Why Passwords still matter as a first line of cybersecurity
Written by: Litha Maqungo Save to Instapaper
A lot has changed in the world of cybersecurity since 2013. The year in which Yahoo reported a hack of one billion customer accounts, or since retail giant Target experienced the compromising of 40 million credit and debit card accounts and 70 million customer records. ‘Cybersecurity’ is a phrase everyone is now familiar with as a part of modern-day life and with our interconnected worlds only continuing to accelerate.
What hasn’t changed, however, is the threat of an attack. Now, in 2025, businesses and individuals can appreciate that attacks are indiscriminate, fast, take place on a global scale, and can happen at any time. The ferocity and sophistication of cybersecurity incidents have only increased as our data usage continues to explode on a global scale.
In today’s enterprise, it’s almost impossible to ignore how deeply embedded cloud, SaaS, and hybrid environments have become in daily business operations. Even organisations with strict controls have found it difficult to resist the pull of scalable infrastructure, the latest tools, and the ever-increasing demand for agility and productivity. Whether sanctioned or shadow IT, these platforms are now integral to business.
But as our digital environments have evolved, one constant has stubbornly remained: the password. Despite being a decades-old security mechanism—often the first line of defense—it continues to serve as the gateway to critical systems and sensitive data. And while it might seem like a basic building block, its role in cyber resilience has never been more critical.
Recent findings from Rubrik Zero Labs reinforce this reality: 90% of IT and security leaders reported experiencing a cyberattack in the past year. And with 35% of them naming hybrid cloud data security as their top challenge, the urgency becomes clear. Add to this, it is estimated that over a third of sensitive files are classified as high risk—typically containing Personally Identifiable Information (PII)—and it’s evident that foundational security practices, like identity and access management, need renewed focus.
The password and the identity tied to it may be legacy, but in the modern enterprise, they’re far from obsolete.
Password protection remains a fundamental pillar of enterprise security—arguably more critical now than ever before. As businesses race to embrace AI’s transformational potential to boost productivity, streamline operations, and extract deeper value from data, they must also confront a parallel reality: threat actors are evolving just as quickly.
We're now seeing a concerning trend where compromised AI systems can be used as reconnaissance tools for attackers. Designed to help users search vast repositories of files, chat histories, and business intelligence, these GenAI platforms are compelling but when identities tied to these systems are compromised, that same power can be used against an organisation. Essentially, what accelerates business outcomes becomes a highly efficient breach assistant.
Compromised credentials, notably passwords, remain among the most common entry points for ransomware and other advanced attacks. Now, in an AI-driven world, the stakes are even higher. If attackers gain access to an AI system via a stolen identity, they don’t just access files—they gain context, patterns, and insights at machine speed.
In this landscape, securing identities isn’t just an IT best practice—it’s a core business need. As AI becomes embedded across an enterprise, protecting the passwords and identities that govern access to these tools must be prioritised with the same urgency as protecting sensitive data.
Employee password vulnerabilities are a major cybersecurity risk. For businesses, insider threats, often driven by compromised credentials, can expose a huge hole in a cyber resiliency defence strategy and leave an open door to criminals to exploit. Here are my views on how businesses can strengthen their defences:
- Educate and train your employees: Human error is a major vulnerability. Regularly train staff on password best practices, phishing attempts, and the importance of data security protocols.
- Password managers: Encourage or mandate the use of reputable password managers. These tools generate and securely store complex, unique passwords for different accounts, reducing the burden on employees to remember multiple combinations.
- Regularly update software and systems: Keep all software, operating systems, and security tools updated with the latest patches. Updates often address known vulnerabilities that cybercriminals can exploit.
- Implement and retain strong access controls across your ecosystem: limit access to sensitive data and systems to ensure employees have only the permissions necessary to perform their job duties.
- Implement backup and recovery planning and solutions: create an incident response plan to ensure that if an attack does happen data is safe, has been regularly backed up and is secure, so you can hit the ground running again.
By embracing a holistic approach to cyber resiliency, businesses and staff can reduce the risk of falling victim to threats, assets, and reputational damage.
Future Somebody is a boutique PR and marketing consultancy dedicated to helping founders, startups, and disruptor businesses show up with purpose and clarity. We offer strategic publicity services, media outreach, and digital storytelling that gets our clients seen, heard, and remembered — locally and globally.
Latest from
- Rubrik and Sophos to Deliver Microsoft 365 Cyber Resilience with New Partnership
- Modular by Design - How Afro Wine Week is Opening the Doors to Global Opportunity
- Rubrik Advances New Data Security for AWS Cloud Databases
- Diaspora in a Bottle - How African Wines Are Shaping Global Palates
- New Rubrik Identity Resilience Designed to Mitigate the Most Targeted Point of Cyber Attacks
- Google Cloud Recognizes Rubrik as a Partner of the Year
The Pulse Latest Articles
- Hansgrohe Reinvents The Washbasin With Avalegra (August 15, 2025)
- From Tiktok To The Karoo: New SA Initiative Reclaims Manhood Through Wilderness (August 14, 2025)
- Rode Report Expands Coverage To Include Multifamily Rental Housing (August 13, 2025)
- How Women At Steinmüller Africa Are Reshaping Industry Leadership (August 13, 2025)
- Ditch The Crash: 3 Smarter Drink Choices To Fuel Your Workday (August 13, 2025)