PAE























































          the easily anticipated formats mentioned            weak or stolen passwords — in fact, 82% of
          above.                                              security breaches that occur within basic web
                                                              application attacks are achieved by stealing
          Poor password management has been the               credentials like passwords.
          leading cause of data breach for more than
          10 years. One million passwords are stolen          Companies have to find the most secure
          each week. The use of stolen login information      approach that employees will actually follow.
          is the second–most common method of                 When setting password security policies, keep
          breach. Eighty-five percent of data breaches        this in mind. The best system in the world
          prominently involve a personnel component           won’t do you much good if employees end up
          such as phishing, stolen credentials, and           working against it. So while companies should
          human error. These instances of compromised         work to show employees that being secure
          data are often conducted by external actors         and using good password hygiene doesn’t
          for financial gain. The 2022 Verizon Data           have to feel burdensome, they should also try
          Breach Investigations Report explains that,         to strike a balance that really works for their
          when targeting businesses and organizations,        employees.
          hostile actors often access networks via
                                                                                                   hbr.org





          March 2024                                                                                     19