By Anthony Daniel, Managing Director, Australia, New Zealand and the Pacific Islands, WatchGuard Technologies
This World Password Day, the conversation needs to move beyond password strength to the growing reality that most credentials are already exposed and circulating online.
Across Australia, where cybercrime is reported every six minutes, attackers are increasingly bypassing traditional intrusion methods altogether. Instead of breaking in, they are logging in using stolen credentials, acquired through phishing and infostealer malware, allowing them to operate without triggering conventional security alerts.
WatchGuard’s latest threat intelligence highlights how this shift is being enabled. Today, 96% of malware arrives over encrypted channels, while 23% is designed to evade traditional signature-based detection, making credential theft harder to spot and easier to scale.
For Australian organisations, this changes the role of identity entirely. A valid login can bypass legacy controls, leaving businesses exposed if they lack visibility beyond the point of access.
The focus now needs to shift from password strength to post-login detection. Multi-factor authentication remains essential, but it must be paired with continuous monitoring and behavioural analysis to identify when legitimate credentials are being misused. The question is no longer whether passwords will be compromised, but how quickly organisations can detect and respond when they are.
Techedge AI is a niche publication dedicated to keeping its audience at the forefront of the rapidly evolving AI technology landscape. With a sharp focus on emerging trends, groundbreaking innovations, and expert insights, we cover everything from C-suite interviews and industry news to in-depth articles, podcasts, press releases, and guest posts. Join us as we explore the AI technologies shaping tomorrow’s world.
