81% of data breaches use hacked passwords

Four out of five data breaches last year involved compromised credentials, according to the 2017 Verizon Data Breach Investigations Report.

The number of data breaches arising from weak or stolen passwords has jumped in the last three years from 50% to 81%.

“This alarming trend clearly illustrates that today’s security isn’t working,” said Centrify’s senior director of APAC sales, Niall King, whose company provides security services based on identity.

“Cybercriminals find the path of least resistance to their target and today that path leads straight from users with self-managed ‘simple factor’ passwords,” he said.

“Since most recent breaches leveraged privileged credentials to gain access to the organisation, securing privileged access in today’s hybrid enterprise is mandatory in achieving a mature risk posture.

“Passwords alone are not enough.”

Rather, King said that organisations need an integrated solution that “combines password vaulting with brokering of identities, MFA enforcement and just-enough and just-in-time privilege, that secures remote access and monitors all privileged sessions”.

“Reducing the friction for users through more choices in authentication factors, fewer prompts and a more consistent user experience will go a long way toward reducing reliance on passwords alone,” said King.

“The bottom line is that moving beyond password-only security pays off.”

Image credit: ©stock.adobe.com/au/Lasha Kilasonia

Follow us on Twitter and Facebook