A professional hacker, writing in the Financial Times, has some advice for businesses: Assume I am already inside your system. The hacker described how companies place far too much of their security effort on preventing attacks, saying that there is “always a way in”. Businesses should, in fact, concentrate on how they can protect data and mitigate attacks, and that many are unprepared. The hacker stated that 99 per cent of his successful attacks begin by gaining entry via stolen passwords. Once inside, many passwords give privileged access to centralised systems and allow attacks to cascade to other systems, often resulting in ransomware waves. The best defence against such attacks is a decentralised password system, such as MyCena. Users are assigned a unique password they never have to know, avoiding stolen passwords and human error. By combining this with encryption and segmented systems, businesses will be cyber-resilient by default.