Author: Jane Devry

In today’s ever-evolving threat landscape, cybersecurity is no longer just a technical concern—it’s a business imperative. Yet, new research from Cyber Defense Group (CDG) reveals a critical disconnect between executives and security teams when it comes to confidence in their organization’s resilience. While 92% of IT security professionals express confidence in their ability to manage threats, the frequency of breaches and the projected rise in 2025 security budgets indicate underlying vulnerabilities that remain unaddressed. 

The 2025 Cybersecurity Strategy Insights Report, based on insights from 300 U.S. IT security professionals, sheds light on misalignments that undermine security strategies. As cyber threats grow in sophistication, organizations must shift from a siloed approach to a cohesive, ecosystem-driven strategy that bridges the gap between technical teams and leadership. 

The Executive Confidence Gap in Security Posture

A striking disparity in confidence exists between different leadership roles, which may be influencing cybersecurity strategies—or lack thereof. Two-thirds (68%) of CEOs surveyed reported high confidence in their organization’s security posture. This optimism likely stems from their involvement in hiring security leaders and shaping overarching strategies. However, their distance from day-to-day threat intelligence and incident response may obscure the real risks facing their organizations. 

On the other hand, CIOs and CSOs, who work closer to security operations, paint a different picture. Only 31% of CIOs reported being very confident in their security posture, while the majority expressed moderate confidence. Among CSOs, confidence levels were even lower—only 5% felt highly assured in their ability to mitigate threats. These findings suggest that those closest to security challenges have a more measured view, recognizing the gaps that still need to be addressed. 

Organizational Structures and the Need for an Agile Security Model 

Security teams are structured in various ways, with most organizations relying on a mix of in-house staff and contractors (39%) or fully in-house teams (36%). However, the report found a growing trend toward external support, with 25% of respondents investing in part-time or fractional security roles or outsourcing their cybersecurity functions entirely. Across all security team structures, respondents identified key areas for improvement: 

  • Speed and flexibility (58%) 
  • Cohesive strategy and program development (54%)      
  • Specialized expertise to counter advanced threats (52%)         
  • Enhanced executive-level oversight and visibility (42%) 
  • Addressing budget limitations without compromising security (42%) 

This data underscores the need for organizations to adopt more dynamic security models that can scale as threats evolve. 

Breaches, Budget Constraints, and Talent Shortages Exacerbate Risk 

One of the most concerning findings from the report is the sheer volume of security incidents organizations have faced. Nearly one in two respondents (49%) reported experiencing a breach in the past year, including data exfiltration, ransomware attacks, and unauthorized access. Yet, despite this alarming trend, security budgets saw only an 8% increase in 2024, according to IANS Research. 

Adding to the challenge is a severe cybersecurity talent shortage. The U.S. alone faces a deficit of over 225,200 security professionals, with approximately 470,000 open cybersecurity jobs. This shortfall creates a skills gap that leaves organizations vulnerable, especially as AI-powered threats continue to evolve at an unprecedented rate. 

The Rise of vCISOs: A Strategic Solution to Bridge Security Gaps 

Faced with rising threats and resource constraints, organizations are increasingly turning to virtual chief information security officers (vCISOs) to bridge gaps in oversight, expertise, and business alignment. CDG’s report highlights a growing recognition of the benefits of vCISOs, with 76% of security leaders planning budget increases in 2025 to address evolving risks. 

The benefits of vCISOs include: 

  • Cost-effective leadership without the overhead of a full-time CISO (28%) 
  • Flexible, on-demand expertise that scales as needed (19%) 
  • Strategic oversight and alignment with business goals (15%) 
  • Specialized knowledge for temporary or critical security needs (12%) 
  • Filling skills gaps without requiring a full-time hire (11%) 

By integrating vCISOs into their cybersecurity strategy, organizations gain access to seasoned leadership capable of balancing security priorities with broader business objectives. 

A Call to Action: Building an Ecosystem Approach to Cybersecurity 

Organizations can no longer afford to approach cybersecurity in silos. The rapid evolution of cyber threats, coupled with insights from the 2025 Cybersecurity Strategy Insights Report, underscores the need for a more integrated, strategic approach. Rather than relying on fragmented security measures, businesses must align leadership, strategy, and cybersecurity resources to build a resilient defense framework. This requires fostering collaboration between executives and security teams, adopting dynamic security models, and leveraging external expertise such as vCISOs to drive meaningful, outcomes-based protection. By shifting from reactive responses to a proactive, ecosystem-driven approach, organizations can close the confidence gap between technical teams and leadership, ensuring they are prepared to navigate the challenges of 2025 and beyond. 

The post Bridging the Confidence Gap: Why Businesses Must Align Leadership and Cybersecurity for 2025 appeared first on Cybersecurity Insiders.

Imagine this: Your back-office admin account, the keys to your iGaming kingdom, sold for a mere $10 on a dark web forum. The buyer? A cybercriminal who didn’t need to breach your network — they simply purchased your credentials from an infostealer log leaked weeks ago. This isn’t a hypothetical scenario but a growing reality in today’s digital landscape. According to the Check Point Cyber Security Report 2025, 90% of breached companies had previous corporate credentials leaked in a stealer log — a stark reminder that once login details fall into the wrong hands, attackers gain an easy foothold. For online casinos, sports betting platforms, and other digital gambling entities, the threat isn’t just about stolen player data — it’s about cybercriminals gaining control over the very systems that power your operations.

Infostealers Explained: The Silent Threat on Every Device

Infostealers are stealthy malware programs designed to exfiltrate sensitive data from infected endpoints — laptops, desktops, or mobile devices. Unlike ransomware, which often announces itself with file encryption and demands for payment, infostealers operate discreetly. They focus on:

  • Privileged Credentials: Usernames, passwords, and cryptocurrency wallet data stored on compromised devices.
  • Browser Artifacts & Session Cookies: Saved logins, authentication tokens, and cookies that can yield direct access to back-office or management dashboards.
  • Local Files & Configuration Data: Screenshots, system logs, or confidential documents that reveal network architectures and critical server details.

Once harvested, these “digital keys” are often sold on dark web marketplaces or used immediately to breach corporate networks – posing a significant threat to iGaming operators who rely on continuous uptime and uncompromised trust.

Picture 1. An automated alert from a Dark Web Monitoring Platform, revealing stolen corporate credentials attributed to an infostealer breach

Why iGaming Operators Are Prime Targets

Historically, cybersecurity efforts in the iGaming sector have centred on safeguarding player information and payment transactions. However, modern infostealer campaigns now set their sights on core back-office infrastructure. A single compromised device — be it a personal laptop used for remote admin tasks or an unsecured corporate endpoint — can lead to:

•Unauthorized Privileged Application Access

Attackers can gain direct control over administrative interfaces, manipulate odds, siphon funds, or disrupt live games. With privileged credentials, they effectively become “insiders,” potentially accessing everything from back-office casino portals to payment systems.

•Operational Downtime & Ransomware Threats

Using stolen credentials, intruders can deploy secondary malware that halts critical services — or even encrypt entire production environments — demanding a ransom to restore operations. Every minute of downtime costs operators significant revenue and can permanently scar their reputation.

•Exploiting Crypto Payment Integrations

Many iGaming operators now allow cryptocurrency deposits and withdrawals for speed and convenience. While these gateways can enhance user experience, they also create new attack vectors. Once infostealers grant criminals privileged access, bad actors can directly tap into crypto payout modules — funneling funds to external wallets in near real-time. Because blockchain transactions are decentralized and harder to trace or reverse, these illicit transfers often vanish without leaving much of a trail — making iGaming operators an enticing target for swift, untraceable profit.

•Damage to Trust

Even a brief intrusion erodes player confidence and invites regulatory scrutiny. In a highly competitive market like iGaming, trust and brand integrity are paramount for sustaining user loyalty.

Picture 2. Information extracted by the infostealer — encompassing all stored logins/passwords, session cookies, system details, and even desktop screenshots from the infected device

High-Stakes Incidents: Infostealers in Action

Because infostealers frequently harvest credentials from personal devices — well beyond an operator’s internal security controls — the direct link between a “breach” and the actual malware can remain unclear. If the operator itself wasn’t initially infected, investigators may see only a “credential-stuffing” attempt, even though logs from infostealer-infected endpoints are the real source. Below are two illustrative cases from the near past, showing how these stealthy attacks can escalate into major compromises.

Crypto Sector — Binance Infostealer Attack (May 2023)

In May 2023, Binance — one of the world’s largest cryptocurrency exchanges — detected an infostealer malware campaign aimed at its internal employee endpoints. Attackers tried to leverage stolen credentials to infiltrate corporate systems. While Binance successfully contained the threat, this incident proves that even major industry players can fall prey to stealthy credential-harvesting malware.

iGaming Sector — DraftKings Compromise via Infostealer Logs (November 2022)

In November 2022, DraftKings — an American sports betting and iGaming operator — revealed that attackers accessed around 68,000 customer accounts, leading to unauthorized withdrawals of roughly $300,000. Initially framed as “credential stuffing,” subsequent investigations (and BleepingComputer coverage) unearthed infostealer “logs” commonly sold on dark web marketplaces. The compromised credentials originated from users’ infected personal devices — highlighting how infostealers can wreak havoc even if the operator’s core systems remain unbreached.

Picture 3. SIEM event triggered by an HIBP alert about a corporate account detected in an aggregated database of leaked credentials

The SOFTSWISS Playbook: Infostealer Defense Strategies

At SOFTSWISS, we view infostealers as a stealthy, persistent threat demanding proactive defenses across the entire iGaming infrastructure. Drawing on both our hands-on experience and leading cybersecurity research, we’ve developed a comprehensive approach to intercept credential-harvesting malware before it can cause major disruptions. Below are our key recommendations, all on a single level, for effectively battling infostealers:

1.Restrict High-Level Access

Limit entry to core casino back offices, payment gateways, and other critical corporate infrastructure strictly to essential personnel. Require connections to sensitive resources to pass through secure network controls — such as a VPN or Zero Trust framework — ensuring that only verified users and endpoints gain access. Regularly audit permissions, rotate passwords, and disable dormant accounts to shrink your attack surface.

2.Combine MFA with Endpoint & Network Checks

Multi-factor authentication (MFA) is vital but not a panacea: if a device is already compromised, attackers may intercept tokens or one-time passcodes. Complement MFA with robust endpoint security (antivirus, disk encryption, patch management) and network-level policies, such as Network Access Control (NAC). This ensures all corporate or personal devices pass compliance checks (e.g., updated malware definitions, and recent security patches) before connecting to privileged resources.

3.Mandate Secure Devices for Admin Tasks

Prefer corporate-owned, security-hardened laptops and mobile devices for administrative operations. If personal endpoints must be used, enforce strict requirements: full-disk encryption, active malware protection, and routine scans. The aim is to prevent infostealers from hitching a ride through personal software or browsing habits.

4.Enable Real-Time XDR Monitoring

Deploy an Extended Detection and Response solution that correlates endpoint activity, network traffic, and user behavior. By analyzing data from multiple sources in real time, XDR can detect subtle signs of infostealer infiltration — blocking attackers from moving laterally across your environment.

5.Deploy Dark Web Monitoring

Leverage professional services — such as Flare, Cyble, or SOCRadar — to scan for leaked credentials tied to your domain. Proactive dark web checks provide near-real-time alerts when corporate logins surface on underground marketplaces.

6.Adopt SOAR for 24/7 Incident Response

Integrate Security Orchestration, Automation, and Response (SOAR) system with your SIEM feeds to automatically isolate infected endpoints, reset compromised accounts, and alert relevant staff. Around-the-clock incident management is crucial for containing threats quickly.

7.Promote Safe Software & Device Practices

Train employees to avoid downloading untrusted apps, browser extensions, and software from unofficial sources. Emphasize the dangers of blending personal and corporate usage on a single device, given how swiftly infostealers can spread.

8.Conduct Infostealer-Focused Training

Schedule regular sessions highlighting how stealthy these campaigns can be — demonstrating real attack logs and typical infection vectors. Encourage staff to report unusual system behaviours (slow performance, unexpected pop-ups) that might indicate hidden malware.

9.Engage in Industry-Wide Collaboration

At SOFTSWISS, we actively share anonymized metrics, threat analyses, and defensive measures with our iGaming peers. By uniting against infostealers — exchanging timely intelligence and lessons learned — we strengthen the entire sector’s resilience.

By adopting these strategies, iGaming operators can substantially minimize the risk of infostealer-driven breaches. At SOFTSWISS, we focus on safeguarding our clients’ operations by continuously refining our approach — adding new layers of defense and unique solutions against stealthy credential-harvesting attempts. Through this holistic commitment, we ensure these covert attacks are thwarted before they disrupt business, allowing our partners to concentrate on delivering a world-class iGaming experience.

By continuously refining the approach with advanced threat intelligence, real-time monitoring, and comprehensive incident management, it becomes possible to detect and neutralize these covert attacks before they disrupt business, empowering partners to focus on delivering a world-class iGaming experience.

Infostealers operate in complete silence, harvesting the very credentials that power digital infrastructure. Only through proactive dark web monitoring and advanced threat intelligence can it be possible to stay one step ahead of attackers — ensuring defenses evolve as rapidly as the threats.

Together, by uniting best practices, cutting-edge intelligence, and open industry collaboration, these covert attacks can be contained — before they strike the real jackpot.

The post Locked Doors, Stolen Keys: How Infostealers Are Robbing iGaming Operators appeared first on Cybersecurity Insiders.

Artificial intelligence (AI) has reached an inflection point. Once considered an experimental technology, AI is now embedded in the core strategies of organizations across industries, transforming how businesses operate, innovate and compete. As AI becomes integral to decision-making and customer experiences, the stakes for ensuring its responsible use have never been higher.

In 2025, responsible AI (RAI) will move from being a buzzword to a business necessity, serving as a key driver of competitive differentiation across industries. In sectors like healthcare, finance and e-commerce — where trust and ethics are critical — adopting RAI will no longer be optional. Companies that commit to responsible practices will not only navigate rising regulatory and consumer expectations but also position themselves to deliver both innovation and accountability.

By building AI systems that solve complex challenges while addressing ethical concerns, businesses can foster trust with customers and stakeholders. This shift goes beyond compliance, unlocking long-term value and creating a strategic advantage in markets where credibility is paramount.

Why Now: The AI Arms Race and the Industrialization of Fraud

The urgency of RAI adoption is underscored by the emergence of industrialized fraud and the escalating AI arms race. In 2025, fraudsters will operate at unprecedented scales, using AI to mass-produce deepfakes, synthetic identities and large-scale scams. These sophisticated, assembly-line operations will challenge traditional security measures, particularly in industries tasked with safeguarding sensitive user data.

As attackers leverage AI to bypass defenses, businesses will be forced to adopt equally advanced AI-driven solutions. Multimodal liveness detection, real-time behavioral analytics and adaptive biometric systems will become critical tools in combating fraud. However, deploying these technologies without a foundation of responsible AI risks undermining their credibility. Transparency, fairness and accountability will be essential to ensure that AI systems not only protect against fraud but also maintain public trust.

Responsible AI: A Strategic Imperative

The shift toward RAI represents more than just a technological or ethical milestone — it is a business strategy that will define industry leaders in the years to come. By balancing innovation with accountability, RAI enables companies to create systems that are not only cutting-edge but also transparent, fair and trustworthy. While integrating RAI into AI development processes may introduce short-term hurdles — such as addressing data constraints, improving model explainability or enhancing governance mechanisms — these challenges will ultimately drive innovation, fostering resilience and adaptability in an increasingly complex market landscape.

Trust has always been a cornerstone of long-term business success, and RAI offers a way to strengthen that foundation in the age of AI. Companies that proactively invest in responsible AI practices will build systems capable of anticipating and addressing risks, positioning themselves as leaders in industries where ethical considerations are becoming key differentiators. Customers and stakeholders are no longer just buying products or services — they are choosing organizations they can trust to act responsibly, especially when the decisions made by AI can have profound and lasting consequences.

In healthcare, for example, AI systems used for diagnostics or treatment recommendations must ensure fairness to avoid biases that could disproportionately harm vulnerable populations. By embedding RAI principles, healthcare organizations can build trust with patients while expanding access to life-saving technologies. Similarly, in finance, the adoption of explainable AI models will be essential not only for securing regulatory approval but also for maintaining consumer confidence in processes like loan approvals, credit scoring and fraud detection. These efforts will help mitigate risks, but they will also create new growth opportunities, enabling companies to stand out in crowded and highly scrutinized markets.

Over time, companies that integrate RAI deeply into their operations will develop a competitive advantage that extends beyond AI-specific applications. They will foster stronger relationships with customers, gain a reputation for ethical leadership and build a culture of trust that permeates every aspect of their business. In an increasingly interconnected world, trust is a currency that appreciates with time, and responsible AI is the key to cultivating it.

The Future of Responsible AI

As businesses face an era defined by the dual pressures of accelerating innovation and rising ethical scrutiny, the leaders of tomorrow will be those who view responsible AI not as a constraint but as an enabler. Companies that succeed in aligning their AI systems with core principles of transparency, fairness and accountability will be better equipped to navigate complex regulatory landscapes, attract ethically conscious consumers and deliver cutting-edge solutions.

The AI arms race may be driving businesses to adapt rapidly, but the winners will be those who integrate responsibility into their innovation strategies. By embracing responsible AI in 2025, companies can build systems that are not only resilient against evolving threats but also positioned to thrive in a world where trust is the ultimate competitive advantage.

 

 

The post Responsible AI: The Critical Competitive Advantage of 2025 appeared first on Cybersecurity Insiders.

There is a speeding train hurtling down the tracks which is unstoppable, persistent, and accelerating faster than anyone predicted. We all have three choices- be on it, be under it, or stand by and watch it pass us by.  AI and automation are reshaping the battlefield, and cyber criminals are already exploiting these tools to launch attacks at machine speed. From AI-powered phishing and deepfake fraud to autonomous malware that evolves on its own, we are witnessing a new era where traditional security defenses are rapidly becoming obsolete.

According to the World Economic Forum, while 66% of organizations acknowledge that AI will significantly impact cybersecurity, only 37% have established processes to evaluate the security of AI tools before deploying them. This massive gap highlights a critical oversight of whether businesses are integrating AI-driven solutions into their security stacks but are still failing to assess their vulnerabilities. 

Security leaders must decide- Will they adapt and harness AI to fight back, or will they be left scrambling as AI-driven cyber threats overwhelm them? This isn’t just another phase in cybersecurity, it’s an arms race- AI vs. AI. Attackers are using AI to craft undetectable phishing scams, generate deepfake fraud, and automate hacking. The question isn’t whether your organization will be targeted, but whether you’ll be ready when it happens.

So, the choice is clear- Will you board the train, or will it run you over?

The Rise of AI-Driven Cyber Threats

Now, AI-powered phishing emails are grammatically perfect, highly personalized, and nearly indistinguishable from legitimate messages. Attackers leverage AI chatbots to engage victims in real-time, increasing success rates. Meanwhile, deepfake technology enables real-time impersonation of executives and public figures, allowing fraudsters to authorize transactions, manipulate stock prices, and spread misinformation with hyper-realistic voice and video forgeries.

Malware development has also evolved beyond manual coding. AI now enables cybercriminals to generate self-mutating malware that bypasses antivirus software and endpoint protection. Instead of deploying a single attack, AI tests multiple variations in real-time, ensuring at least one version evades detection.

Despite these escalating threats, many organizations remain vulnerable. Legacy security systems struggle to detect AI-generated attacks, while even well-trained employees fall victim to AI-enhanced phishing and deepfake scams. Traditional authentication methods are increasingly unreliable, highlighting the urgent need for AI-driven detection tools to counteract evolving cyber threats. Without proactive AI security measures, organizations risk being outpaced in the AI-driven cyber arms race.

The AI-Powered Security Strategy

To combat AI-driven cyber threats, security leaders must embrace AI as part of their defensive strategy. A proactive, AI-driven security framework can help organizations predict, detect, and neutralize AI-powered attacks before they cause damage.

•AI-Driven Threat Intelligence- Anticipating Attacks Before They Happen

Security teams must shift from a reactive security model to a predictive one, leveraging AI-driven threat intelligence to identify emerging threats before they strike. AI can analyze massive datasets in real time, detecting patterns and anomalies that indicate potential cyberattacks.

By integrating AI-powered analytics, security teams can anticipate and neutralize attacks proactively rather than responding after the damage is done.

•Automated Irregularity Detection- Spotting the Subtle Signs of AI-Generated Attacks

Traditional security systems struggle to detect AI-powered cyberattacks because they don’t match known threat signatures. AI-powered anomaly detection systems, however, can identify suspicious behavior in real time.

For example, AI can flag an unusual login attempt from an employee who appears to be in two different locations within minutes, indicating a potential credential compromise. By continuously learning from user behavior, AI-driven security systems can detect subtle anomalies that indicate an attack.

•Combative AI- Fighting AI With AI

To counter AI-powered threats, organizations must leverage adversarial AI—AI models designed to detect and disrupt malicious AI-generated attacks. By training AI systems to recognize AI-generated phishing attempts, deepfake fraud, and evolving malware, enterprises can stay one step ahead of cybercriminals.

Combative AI works by introducing deceptive signals that mislead malicious AI models, disrupting cybercriminal operations before they reach their targets.

Employing AI for Cybersecurity Dominance

AI is both a powerful tool and a formidable threat in the cybersecurity landscape. To stay ahead, security leaders should embrace AI-driven threat intelligence, automate anomaly detection, and deploy adversarial AI techniques. The future of cybersecurity is about defending against AI and using AI to outthink and overcome attackers in the security arms race.

By leveraging AI to its fullest potential, organizations can turn the tide against AI-powered cybercrime and secure their digital assets in an increasingly automated world.

The post AI vs. AI – How Cybercriminals Are Weaponizing Generative AI, and What Security Leaders Must Do appeared first on Cybersecurity Insiders.

Fraud is becoming more sophisticated, targeting companies with increased precision, especially in two critical areas: Accounts Payable (AP) and Payment Processes.  Both jobs with vendor-facing roles, these employees are prime targets due to their access to funds and ability to approve or modify payments.  

A couple of factors exacerbate the issue. First, these businesses continue to rely on security tools and financial controls that are not only siloed but lack the contextual data needed to detect and prevent these sophisticated attacks, which, according to the FBI, cost organizations $1.5 million each on average (source: FBI). 

Next, attackers have upped their tactics in a few key ways:

  • They have begun infiltrating businesses from multiple angles, including through vendor accounts, where they leverage layers far beyond the organization’s day-to-day visibility (those people they interact with regularly).
  • They are creating more sophisticated capabilities for evading security and setting off new risk thresholds, which include the greatest threat to payments today: social engineering.  

Cybersecurity’s Biggest Threat

Social engineering, which includes deepfakes, is the most prevalent form of attack. Research found that 90% of cyberattacks in 2024 involved social engineering tactics. And it’s not just about frequency. Through the power of AI, these attacks are becoming increasingly more costly.  In its Digital Fraud: The Case for Change report, Deloitte states that the “rapid expansion of AI and GenAI tools provides the resources for bad actors to scale their attacks, both on the financial institutions and directly to their customers.” The report says that “the proliferation of GenAI tools could enable fraud losses to reach US$40 billion in the United States by 2027, up from US$12.3 billion in 2023.”

The Lifecycle of Fraud: How Social Engineering Exploits Each Stage

When it comes to fighting back, a key element is to understand the many ways attacks are coming at your business. Here are examples.

Deepfake Impersonations:  Fraudsters frequently leverage deepfake impersonations to craft emails, videos, and other communication that convincingly appear to be from senior executives of Financial Times Stock Exchange (FTSE) companies. The goal of these efforts is to convince the employee to transfer substantial funds. While these attacks can impersonate people on all levels, selecting more senior executives is far more effective since employees naturally trust leadership and are often inclined to bypass standard review protocols for what looks like significant matters. The FBI’s Internet Crime Complaint Center (IC3) reported $2.95 billion in losses from BEC scams in 2023.

To turn up the heat on these attacks, fraudsters often add a layer of pressure. They might claim a payment is overdue or tied to a critical deadline, such as finalizing an acquisition. In extreme cases, they may threaten disciplinary action or other penalties to push employees into bypassing established protocols. This tactic preys on the human desire to avoid conflict or negative repercussions, especially when the request comes from a high-ranking authority.

AI-Generated Phishing: Attackers leverage AI to gather and analyze vast data about their targets. This includes information from social media profiles, public records, and leaked data from breaches. As a result, cybercriminals can understand the target’s behavior, preferences, and potential vulnerabilities. From there, they can craft highly personalized and convincing phishing emails that not only mirror the person’s writing style but leverage other details, such as a recent event, making them more effective and harder to detect. And these aren’t one-off campaigns. Thousands of these messages can be sent out simultaneously, targeting an extensive audience.

Fake Invoices in Payment Initiation: The payment lifecycle begins with the initiation when a vendor submits an invoice for goods or services rendered. As mentioned earlier, larger businesses have small teams processing large piles of invoices every day. For many criminals, the initiation phase is the ideal time to launch a social engineering attack using vendor impersonation schemes. 

Here, fraudsters, posing as legitimate vendors, use fake invoices to initiate payments. Sometimes, they intercept genuine invoices, altering minor details such as bank account numbers or payment amounts, and resubmit them for processing. Thanks to small teams that are stretched thin, meticulous scrutiny is not an option, which is precisely why fraudulent invoices can slip through undetected, leading to significant financial losses.

Account Takeovers and Payment System Manipulation:  At the processing stage, fraudsters leverage stolen credentials obtained through phishing attacks or data breaches to gain unauthorized access to payment systems. Once inside, they impersonate legitimate users, modifying payment instructions or creating fraudulent transactions for work that was never done. In automated systems like Automated Clearing House (ACH) transfers, attackers may manipulate payment templates or schedules to redirect funds into their accounts. These subtle changes can often go unnoticed until the damage is done.

Strengthening Defenses: Combating Social Engineering at Every Stage

For businesses fighting back, here’s the first step: Stop viewing social engineering solely as an email security threat. These attacks extend far beyond email, infiltrating the entire payment process and targeting systems, workflows, and data across the organization. 

With this understanding, it’s time to implement a multi-layered defense strategy that addresses vulnerabilities across the payment lifecycle to protect against social engineering and other fraudulent tactics. Some key elements of this approach include:

  • Comprehensive Contextual Insight: Seamlessly integrating email, payment, and vendor behavior data so that your team can detect irregular patterns across the entire process.
  • Proactive Monitoring of High-Risk Roles: While everyone at a business can be a target, it’s vital that systems are actively monitoring and securing those roles with access to funds, such as finance, executives, and vendor-facing employees. 
  • Adaptable AI-Driven Detection: Just as fraudsters are turning to AI, so should you. Start leveraging advanced AI tools to analyze patterns, detect anomalies, and recognize synthetic threats like deepfakes or real-time voice manipulation. These tools are not static. They continuously learn from new attack methods, enabling real-time identification and prevention of emerging threats. 

While forms of social engineering have existed for some time, the latest variety of attacks demonstrates an evolution in techniques that are unlike what came before. These methods will continue to evolve and leverage psychological manipulation to exploit weaknesses in the payment lifecycle. From fake invoices and account takeovers to executive impersonation and high-pressure tactics, these schemes are designed to capitalize on human error and trust to get their hands on your company’s money. 

But companies are not without recourse. Fighting back begins with understanding the vulnerabilities at each stage of the payments lifecycle and implementing a comprehensive defense strategy that includes key elements, such as comprehensive contextual insight, proactive monitoring of high-risk roles, and adaptable AI-driven detection. With the right approaches and innovative solutions, organizations can protect themselves from these sophisticated threats and whatever comes in the future.

__

Shai Gabay Bio

A visionary entrepreneur, Shai Gabay has always held a deep passion for cybersecurity and fintech, and over the course of his career, he has developed his expertise in both areas. Currently, Shai is a co-founder and the CEO of Trustmi, a leading end-to-end payment security platform founded in Israel in 2021. Prior to Trustmi, he was General Manager at Opera, VP of Product and Services at Cynet, CIO at Cyberbit and the CISO at Discount Bank.

Shai holds a Bachelor’s Degree from Shenkar College in software engineering, and also a Master’s degree in Business Administration and Management from Tel Aviv University.  Additionally, Shai was selected for the prestigious 1-year full scholarship executive excellence program at the Hoffman Kofman Foundation, a program tailored to outstanding alumni of IDF’s Elite Units. Through this program, he had the opportunity to study with prominent co-founders and leaders at renowned global tech companies and professors at elite universities.

 

 

The post The Human Factor: How Eliminating Human Vulnerabilities Can Stop Social Engineering Fraud appeared first on Cybersecurity Insiders.

Exploring the Future of SASE, SSE, Zero Trust, and Hybrid Security Strategies

Overview

As organizations continue to manage increasingly sophisticated IT environments and widespread hybrid work models, the demand for secure, scalable network access remains a top priority. This 2025 Secure Network Access Report, based on insights from 411 IT leaders and cybersecurity professionals, explores the trends, challenges, and strategies that are shaping secure access today.

Key findings:

SASE Urgency Required: With 32% implementing, 31% evaluating, and 24% planning SASE adoption within the next year, momentum is building. However, with only 8% fully deployed, slow progress leaves organizations vulnerable, making it critical for distributed workforces to prioritize SASE for stronger security.

Remote Access as a Top Driver for SASE: 45% of participants identified secure remote and hybrid access for employees as their primary driver for adopting SASE solutions. This focus is vital, as 42% of respondents noted employees as the user group posing the greatest risk to business security. Traditional Virtual Private Networks (VPNs) often increase these risks, causing high latency, reduced performance, and inadequate security. SASE mitigates these issues with technologies like Software- Defined Wide Area Networks (SD-WAN), optimizing traffic flow and performance while ensuring secure, seamless access for remote and hybrid employees.

