According to Verizon’s recently released 2020 Data Breach Investigations Report (DBIR), over 80% of hacking-related breaches involved the use of lost or stolen credentials. We analyzed the findings and uncovered some additional data points that underscore how pervasive and detrimental poor password practices are to businesses today. Looking at the DBIR data in detail, approximately 35% of all breaches were initiated due to weak or compromised credentials.
To put it another way, your company is more likely to have a breach as a result of stolen or weak credentials than any other single reason. So, why do companies continue to struggle with password security when it’s clearly such a business-critical issue?
There are a variety of factors, among them:
As the DBIR put it, “Criminals are clearly in love with credentials, and why not since they make their jobs much easier?” In this environment, the only way companies can fight back is by employing a solution that continually screens for compromised credentials and introduces friction only when the situation warrants it. With breaches happening on a near real-time basis, it’s not enough to check password security only at its creation. Organizations need an ongoing way to ensure that credentials that were once secure have not become compromised, and that’s where Enzoic comes in.
There’s plenty to worry about in the modern threat landscape but compromised credentials should not be one of them. Learn more about our approach, and how we can help you eradicate the credential vulnerability for good.