New York State cybersecurity regulations, specifically 23 NYCRR Part 500, have recently been revised to require comprehensive cybersecurity programs, risk assessments, and specific security measures for regulated industries. The regulation mandates multifactor authentication (MFA) to safeguard platforms, organizations, and end-users against identity attacks. Financial institutions must implement MFA for any individual accessing internal systems from an external network unless approved by the Chief Information Security Officer. To comply with these regulations, organizations can use Twilio Verify, a purpose-built API that offers various channels for MFA experiences, including SMS OTPs, authenticator apps, and push authentication. By implementing MFA, financial institutions can strengthen their defenses, improve security posture, and reduce the risk of unauthorized access and potential breaches.