Every attacker is after two things: credentials and data. Organizations still have little visibility into Active Directory where most credentials are stored – and unstructured data repositories where 80% of information is housed. In addition to this limited visibility, they also lack controls to govern and secure credentials and data. This leads to tremendous risk, vulnerability and the increased likelihood of a data breach.
Attackers want to steal or encrypt your business data, and to do that they need the credentials stored in Active Directory. If you want to protect your data, you need to discover it and place protective controls around it. Active Directory can only protect your data when it's clean, well understood, and monitored."