Today’ s attackers are using advanced tactics such as phishing, social engineering and brute force attacks to compromise critical information. As these threats become more sophisticated, the inadequacies of passwords are becoming even more apparent – passwords, once considered the first line of defence, are now often seen as the weakest link.

Passwords have long been fundamental to safeguarding businesscritical information and financial data.

Passwords have long been fundamental to safeguarding business-critical information and financial data. However, their effectiveness is increasingly undermined by common user behaviours – such as reusing passwords across multiple sites or choosing simple, easy-to-remember passwords that are also easy for attackers to crack.

Steven Scheurmann, Regional Vice President, ASEAN, Palo Alto Networks, explores why passwords are failing to defend businesscritical information.

The latest Unit 42 Incident Response Report uncovered a stark reality: in 2024, previously compromised credentials emerged as the third most used initial access vector by threat actors, surging four-fold from 4 % in 2021 to 16 %. The reliance on traditional passwords is, thus, leaving businesses increasingly vulnerable.

Remote workforces increase vulnerabilities

Adding to this is the fact that the shift towards remote and hybrid work environments has transformed networking and security. Work is no longer just a place we go to; it’ s something we can do from anywhere.

This means our applications and users are now spread out everywhere, which significantly expands

WWW. INTELLIGENTCISO. COM 37