Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Ever since the adage “identities are the new perimeter” came into being, companies have started to expand their capabilities and operations beyond on-premises, office-based infrastructure. The adoption of cloud-native technologies means that organizations are looking to scale up their conventional workflows without having to invest time and resources on setting up physical data centers and other hardware infrastructure.

When KnowBe4 went public in April 2021, I got to know a select group of analysts that served as co-managers on our IPO. These professionals all know our industry very well and we spoke with them quarterly during our earnings conference call where we discussed the past 3 months and expectations for the future. One of these firms was Baird Equity Research and I am still on their mailing list, even though we went private this year as a Vista Equity Partners portfolio company.

Did you know that 60% of all cyberattacks originate from mobile devices? Today, our smartphones are almost invaluable to us. They hold everything, from our social media accounts to banking apps, personal photos and videos, and important contacts. However, hackers have also adapted to this reality.

Security risks within the IT infrastructure of global businesses are increasingly prevalent – and damaging. When swathes of data are separated in the hybrid or multi cloud, it can leave big open doorways for malware to walk right in. The message I want businesses to hear is that cloud and data are not separate. IT only exists to service the needs of a business’ data. Securing cloud services – and therefore your data – is a business-critical issue.

In this blog post, we outline why phishing continues to present such a threat and outline 10 steps you can take to better defend your organisation against it.

Credential harvesting is a technique that hackers use to gain unauthorized access to legitimate credentials using a variety of strategies, tactics, and techniques such as phishing and DNS poisoning. Phishing is the most frequent type of cyber threat and can lead to more harmful attacks such as ransomware and credential harvesting. According to recent research, phishing assaults targeted credential harvesting in 71.5% of cases in 2020.

Read also: Twitter hacker sentenced to prison, police rescued over 2,700 people forced to carry out scams, and more.

ChatGPT use is increasing exponentially in the enterprise, where users are submitting sensitive information to the chat bot, including proprietary source code, passwords and keys, intellectual property, and regulated data. In response, organizations have put controls in place to limit the use of ChatGPT. Financial services leads the pack, with nearly one in four organizations implementing controls around ChatGPT.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. The fall out from MOVEIt continues to roll on….