Reading List

1Password: The Infinite Loop of Security from Daring Fireball RSS feed.

1Password: The Infinite Loop of Security

My thanks to 1Password — which, earlier this year, acquired frequent DF sponsor Kolide — for sponsoring last week at DF. The 2024 Verizon Data Breach Investigations Report (DBIR) found that “the human element” (accidental breaches caused by human error, or victimization in phishing attacks and the like) was the number one cause of breaches. The same was true last year, and the year before that, and the year before that.

The single biggest culprit in breaches continues to be weak and stolen credentials. The 2024 DBIR found that “use of stolen credentials” is the number one initial action during a breach, and that credentials are the number one way attackers gain access in non-error, non-misuse breaches, followed by phishing and vulnerability exploits. This needs to change, and the 2024 DBIR offers a clear look at where we’re falling short and where we go from here. To get more insights about the report and its implications for security, read the full post on 1Password’s blog.