Switching your telephone network to Voice over Internet Protocol (VoIP) has noticeable advantages. Users can experience stronger connectivity, significant cost reductions, and a centralized system. But what users also experience are new cybersecurity risks. The question becomes, then, are VoIP savings worth the costs to security?

RSA 2023 is a wrap, but that doesn’t mean we are finished with the annual event. Sharing information, success stories, and lessons learned lies at the heart of RSA. And after a week of talking to attendees and pundits, giving demos, and gleaning knowledge from a slew of sessions, it’s going to take some time to sort through all the treasure from that trove of knowledge. For starters, here are a few of the more noteworthy sessions we saw at the show.

Enterprise security operations teams find it increasingly difficult to maintain a hardened posture against advanced network and cloud threats. Given the rapid adoption of cloud platforms and software-as-a-service (SaaS) tools, cloud application traffic has overtaken web traffic to dramatically expand the attack surface. As a result, overreliance on traditional security controls can lead to increased blind spots, and control misconfigurations can create significant business risks.

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The California Privacy Rights Act (CPRA) was passed in November 2020. It amends the 2018 California Consumer Privacy Act (CCPA) introduced in response to rising consumer data privacy concerns.

Compromised websites (legitimate sites that have been successfully compromised to support social engineering) are serving visitors fake Google Chrome update error messages. “Google Chrome users who use the browser regularly should be wary of a new attack campaign that distributes malware by posing as a Google Chrome update error message,” Trend Micro warns. “The attack campaign has been operational since February 2023 and has a large impact area.”

Software-as-a-service (SaaS) applications have become an integral part of modern enterprise operations. According to a recent report by Gartner, the worldwide public cloud services market is projected to grow to $591.8 billion in 2023, up 20.7% from $490.3 billion in 2022, with SaaS being the largest market segment representing about 33% of the market.

Threat actors have turned cybercrime into big business — a $1.5T USD industry where a ransomware attack occurs every 11 seconds. Each year, the cybersecurity industry works diligently to launch and refine tools, technologies, and solutions. The bad news? So do cybercriminals. Their nefarious innovations continue to leave organizations reeling from cyber attacks that steal data, damage reputations, and put serious dents in annual budgets.

CrossLock is a ransomware group that emerged in April 2023, targeting a large digital certifier company in Brazil. This ransomware was written in Go, which has also been adopted by other ransomware groups, including Hive, due to the cross-platform capabilities offered by the language. CrossLock operates in the double-extortion scheme, by threatening to leak stolen data on a website hosted on the deep web if the ransom isn’t paid by the victim.

Elizabeth Harz, CEO of Veriato, gave an interview to ISMG at this year’s RSA Conference in San Francisco. In it, Elizabeth covers the challenges of maintaining data security in the remote or hybrid workforce environment and the rising cost of data breaches. She also discusses some of the tools and solutions and can help businesses better manage their cybersecurity challenges.