“Defenses should evolve to incorporate complete credential lifecycle administration, privileged entry controls and real-time anomaly detection,” Guccione says. “The adoption of phishing-resistant authentication strategies, similar to passkeys, also can considerably scale back the danger of compromised credentials being exploited and stop lateral motion within the occasion of a breach.”
Kevin Curran, IEEE senior member and professor of cybersecurity at Ulster College, notes that too many organizations nonetheless depend on legacy programs, inconsistent password insurance policies, and incomplete MFA enforcement.
“CISOs and security groups ought to give attention to implementing sturdy, distinctive passwords, utilizing MFA in all places, managing privileged accounts rigorously and testing identification controls recurrently,” Curran says. “Mixed with well-tuned DLP [data loss prevention] and steady monitoring that may detect irregular patterns rapidly, these measures can assist restrict the impression of stolen or cracked credentials.”
