The 2016 data breach report by Verizon confirmed that 63% of data breaches were as a result of default, weak or stolen passwords. Moreover, the report noted that CEOs tend to be high-value targets because they often have access to sensitive accounts.
Elsewhere, the CEO of SOTI Inc.—an IoT Solutions and Business Mobility company—noted that having a strong deterrent approach to security is critical if one is to deal with risks proactively instead of defensively.
He said that SOTI’s deterrent approach involves enforcing complex passwords complete with a three-month expiry. Essentially, most experts agree strong passwords are crucial. Here are four reasons why CEOs and entrepreneurs must also take strong passwords seriously.
1. Strong passwords are the last line of defense in protecting your company’s digital footprint
While firewalls and antiviruses are important digital security practices; strong passwords still occupy the number one position as the last line of defense.
If by chance a hacker manages to get through your firewall, through your antivirus and any other security measure, a unique and complex password guarantees that they will still not get access to your account.
Note that as a CEO or entrepreneur, you cannot just worry about your accounts, you also have to worry about your employees’ accounts—both personal and business. The three questions any CEO should ask himself or herself are:
- Is anyone in the company reusing passwords on their most important accounts?
- Do your password and the passwords of your employees comprise of at least 14 characters?
- Does your company incorporate multi-factor authentication as much as possible?
For a completely secure digital life for your company, then the answers to these questions should be: No, Yes and Yes.
2. CEOs are often the main targets
A certain study aimed at investigating CEO Email exposure discovered that 3 out of every 10 CEOs had had their passwords “pwned.” Pwned passwords are real passwords previously exposed in data breaches.
Cybercriminals and malicious parties would match that password to other accounts helps by the CEO. If the CEO has reused the password at some point, then the cybercriminal gains access.
Such a scenario underscores how critical it is for any CEO or entrepreneur to have a unique password for all his/her accounts. Considering how hard it is to come up with unique passwords for the over 100 accounts a CEO might have access to, it is vital to use a password generator with a crack time estimation. An accurate crack time estimate tells you how strong your password is based on the time needed to crack it with brute force. For example, this password “P7S~Q>SK5S9q706>C” would take 317, 098 years to crack.
Note that if you use a password generator, you must also use a password manager because it is impossible to remember such complex passwords.
3. Strong passwords save the company a lot of money
If for nothing else, then as a CEO or entrepreneur you should enforce strong passwords to protect your company’s profit margin. Data breaches are ridiculously expensive. Consider a 2018 study sponsored by IBM and conducted by Ponemon Institute. The study concludes that the average cost of a data breach is $3.86 million.
Some of the factors the study identified that causes such a huge loss include, lost clients or business, the time it takes employees to recover and the negative impact on reputation.
Another good example to take into account is the well-known Sony hack in 2014. Once the dust settled, Sony reported that the hack would cost the company $35 million in IT repairs. Note that this figure does not even take into account loss due to lost business.
Moreover, bear in mind that investigations into the Sony attack showed that a combination of weak passwords and the lack of server hardening made it possible for the hackers to access one server which in turn allowed them to access to a larger portion of the network.
That said, it becomes obvious that strong passwords are a crucial component in keeping your company or business alive. More so, if you are an SME and cannot afford to spend that much in recovering from a data breach.
4. Seriousness by CEOs about passwords sets the tone for the whole company
As a CEO or entrepreneur, it is up to you to set the rules or ethos of the company so that everyone else can follow. Countless studies have shown that it is normal for employees to ignore password best practices.
However, if as the CEO you are at the forefront insisting on strong passwords, then your employees will follow suit, and in turn, that will protect the company or business.
Everyone should take strong passwords seriously. However, CEOs and entrepreneurs, in particular, should go an extra step because they are in charge of protecting not only themselves but also the brand.