That’s it, no post right now.
My tips this week are:
Get rid of all your static admin creds
Add step up authentication for all admin ACTIONS
Add adaptive MFA to your authentication to detect abnormal MFA activity
Have admin users use SEPARATE credentials for everyday access vs Admin Access
Here’s an excellent video by Marcus to help illustrate: