The market for Software-as-a-Service (SaaS) applications, or apps, was valued at $186B in 2022, and expected to grow to $700B by 2030, a CAGR of 18%. As organizations adopt more SaaS apps for business-critical operations, they expose sensitive data across an ever larger and more diversified variety of egress points in the cloud. And as attackers tend to follow the data, they are targeting SaaS apps like never before.

Over the past two decades we have seen a major shift in working patterns and models at organisations around the world. Intertwined—driven by those workforce changes as well as enabling them—we have also seen a complete rearchitecting of the IT systems that underpin our corporations. Both of these change agents have driven spiralling network costs in the name of maintaining and improving the performance of the essential applications for hybrid workforces.

At RSA Conference 2023, a number of Netskopers from across the organization who attended the event in San Francisco shared commentary on the trends, topics, and takeaways from this year’s conference.

Be the first to receive the Cloud Threats Memo directly in your inbox by subscribing here. While the most common cloud apps are also the most exploited for delivering malicious content, opportunistic and state-sponsored threat actors are constantly looking for additional cloud services to leverage throughout multiple stages of the attack chain.

As we witness a growing number of cyber-attacks and data breaches, the demand for advanced cybersecurity solutions is becoming critical. Artificial intelligence (AI) has emerged as a powerful contender to help solve pressing cybersecurity problems. Let’s explore the benefits, challenges, and potential risks of AI in cybersecurity using a Q&A composed of questions I hear often.

Software-as-a-service (SaaS) applications have become an integral part of modern enterprise operations. According to a recent report by Gartner, the worldwide public cloud services market is projected to grow to $591.8 billion in 2023, up 20.7% from $490.3 billion in 2022, with SaaS being the largest market segment representing about 33% of the market.

CrossLock is a ransomware group that emerged in April 2023, targeting a large digital certifier company in Brazil. This ransomware was written in Go, which has also been adopted by other ransomware groups, including Hive, due to the cross-platform capabilities offered by the language. CrossLock operates in the double-extortion scheme, by threatening to leak stolen data on a website hosted on the deep web if the ransom isn’t paid by the victim.

Quality of Service (QoS) is a standard metric for any infrastructure, networking, or operations team contracting with a tech vendor The average network SLA, for example, is crawling with QoS metrics covering a range of things, including packet loss, jitter, latency, bandwidth allocation, response time, and uptime.

I think we can all agree that the Australian government has demonstrated its will to empower our country, its organisations and citizens to be more secure online. Australia has become a prime target for bad actors, and like my counterparts, I appreciate a government with a hands-on approach—one that recognises the criticality of cybersecurity.

Netskope Threat Labs is tracking a phishing campaign that mimics a FedEx package delivery as bait to steal credit card data. This type of social engineering attack is commonly found in phishing pages, emails, and other scams, where a false sense of urgency is created to urge the victim into doing an action that eventually leads to personal data theft.