When it comes to how employees get work done, personal devices are an ever-growing part of the equation. The 2023 Lookout State of Remote Work Security Report found that 92% of remote workers have performed work tasks on their personal mobile devices. While putting security controls on employer-owned devices is a no-brainer, the increasing overlap of personal with professional means that organizations need to think about how to secure employee-owned devices that are being used for work.

Not long ago, most company resources were located within a defined perimeter and users worked in the office using company-owned devices. In that world, access-centric security policies were enough to safeguard sensitive data. But most organizations have now adopted a host of cloud applications, and users work from anywhere on any device and network. To secure sensitive data in this new setup, organizations must transition from an access-centric approach to a data-centric security approach.

It's an undeniable truth that significant differences exist across many facets of life. Sports figures like LeBron James and Michael Jordan possess exceptional talent, which has propelled them to accomplish feats that defy human capability. Jeff Bezos and Elon Musk's extraordinary business achievements make them the epitome of success and a source of inspiration for many. These examples underscore a crucial point: Some things are just better than others.

Cyber crime rose by more than 20% in 2023, and a data breach could cost your company millions of dollars in damages. Today’s organizations need a comprehensive enterprise data protection strategy to ensure the integrity, availability, and confidentiality of sensitive data and prevent data breaches before they occur. In this guide, we'll cover the many facets of enterprise data protection and discuss best practices that can keep your business safe. ‍

The internet has become an indispensable part of daily work, enabling greater flexibility, productivity, and communication. However, connecting to the internet introduces new challenges, particularly in terms of security. With cyber threats evolving constantly, organizations face the daunting task of protecting their users and network from a multitude of risks, including phishing websites, malware downloads, and access to sites that violate acceptable use policies.

In February 2024, Lookout discovered an advanced phishing kit targeting the Federal Communications Commission (FCC), along with several cryptocurrency platforms. While most people think of email as the realm of phishing attacks, this threat actor — known as CryptoChameleon — used the phishing kit to build a carbon copies of single sign-on (SSO) pages, then used a combination of email, SMS, and voice phishing to target mobile device users.

At Lookout, we’re no stranger to all the app risks, phishing attempts, and vulnerabilities that make mobile devices such appealing targets. Over the years, our researchers have identified 1500 threat families and have exposed some of the most sophisticated threats ever found, including Pegaussu, Dark Caracal, and — most recently — CryptoChameleon.