Obtaining a valid credential is crucial for the success of any attack – if you disrupt this step in the attacker’s process, they are most likely to fail.
It is often the easiest stage of an attack, too – because most companies are not planning for credential theft and as a result are not prepared for it.
Credential Theft Mitigation is aimed primarily at protecting credentials that might lead to compromising a privileged account – for example that of a helpdesk employee, a systems administrator or a domain admin. But a stolen valid credential for a regular employee’s computer can also lead to a very quick escalation of privilege up to Domain Admin – within 24 hours or less. That is why preventing the theft of any credential in an enterprise is of utmost importance.