“Defenses must evolve to include comprehensive credential lifecycle management, privileged access controls and real-time anomaly detection,” Guccione says. “The adoption of phishing-resistant authentication methods, such as passkeys, can also significantly reduce the risk of compromised credentials being exploited and prevent lateral movement in the event of a breach.”
Kevin Curran, IEEE senior member and professor of cybersecurity at Ulster University, notes that too many organizations still rely on legacy systems, inconsistent password policies, and incomplete MFA enforcement.
“CISOs and security teams should focus on enforcing strong, unique passwords, using MFA everywhere, managing privileged accounts rigorously and testing identity controls regularly,” Curran says. “Combined with well-tuned DLP [data loss prevention] and continuous monitoring that can detect abnormal patterns quickly, these measures can help limit the impact of stolen or cracked credentials.”
