standards.

👉 The role of frameworks like FedRAMP and CMMC in guiding federal agencies and departments, including their limitations.

👉 How implementing passwordless authentication using certificate-based authentication CBA and FIDO2 can enhance security while simplifying end user experiences.

Most importantly, attendees will discover how to strengthen their existing IAM/PAM/VPN and other systems with updated, robust credentials, future-proof their authentication strategies, and ensure compliance in upcoming audits.

Follow on LinkedIn:
Axiad - / axiad-inc
Michael Thelander - / michaeljthelander

Learn more about Axiad: