Collaborate Disseminate
Long-lived plaintext credentials have been involved in most breaches over the last several years, according to GitGuardian. When valid credentials, such as API keys, passwords, and authentication tokens, leak, attackers at any skill level can gain init… Continue reading 70% of leaked secrets remain active two years later
93% of organizations made policy changes over the preceding 12 months to address concerns about increased personal liability for CISOs, according to Fastly. This includes two in five organizations (41%) increasing CISO participation in strategic decisi… Continue reading Most organizations change policies to reduce CISO liability risk
87% of companies have, or are in the midst of, rolling out passkeys with goals tied to improved user experience, enhanced security, and compliance, according to the FIDO Alliance. Key findings Enterprises understand the value of passkeys for workforce … Continue reading Goodbye passwords? Enterprises ramping up passkey adoption
Organizations have zero visibility into 89% of AI usage, despite security policies according to a LayerX report. 71% of connections to GenAI tools are done using personal non-corporate accounts. Among logins using corporate accounts, 58% of connections… Continue reading 89% of enterprise AI usage is invisible to the organization
The growth of AI-based technology has introduced new challenges, making remote identity verification systems more vulnerable to attacks, according to iProov. Innovative and easily accessible tools have allowed threat actors to become more sophisticated… Continue reading Online crime-as-a-service skyrockets with 24,000 users selling attack tools
The third quarter of 2024 saw a dramatic shift in the types of malware detected at network perimeters, according to a new WatchGuard report. The report’s key findings include a 300% increase quarter over quarter of endpoint malware detections, highligh… Continue reading 300% increase in endpoint malware detections
Regardless of job title, 92% of executives stated they had some degree of confidence in their organization’s ability to meet compliance requirements and tackle advanced threats with current staff and tools, but confidence levels differed across leaders… Continue reading vCISOs are in high demand
2024 is set to be a record year for scammers who received at least US$9.9 billion in crypto revenues from their illicit activities, according to Chainalysis. This figure is projected to rise to an all-time high of $12.4 billion as ongoing analysis unco… Continue reading Pig butchering scams are exploding
47% of organizations have experienced a data breach or cyberattack over the past 12 months that involved a third-party accessing their network, according to Imprivata and the Ponemon Institute. Third-party security incidents persist Notably, 64% of res… Continue reading Inconsistent security strategies fuel third-party threats
More than three million employee-linked corporate accounts were compromised between 2022 and 2024 across Fortune 500 companies, according to Enzoic. This surge is fueled by the widespread use of corporate email addresses for personal accounts and the g… Continue reading Over 3 million Fortune 500 employee accounts compromised since 2022