81% of data breaches use hacked passwords
Four out of five data breaches last year involved compromised credentials, according to the 2017 Verizon Data Breach Investigations Report.
The number of data breaches arising from weak or stolen passwords has jumped in the last three years from 50% to 81%.
“This alarming trend clearly illustrates that today’s security isn’t working,” said Centrify’s senior director of APAC sales, Niall King, whose company provides security services based on identity.
“Cybercriminals find the path of least resistance to their target and today that path leads straight from users with self-managed ‘simple factor’ passwords,” he said.
“Since most recent breaches leveraged privileged credentials to gain access to the organisation, securing privileged access in today’s hybrid enterprise is mandatory in achieving a mature risk posture.
“Passwords alone are not enough.”
Rather, King said that organisations need an integrated solution that “combines password vaulting with brokering of identities, MFA enforcement and just-enough and just-in-time privilege, that secures remote access and monitors all privileged sessions”.
“Reducing the friction for users through more choices in authentication factors, fewer prompts and a more consistent user experience will go a long way toward reducing reliance on passwords alone,” said King.
“The bottom line is that moving beyond password-only security pays off.”
Follow us on Twitter and Facebook
CrowdStrike says it found a killswitch in DeepSeek
CrowdStrike alleges that Chinese LLM DeepSeek-R1 is more likely to produce insecure code, or...
Sophos integrates its threat intelligence platform with Copilot
Sophos has announced the launch of integrations between its Intelix cyberthreat intelligence...
Lakera launches framework for testing LLM security
Check Point’s Lakera has developed an open-source framework for testing the security of...
