If identity is the new perimeter, it is also the new battleground. Each new breach of credential data leads to a ripple effect of identity theft and fraud across enterprises, regardless of industry. A single leaked password from an obscure forum can result in the full compromise of enterprises today. Every week brings a new dump of passwords to add to the conveniently packaged and widely distributed combolists that feed wide-scale credential-based attacks.
We need to start thinking of data breaches, particularly those of identity-related data, as a systemic problem—not something that only impacts the breached organization.
This talk will detail not only how and why breached credentials affect every organization—including a look at some of the methods and tools used by attackers—but also introduce new best-practices and an open source tool for defending against these threats.