As digital transformation continues to blossom and cloud adoption increases, we continue to see challenges crop up when it comes to traditional DLP solutions. Setting aside the architectural and operational complexity and high cost that comes with traditional DLP, practitioners recognize that existing tools aren’t able to keep up.
Late in January this year, the UK’s National Cyber Security Centre announced an update to its Cyber Essentials scheme in order to ensure it “continues to help UK organisations guard against the most common cyber threats”. This year’s update isn’t an overhaul on the same scale as last year’s, but it did include important new guidance about zero trust architectures.
The advent of cloud applications led to a new generation of phishing attacks (named OAuth phishing or consent phishing) where, rather than stealing the user credentials, threat actors aim to obtain an authorization token via a rogue cloud app that allows them to perform harmful activities on the victim’s cloud environment.
Following the recent AWS CloudTrail Lake announcement, this blog will guide you through how to configure a Netskope Cloud Exchange instance to send Netskope user access logs to AWS CloudTrail Lake using the Cloud Log Shipper (CLS) module and the CLS plugin developed for CloudTrail Lake. Cloud Exchange (deployed in Amazon ECS on Fargate) can be obtained from the AWS Marketplace.
No matter what industry you’re in, data privacy is an issue that impacts you. And when it comes to being safe online with sensitive data, whether that’s your personal data or sensitive data that is important to your organization, being informed is the first step. With that in mind, ahead of Data Privacy Day on January 28, we asked a handful of Netskopers from our CSO, internal security, and Netskope Threat Labs teams to provide tips around data privacy that they think everyone should know.
Cloud security, let alone SASE, doesn’t work without the underlying infrastructure that provides a consistent “baseload” to deliver the security capabilities integral to protecting users, sites, apps, and most importantly the data.
It should come as no surprise to anyone who has lived through the last three years that the way we work has changed drastically. The onset of the COVID-19 pandemic forced organizations to figure out how to better enable their employees to work from home securely and easily. The result was an acceleration of trends that were already underway. Work is now hybrid, and adaptability and flexibility continue to be key requirements for organizations working to secure a distributed hybrid workforce.
Digital twins are digital replicas of physical assets, processes, and systems, and they are used to perform simulations and analysis to optimise the real-world performance of those assets, processes, or systems. They have become increasingly popular in many industries, including manufacturing, healthcare, and transportation. However, as digital twins become more prevalent, it is important to consider the cybersecurity implications of these technologies.
ChatGPT is an artificial intelligence chatbot created by OpenAI, reaching 1 million users at the end of 2022. It is able to generate fluent responses given specific inputs. It is a variant of the GPT (Generative Pre-trained Transformer) model and, according to OpenAI, it was trained by mixing Reinforcement Learning from Human Feedback (RLHF) and InstructGPT datasets. Due to its flexibility and ability to mimic human behavior, ChatGPT has raised concerns in several areas, including cybersecurity.
Our most recent Cloud and Threat Report highlighted how threat actors abuse cloud services (with a special focus on cloud storage apps) to deliver malicious content (and yes, OneDrive leads the chart of the most exploited apps). To confirm that this trend will likely continue in 2023, researchers at Trend Micro have discovered an active campaign, launched by a threat actor named Earth Bogle.
