I am excited to share that Lookout has been named a Visionary in the 2022 Gartner Magic Quadrant for Security Service Edge (SSE). We believe our strong position in the “Completeness of Vision” axis demonstrates the alignment of the Lookout Platform with the market direction. This achievement would not have been possible without the hard work and passion of the entire Lookout family who have embraced the opportunity to support our customers on their digital transformation journey.

Part of operating an effective security program is the ability to never rest upon any previous success. When guarding against an adversary, yesterday’s success is quickly eclipsed by the dynamic shift in the attacker’s tactics. Just as a doctor “rules out” a particular diagnosis, an effective attacker first searches for well-known vulnerabilities using catalogs of offensive exploits. These are part of the attacker’s playbook.

When it comes to making business decisions about new technologies and software adoption into your organization – it’s vital to work with your security team to balance the need for speed without sacrificing security.

The NIS Regulations were enacted in May 2018 to implement the EU Directive to achieve NIS compliance.

According to the FBI Internet Crime 2020 Report, phishing scams were the most prominent attack in 2020 with 241,342 complaints reported and adjusted losses of $54 million. In particular, whaling (a highly targeted phishing attack) has been on the rise and is only expected to grow from here. A whaling attack targets high-profile executives with access to valuable information and systems. Let’s take a closer look at whaling attacks and how to stay protected.

The statistics support Microsoft CEO Satya Nadella’s claim that “every company is a software company.” The average enterprise was already deploying 464 custom applications back in 2017, and that number has likely been growing for the past five years with apps designed to meet unique business needs and support daily tasks and processes as they increasingly move online.

CVE-2022-23628 was published last week by the Open Policy Agent (OPA) project maintainers after a user reported unexpected behavior from a policy bundle that was built with optimizations enabled. The problem stemmed from a regression fix in the v0.33.1 release that addressed incorrect pretty-printing of Rego object literals by the `opa fmt` command and the underlying `format` package.

Phishing remains a problem for everyone and any tool that helps is valuable. This post was prompted by the ongoing usage of our free Phish.ly service that we see every day, as people discover the tool and derive enormous benefit from it. If you want to evaluate a suspicious email right now, you need read no further. Just forward that email immediately to scan@phish.ly to get a response quickly from the service.

It is rare nowadays to hear of a business strategy that doesn’t entail a cloud strategy. So it comes as no surprise that 85% of organizations are expected to embrace a cloud-first principle by 2025, as estimated by Gartner. But migrating all your organization’s data, applications, and business processes to a new environment can be daunting.

Businesses of all sizes would benefit from raising their awareness of the potential threats for the year ahead. Hackers are not only exploiting new vulnerabilities such as Log4Shell, but also continuing their use of tried-and-tested methods like phishing and attacking unpatched systems to compromise the security of businesses. There are also challenges in achieving compliance which will be a barrier for organisations looking to secure business and supply chain data.