I am often asked what has changed and what will need to change most about cybersecurity in the next few years, especially as we come out the other side of a global pandemic that upended all kinds of plans. But let’s start by level-setting: the grand strategy for security—protect data—hasn’t changed. It’s the tactics that have changed, and more importantly, must continue to change.

A new day, a new wave of S3 leaks… Cloud misconfigurations continue to be a major concern for organizations and a constant source of data leaks. A recent report by IBM has revealed that misconfigurations are behind two-thirds of cloud security incidents.

Who said that cloud services are only exploited by opportunistic cybercriminals? Researchers from Cybereason have recently discovered a new highly targeted campaign, dubbed Operation GhostShell targeting the Aerospace and Telecommunications industries mainly in the Middle East, with additional victims in the U.S., Russia, and Europe.

When the COVID-19 pandemic descended on the U.S., companies took a no-holds-barred approach to maintain their operations. Employees up and down organizational structures were told to work from home, and IT teams were tasked with making that happen. The timeline was short, and approval processes moved quickly, which meant changes to network access and security were made more quickly, and in some cases more haphazardly, than in a “normal” situation.

On Monday, October 4, 2021, Facebook suffered a prolonged outage when, during routine maintenance, all connections to their global backbone network were mistakenly taken down. More details on the cause and response to the outage are available on the Facebook blog. At Netskope, we help secure the cloud and web traffic of millions of users worldwide. In this blog post, we provide a glimpse into what the Facebook outage looked like from our perspective.

In September of 2021, a new malware family named SquirrelWaffle joined the threat landscape. It spread through infected Microsoft Office documents attached in spam emails. The infection flow starts with a ZIP file that contains the infected Office document. When the file is opened by the victim, the malicious VBA macros download SquirrelWaffle DLL, which eventually leads to deploying another threat, such as CobaltStrike or QakBot.

In 2019, when the term Secure Access Service Edge, or SASE, was first coined, it was to define a useful way of setting up the network and security infrastructure to satisfy a cloud-first future with services at the edge. Since then, SASE has been long on hype and discussion, but short on actual, practical advice. What does SASE mean for your digital transformation strategy?