The sheer number and destructiveness of data breaches in the past few years are alarming and discouraging. However, there is cause for hope. Most of the cyber attacks had a great deal in common. One of the most compelling similarities in all attacks was the use of compromised credentials. Three-quarters of all breaches were largely due to weak or stolen credentials.
Some organizations invest the majority of their security budget on firewalls and intrusion detection to block access, while paying little attention to improving authentication and access management. This is akin to installing an alarm system, but then leaving the front door wide open. One weak password could easily undermine all of the organization’s best security systems.