The 2010 Verizon Data Breach Investigations Report [PDF file] states that stolen credentials are the most common way that attackers use to breach enterprise security.

"But the credentials were rarely stolen using sophisticated methods," writes SearchSecurity.com's Robert Westervelt.

"Instead, malicious insiders were involved in 48% of cases -- a 26% increase vs. last year -- and in some cases, freely revealed their administrative passwords, enabling attackers easy access to sensitive data, said Bryan Sartin, director of the Verizon Business Investigative Response team," Westervelt writes.

Click here to read the SearchSecurity.com article.