There’s one quote from the 2024 RSA conference that I can’t stop thinking about, even though it was originally uttered by Kobe Bryant. Here’s the quote.

Despite growing security investments in prevention, detection and response to threats, users are still making uninformed mistakes and causing breaches. One of the basic tenets of KnowBe4 is that your users provide the organization with an opportunity to have a material (and hopefully positive) impact on a cyber attack. They are the ones clicking malicious links, opening unknown attachments, providing company credentials on impersonated websites and falling for social engineering scams of all kinds.

RSA 2024 explored AI's impact on security, featuring sessions on AI governance, LLMs, cloud security, and CISO roles. Here are just a few of the expert insights shared.

In today’s modern business environment, nearly every organization partners with at least one third-party vendor or external service provider. Third-party service providers (web-hosting platforms, software-as-a-service companies, and other businesses that provide technology or services as part of a contract) allow organizations to focus on their primary business processes while reducing operational costs.

Regardless of whether your environment is on-premises, in the cloud or hybrid, new data makes it clear that users are the top cybersecurity concern, and we cover what you can do about it. According to Netwrix’s 2024 Hybrid Security Trends Report, 79% of organizations experience one or more security incidents in the last 12 months. This is a 16% increase from the previous year, demonstrating that attacks are not subsiding one bit and that they are increasingly successful.

How protecting your organization from costly social engineering cyberattacks starts with effective prevention.

Manipulating email headers to mimic the sender’s address and make people think they’re communicating with someone they know. This is a brief definition of email spoofing, an infamous fraudulent technique that can cause harm to recipients and those whose electronic addresses have been compromised. Spoofing may happen to individuals and companies alike.

The simultaneous proliferation of outsourcing and increased interconnectedness of modern businesses has caused the third-party risk management (TPRM) landscape to evolve significantly over the last few years. Establishing a robust TPRM program is no longer just about managing risk across your organization’s third-party ecosystem or gaining an edge over your competitors.

The security solutions landscape is evolving at a breakneck pace, with significant acquisitions reshaping the market. Notably, Palo Alto Networks has acquired IBM's QRadar product line, and Exabeam and LogRhythm have announced their merger. These moves echo Cisco's previous acquisition of Splunk, highlighting a trend where major players like AWS, Microsoft, Cisco, Palo Alto Networks, and CrowdStrike are consolidating their positions in the SIEM and security analytics space.

Virtual Private Networks (VPNs) are used by businesses to secure remote access to systems and encrypt employees’ internet traffic. However, while VPNs add some level of protection for distributed workforces, they aren’t enough to keep your business and employees safe from common cyber threats since they make internal tracking of users complex, lack adequate protection and don’t scale in a remote work environment.