Microsoft has recently highlighted the abuse of the remote support tool Quick Assist in sophisticated social engineering attacks leading to ransomware infections. This blog post summarizes the threat and recommends a mitigation strategy for Netskope customers.

The “I&O Perspectives” blog series features interviews with industry visionaries and experts with roles in product management, consulting, engineering and more. Our goal is to present different viewpoints and predictions on how organizations’ networking, infrastructure and operations (I&O) are impacted by the current threat landscape, existing networking and cybersecurity tools, as well as implications for the future of SASE.

The current situation with legacy on-premises security defenses trying to support a hybrid work environment and zero trust principles is challenging for companies. Complications can include poor user experience, complexity of disjointed solutions, high cost of operations, and increased security risks with potential data exposure. Simple allow and deny controls lack an understanding of transactional risk to adapt policy controls and provide real-time coaching to users.

Every year there’s quite a bit happening at the RSA Conference and no matter how hard you try, it can be difficult to take it all in. Between a sprawling showfloor with hundreds of vendors vying for attention, speaking sessions with experts from across the industry, private meetings with customers and prospects, plus social events in the evening, it’s understandable that you can come away with a bit of sensory overload.

As 2024 continues forward, Australia and New Zealand’s critical infrastructure sectors face significant cybersecurity challenges. Critical infrastructure (CI) sectors–encompassing energy, healthcare, transportation, water, and communication–are at a pivotal moment in their evolution. The rapid digitisation of these sectors brings not only unprecedented efficiency and connectivity but also a significantly expanded attack surface.

Those working in the UK public sector have seen significant upheaval over the last decade thanks to a combination of the long-term efforts to relocate civil servants outside London and, in recent years, the swift adoption of hybrid work practices necessitated during the pandemic. As a result, networks have expanded, the number of devices and endpoints to protect has grown considerably and potential vulnerabilities for attackers to target have increased.

SaaS applications have fundamentally transformed business operations by enabling on-demand user access to services and data via the internet from anywhere. Yet, despite countless benefits, SaaS in the enterprise is fraught with cybersecurity challenges.

As the UK cybersecurity sector prepares to meet at CyberUK next month, I have been reflecting on the conference’s theme–Securing an open and resilient digital future–and what might be the barriers to such a vision. One of the biggest challenges is doubtless the hefty legacy IT in the UK’s public sector.

Leaders and agents running enterprise help desks today are in a very tough spot. They are tasked with resolving a dramatically increased volume of tickets, yet lack the visibility and tools needed to do so. Overwhelmed and often unable to do their jobs effectively, help desk professionals inevitably fall back on guidelines and rules of thumb that are simplistic and don’t reflect the complexity of a hybrid, digital workforce. Time is then wasted trying remedies that don’t produce results.

Reading this recent Wall Street Journal article about Apple’s push to drive adoption of their Vision Pro “spatial computers” in the enterprise got me thinking: Can VR headsets really make the leap from a cool gadget to a serious business tool? The potential is exciting—imagine the possibilities for collaboration and training. But then my security-focused brain kicked in. How do we manage the risks that come with introducing these powerful devices into the workplace?