Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

October 2022

Lookout and HPE Aruba Announce Integrated SASE Architecture

To streamline networking management and modernize IT operations organizations are deploying software-defined wide area network (SD-WAN) systems. But as networking becomes cloud-delivered, security often lags behind. With data and applications moving to the cloud, you need an efficient way to secure the activities that are going on between branch locations and the cloud.

From Access-centric Security to Data-centric Security

In the early days of internet security, an access-centric security model made sense. Access lists on routers were complemented by firewalls and, later, intrusion detection systems. Given the processing capacity available at the time, this was absolutely adequate and appropriate for protecting a website, even with e-commerce. But that was the 1990s, and the internet has become so much more than websites with some shopping capabilities. Now, it’s the backbone of our society.

Why Do I Need a Next-gen Secure Web Gateway?

The internet is now your default corporate network. This has some major perks — it means that your employees can access whatever they need from wherever they need it. But using the internet like this has also made your organization's security posture more complex. People are using networks and devices your IT doesn't manage, and they are accessing data that is scattered across countless apps.

Beyond BEC: How Modern Phishing Has Evolved Past Email

Business email compromise (BEC) is big business for malicious actors. According to the 2021 FBI Internet Crime Report, BEC was responsible for nearly $2.4 billion in cyber crime losses in 2021. At its root, it’s a type of phishing attack. And with the rise of smartphones and tablets, attackers are expanding well beyond email. They now leverage other platforms such as SMS messages, messaging apps like Signal and WhatsApp, and social media apps to target and compromise their targets.

Five Steps Towards Building a Better Data Security Strategy

In the past when organizations had a new security need, they would meet that need by purchasing a new security product. But that approach is how we ended up with an average of 76 security tools per enterprise, according to a 2021 survey from Panaseer. You may have a lot of tools, but that doesn’t mean your information is protected.

Why You Need a Data-driven Approach to Vulnerability Management

With most of us working from anywhere, smartphones and tablets have become a big part of how we stay productive. At the same time, the average cost of data breaches continues to rise, averaging $4.35 million in 2022. While there are numerous threat vectors organizations have to juggle, this got me thinking about how applications and device vulnerabilities are currently managed.

The Middle East's Getting a Little Cloudy: My Thoughts from Gitex 2022

Having lived and worked in Dubai early in my career, I have a great affinity with the Middle East. So when the opportunity to present at Gitex, the region’s premier technology event, and support our local Lookout team, I jumped at it. You might not think of the Middle East as being at the forefront of technological innovation, but if you stroll around Gitex, you’ll find everything from flying cars, robotics, and environment controls to IT and security.

Five Password Management Best Practices to Keep You Safe

Love them or hate them, passwords are often the only thing standing between attackers and your sensitive personal and financial information. Despite their importance, less than 50% of people feel very confident that their passwords are secure from compromise, according to a 2021 Security.org survey of password habits. There’s probably a good reason many are worried about their passwords.

Four Questions to Ask About Your Cloud Security Posture

For most organizations, the decision to adopt cloud technologies is a simple one. Cloud apps streamline operations and costs while enabling users to access resources from anywhere and on any device. But migrating to the cloud has also introduced some complexity, which comes with new risks. Instead of everything residing neatly within your corporate perimeter, your data now resides within countless apps and are being handled by users and endpoints that operate outside of your sphere of influence.

Social Engineering and VPN Access: The Making of a Modern Breach

In what seems to be a constant drip of headlines about large enterprises experiencing security incidents, the world most recently learned of a successful data infiltration of rideshare and delivery company Uber. In a blog update, Uber attributed the attack to the infamous Lapsus$ group that has made a name for itself over the past year with successful breaches of household names including Microsoft, Rockstar Games, Samsung, Nvidia, Ubisoft, and Okta.

Flexible, Edge-directed Meshes: Why SASE is the Future of Cybersecurity

The tectonic plates of network security are in motion. A wrenching transference from on-premises to cloud-centric data security systems is gaining steam. Security teams are engaged in pushing cybersecurity out to the far edges of a highly interconnected, widely dispersed digital environment; and at the same time, they must find smarter ways to dramatically improve cyber hygiene.

How to Protect Your Personal Data: Three Privacy Tips To Stay Ahead

Technology has advanced our world in countless ways. Every day we bank, shop, conduct business, and exchange photos and messages with family and friends online. While digital devices and services offer great convenience, they also pose risks to our data and privacy as our offline and online lives converge. In 2021, data breaches reached an all-time high of 1,862, according to the Identity Theft Resource Center (ITRC), a 68% increase over 2020.