The insider story, whether it is a disgruntled or negligent employee, is one that is familiar to many organizations. The 2020 Securonix Insider Threat Report found that 60% of the insider threat cases they dealt with involved a “flight risk” employee, or an individual that is getting ready to leave their employment.

Co-authored by Carmine Clementelli and Jason Clark In recent times, the rise of artificial intelligence (AI) has revolutionized the way more and more corporate users interact with their daily work. Generative AI-based SaaS applications like ChatGPT have offered countless opportunities to organizations and their employees to improve business productivity, ease numerous tasks, enhance services, and assist in streamlining operations.

Security professionals were once confident that the valuable data they protected was safely tucked away inside heavily fortified data centers. But as businesses of all sizes undergo digital transformation, moving their data to the cloud and across numerous distributed locations, the demands placed on legacy data protection systems have changed drastically.

The market for Software-as-a-Service (SaaS) applications, or apps, was valued at $186B in 2022, and expected to grow to $700B by 2030, a CAGR of 18%. As organizations adopt more SaaS apps for business-critical operations, they expose sensitive data across an ever larger and more diversified variety of egress points in the cloud. And as attackers tend to follow the data, they are targeting SaaS apps like never before.

Over the past two decades we have seen a major shift in working patterns and models at organisations around the world. Intertwined—driven by those workforce changes as well as enabling them—we have also seen a complete rearchitecting of the IT systems that underpin our corporations. Both of these change agents have driven spiralling network costs in the name of maintaining and improving the performance of the essential applications for hybrid workforces.

At RSA Conference 2023, a number of Netskopers from across the organization who attended the event in San Francisco shared commentary on the trends, topics, and takeaways from this year’s conference.

Be the first to receive the Cloud Threats Memo directly in your inbox by subscribing here. While the most common cloud apps are also the most exploited for delivering malicious content, opportunistic and state-sponsored threat actors are constantly looking for additional cloud services to leverage throughout multiple stages of the attack chain.

As we witness a growing number of cyber-attacks and data breaches, the demand for advanced cybersecurity solutions is becoming critical. Artificial intelligence (AI) has emerged as a powerful contender to help solve pressing cybersecurity problems. Let’s explore the benefits, challenges, and potential risks of AI in cybersecurity using a Q&A composed of questions I hear often.

Software-as-a-service (SaaS) applications have become an integral part of modern enterprise operations. According to a recent report by Gartner, the worldwide public cloud services market is projected to grow to $591.8 billion in 2023, up 20.7% from $490.3 billion in 2022, with SaaS being the largest market segment representing about 33% of the market.

CrossLock is a ransomware group that emerged in April 2023, targeting a large digital certifier company in Brazil. This ransomware was written in Go, which has also been adopted by other ransomware groups, including Hive, due to the cross-platform capabilities offered by the language. CrossLock operates in the double-extortion scheme, by threatening to leak stolen data on a website hosted on the deep web if the ransom isn’t paid by the victim.