In this episode of Cash in the Cyber Sheets, we continue our Dirty 13 series by tackling one of the most overlooked yet critical security gaps: MFA (Multi-Factor Authentication). While MFA is one of the strongest tools for securing accounts, its effectiveness plummets if it's not implemented or configured correctly.

We’ll discuss the common pitfalls of MFA neglect and dive into best practices that can keep your organization secure:

- The importance of break-glass accounts and how to set them up safely.
- Why storing OTPs or recovery keys in your password manager is a risk.
- Backup strategies for lost devices and how to avoid single points of failure.
- The advantages of hardware authenticators like YubiKeys over SMS or email-based MFA.
- How to safeguard your MFA strategy against phishing, SIM-swapping, and other vulnerabilities.

Don’t miss this actionable guide to doing MFA right. Whether you’re an IT pro or a business leader, this episode is packed with insights to strengthen your security posture.

Looking for more details?
Check out our companion article: "Information Security Policies: Multifactor Authentication Best Practices", where we expand on everything discussed in the episode. Perfect for sharing with your team or referencing during your next security review.

Read More: Information Security Policies: Multifactor Authentication Best Practices

In this episode of Cash in the Cyber Sheets, we are joined by Bryan Barnhart from Infiltration Labs to discuss the critical importance of incident response planning. Together, we explore Bryan’s extensive experience in the field, dive into best practices for effective incident response, and examine evolving trends that are making incident response plans a mandatory part of organizational security strategies. Whether you’re building your first plan or refining an existing one, this conversation offers valuable insights into staying prepared in today’s dynamic cybersecurity landscape.

From the 'Dirty 13' series, this episode tackles one of the most pervasive cybersecurity issues: poor password management. Join us as we explore the risks of sharing, reusing, and creating weak passwords—and share six simple steps to strengthen your security.

Learn how to safeguard your accounts and reduce vulnerabilities. Don’t miss out on practical tips and expert insights!

Want quick tips on how to make a really strong password? Download our infographic:

How to Make a Really Strong Password - 6 Quick Steps Infographic

Learn more about password best practices. Check out our blog:

What's a Good Password? Security Best Practices for Creating Smarter, Stronger, and Less Annoying Passwords

Explore more topics from the Cash in the Cyber Sheets - Dirty 13 series:

Small businesses across the U.S. are caught in a whirlwind of confusion as the Corporate Transparency Act (CTA) faces ongoing legal battles. With reporting requirements for Beneficial Ownership Information (BOI) being halted, reinstated, and halted again, where does this leave business owners? In this episode, we unpack the legal tug-of-war over the CTA, explore what this means for small businesses, and provide actionable insights to navigate the uncertainty. Whether you're a small business owner or a compliance professional, this episode is your guide to staying ahead in a turbulent regulatory landscape.

Read more on the Input Output blog at:

https://www.inputoutput.com/blog/legal-battle-over-boi-reporting

In this solo episode of Cash in the Cyber Sheets, we dive deep into the reinstatement of Beneficial Ownership Information (BOI) reporting requirements under the Corporate Transparency Act (CTA). With recent legal twists, including a federal injunction and a subsequent court decision lifting it, businesses are facing a fresh wave of compliance obligations.

We’ll walk you through:

Whether you’re a small business owner scrambling to meet the new deadlines or just someone curious about how the U.S. is tackling corporate transparency, this episode has everything you need to know. And yes, there’s some dry humor sprinkled in to keep things lively—because financial compliance shouldn’t feel like a life sentence (even if non-compliance might).

Don’t miss it—your business (and wallet) will thank you.

In this episode, James continues the “Dirty 13” series, tackling one of the most common and costly audit findings: poor data classification.

Without a structured approach to labeling and protecting data, organizations are left vulnerable to security breaches, compliance failures, and wasted resources.

Join James as he explores:

Data classification isn’t just a security checkbox—it’s a strategic tool that can save your organization time, money, and risk.

Want to go deeper? Check out our accompanying blog article for a more detailed look at strategies, frameworks, and tools to strengthen your classification practices.

Why Poor Data Classification is a Cybersecurity Risk Your Company Can’t Ignore

Explore more topics from the Cash in the Cyber Sheets - Dirty 13 series:

In this episode of our Dirty 13 series, we dive into one of the most overlooked yet critical audit findings: poor backup practices. While backups are a cornerstone of data security and business continuity, many financial firms struggle to implement them effectively. From backups stored on the same systems they’re meant to protect to schedules that fail to meet regulatory retention requirements, we explore the most common failures—and their serious consequences.

We’ll also discuss:

Join us for actionable insights and practical strategies to strengthen your backup approach and avoid these all-too-common pitfalls. Don't let a poor backup strategy put your business at risk—tune in now!

Read more about these backup failures, and their remedies at:
Data Backup: Six Common Backup Failures That Can Derail Your Business

Listen, learn, and take action.

Explore more topics from the Cash in the Cyber Sheets - Dirty 13 series:

In this episode, we explore the recent court decision blocking enforcement of the Corporate Transparency Act’s reporting requirements. We break down what the CTA entails, why it faced legal challenges, and how this ruling impacts small businesses nationwide. Discover how this decision protects privacy, reduces regulatory burdens, and what it means for the future of small business compliance.

In this special Thanksgiving episode of Cache in the Cyber Sheets, we take a moment to step back from the usual technical deep dives and focus on the theme of gratitude. As cybersecurity professionals, we operate in a fast-paced, high-stakes environment, often facing immense pressure and increasing scrutiny. Yet, amidst the challenges, there's so much to appreciate.

In this episode, we:

1. Reflect on the critical work of cybersecurity teams who keep systems secure, recover from incidents, and drive innovation under intense pressure.

2. Explore how artificial intelligence has sparked more robust conversations around data security and compliance, shining a necessary spotlight on key issues.

3. Discuss the personal and organizational impact of fostering a culture of gratitude, including practical methods to integrate thankfulness into everyday workflows and meetings.

4. Share insights into how gratitude can enhance teamwork, build relationships, and improve workplace morale.

We also provide actionable tools, including a list of 20 ways to express gratitude to partners and employees, and templates to help you get started. Whether it’s calling out a colleague for their extra effort or expressing appreciation to vendors, gratitude has the power to transform how we work and lead.

Grab them here:
20 Ways to Show Gratitude & 4 Email Templates

Tune in as we dive into the profound ripple effect gratitude can have—both in the cybersecurity industry and in our personal lives.

In this episode of Cash in the Cyber Sheets, we dive deeper into the Dirty 13—the most common findings from information security audits. From daisy-chained power strips to sticky-note passwords, we unpack how these seemingly simple issues pose serious risks. Building on our latest blog, we highlight overlooked physical security controls, legal hazards like unmaintained fire extinguishers, and the dangers of unsecured visitor access. Tune in for practical tips, real-world examples, and a few laughs as we explore how to address these low-hanging fruits before they lead to high-stakes consequences.

Read more at:
The Dirty 13: The Most Common Audit Findings in Physical Information Security

Explore more topics from the Cash in the Cyber Sheets - Dirty 13 series: