In recognition of Change Your Password Day, Keeper Security is urging organisations to prioritise securing credentials to combat the escalating threat of cyber attacks. Without proper safeguards, compromised credentials can lead to devastating breaches, financial loss and reputational damage.
Privileged accounts, often used by administrators or automated systems to access critical infrastructure, are prime targets for attackers because they provide extensive access to an organisation’s most sensitive systems and data. Nearly 40% of data breaches involve these accounts, according to Verizon’s 2024 Data Breach Investigations Report. Breaches involving privileged accounts are also more costly, with the average breach costing $4.35 million, while those involving privileged accounts average $4.5 million, according to research from IBM and the Ponemon Institute. This highlights the critical need for strong credential security measures.
Darren Guccione, CEO and Co-founder of Keeper Security, said: “Weak or stolen passwords are often the first and easiest entry point for cybercriminals. This Change Your Password Day, we want to remind organisations of the critical importance of enforcing robust credential management policies. Implementing tools like enterprise password management and privileged access management ensures credentials are stored and managed securely – with enforcement and visibility across the organisation – minimising the risk of unauthorised access that can lead to a damaging breach.”
Understanding that human error often plays a significant role in breaches, Keeper emphasises the importance of educating employees about password security best practices. This includes training on identifying phishing attempts, avoiding password reuse, implementing MFA and recognising the risks of sharing credentials over unsecured channels. As businesses continue to navigate hybrid work environments, securing credentials is more critical than ever.
Keeper recommends that organisations implement strong password policies requiring unique passwords of at least 16 characters, including uppercase and lowercase letters, numbers, and symbols. They should also adopt a Privileged Access Management (PAM) solution to secure privileged accounts by enforcing these strong password policies and limiting access to critical systems. Enforcing Multi-Factor Authentication (MFA) adds a crucial additional layer of security, protecting accounts even if a password is compromised. Monitoring for breaches, specifically through dark web monitoring, helps detect exposed credentials. Finally, regular training for employees on secure credential management and best practices is essential.
This Change Your Password Day, Keeper encourages all businesses to take proactive steps to secure their digital environments and protect their most valuable assets.