Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The era of working from a single device, at a single desk, in a single office is over. Thanks to portable electronics and wireless internet connections, employees can work from just about anywhere. If they don’t have an authorized work machine handy, they’ll use their personal devices instead. Bring-your-own-device (BYOD) is now a common practice, which makes BYOD security more important than ever.

When it comes to how employees get work done, personal devices are an ever-growing part of the equation. The 2023 Lookout State of Remote Work Security Report found that 92% of remote workers have performed work tasks on their personal mobile devices. While putting security controls on employer-owned devices is a no-brainer, the increasing overlap of personal with professional means that organizations need to think about how to secure employee-owned devices that are being used for work.

Not long ago, most company resources were located within a defined perimeter and users worked in the office using company-owned devices. In that world, access-centric security policies were enough to safeguard sensitive data. But most organizations have now adopted a host of cloud applications, and users work from anywhere on any device and network. To secure sensitive data in this new setup, organizations must transition from an access-centric approach to a data-centric security approach.

It's an undeniable truth that significant differences exist across many facets of life. Sports figures like LeBron James and Michael Jordan possess exceptional talent, which has propelled them to accomplish feats that defy human capability. Jeff Bezos and Elon Musk's extraordinary business achievements make them the epitome of success and a source of inspiration for many. These examples underscore a crucial point: Some things are just better than others.

Cyber crime rose by more than 20% in 2023, and a data breach could cost your company millions of dollars in damages. Today’s organizations need a comprehensive enterprise data protection strategy to ensure the integrity, availability, and confidentiality of sensitive data and prevent data breaches before they occur. In this guide, we'll cover the many facets of enterprise data protection and discuss best practices that can keep your business safe. ‍

The internet has become an indispensable part of daily work, enabling greater flexibility, productivity, and communication. However, connecting to the internet introduces new challenges, particularly in terms of security. With cyber threats evolving constantly, organizations face the daunting task of protecting their users and network from a multitude of risks, including phishing websites, malware downloads, and access to sites that violate acceptable use policies.

In February 2024, Lookout discovered an advanced phishing kit targeting the Federal Communications Commission (FCC), along with several cryptocurrency platforms. While most people think of email as the realm of phishing attacks, this threat actor — known as CryptoChameleon — used the phishing kit to build a carbon copies of single sign-on (SSO) pages, then used a combination of email, SMS, and voice phishing to target mobile device users.

At Lookout, we’re no stranger to all the app risks, phishing attempts, and vulnerabilities that make mobile devices such appealing targets. Over the years, our researchers have identified 1500 threat families and have exposed some of the most sophisticated threats ever found, including Pegaussu, Dark Caracal, and — most recently — CryptoChameleon.

In cybersecurity, change is a given. Technology is constantly evolving, and attackers are always updating their tactics. If you want your organization to remain secure in this ever-changing environment, it’s not enough to keep up with the trends — you need to be one step ahead.

In today's world, data is the lifeblood of every organization. From intellectual property to employee and customer data to competitive intelligence and more — if your data is stolen, it's your reputation, money, and business on the line. But the way we store and interact with data has changed over the years. It's no longer located inside a perimeter, on networks and devices your organization has total control over.