When an attacker attempts to gain access to your network, servers, sensitive information, and other important assets, one of the preferred methods is acquiring legitimate credentials. This might be accomplished in a number of ways, but once an attacker gains initial access they can then slowly develop additional capabilities in order to locate, steal, or disrupt your most valuable information.
Privileged accounts are typically held by high level IT personnel and others with very specific needs for this type of access. As part of your continual assessment of vulnerabilities, you should understand and tightly manage all of these credentials. Increase the size of passwords, the frequency of changes, monitoring activity, and insure that anyone leaving the organization is quickly eliminated from the system. A total audit should be periodically executed by an outside firm as a cross check to your security efforts.