Zero Trust on the Rise: With 38% of organizations currently implementing Zero Trust and another 42% planning to do so within the next year, this security model has become a key focus for managing access in distributed environments and reducing insider threats.

Challenges in SASE Implementation: 48% of respondents pointed to integration with existing systems as the most significant barrier to adopting SASE. Policy management across different environments (44%) and user disruption during transitions (38%) were also identified as common challenges. Managed services help address these integration challenges by connecting existing infrastructure with SASE components, ensuring minimal disruption and faster time-to-value.

Leveraging MSSPs to Address Expertise Gaps: 47% of respondents cited lack of in-house expertise as the primary reason for turning to Managed Security Service Providers (MSSPs). Partnering with MSSPs can help streamline complex deployments like SASE, offering the expertise needed for seamless integration, improved network visibility, and reduced costs through a unified approach to security and performance.

This report provides in-depth analysis of these trends, alongside actionable recommendations for overcoming the challenges of SASE and Zero Trust implementation.

We extend our thanks to Hughes for supporting this critical research project. Their commitment to advancing secure access solutions has made this comprehensive analysis possible.

We hope that the insights provided in this report will guide your efforts to enhance security and protect your organization against evolving threats.

Holger Schulze

Founder, Cybersecurity Insiders

A Message from Hughes

Traditional IT approaches are a thing of the past as organizations navigate new and emerging technologies, workforce structures, and AI-driven cyber threats. In a world where the workforce is often distributed—and connected by cloud and other remote software solutions—securing a scalable network has never been more important. Cybersecurity as we know it is evolving, and we must evolve with it.

Thank you to all involved in this important research. As cybersecurity threats and technologies evolve, new partnerships and creative strategies will determine success and an organization’s ability to secure their workforce and safeguard their performance now and in the future.

Dan Rasmussen

SVP & GM, North America Enterprise Division, Hughes

Workforce Dynamics in a Hybrid World

The shift toward hybrid and remote models fundamentally impacts how cybersecurity strategies are deployed, particularly in securing network access, preventing insider threats, and managing distributed data environments.

With 63% of organizations now embracing a hybrid work model, maintaining secure access across a blend of remote and in-office environments has become increasingly critical. 19% of respondents operate fully remotely, further emphasizing the need for secure endpoint solutions and VPN alternatives.

Given the distributed nature of workforces, solutions like Security Service Edge (SSE) platforms offer layered protections, combining Zero Trust Network Access (ZTNA), Secure Web Gateway (SWG), and Cloud Access Security Brokers (CASB) to prevent data loss and ensure secure access. Managed Secure Access platforms are particularly valuable in simplifying these processes, providing centralized security management while ensuring high network performance.

Zero Trust Adoption: A Strategic Imperative

As organizations continue to face growing cyber threats, the adoption of Zero Trust security strategies has become increasingly critical for safeguarding networks, users, and data. Zero Trust, a framework that emphasizes continuous verification of identities and devices, has rapidly gained traction as a core security model for organizations aiming to reduce risk across their environments.

According to the survey, 42% of respondents are planning to implement Zero Trust within 12 months, showing that a significant number of organizations are in the early stages of their Zero Trust journey. 38% are currently implementing Zero Trust solutions, reflecting the urgency many organizations feel in transitioning to this security framework. The fact that 12% are still exploring Zero Trust concepts without concrete plans suggests that while awareness is high, some organizations are still evaluating how best to integrate these strategies into their infrastructure.

For organizations yet to adopt or fully implement Zero Trust, focusing on areas like Identity and Access Management (IAM), network micro-segmentation, and continuous monitoring can provide immediate security improvements. Leveraging integrated Zero Trust solutions through managed service providers can further streamline adoption and reduce the complexity of deployment, ensuring a smoother transition while addressing the most critical security gaps.

Securing Access to Critical Business Resources

As organizations continue to adopt cloud services and remote work, securing access to essential business resources has become one of the most pressing cybersecurity challenges. The survey asked which resources are most difficult to secure, underscoring the complexities of managing distributed infrastructures while maintaining consistent security.

The results show that 52% of respondents find remote network connectivity (e.g., VPNs) to be the most challenging to secure. This reflects the inadequacies of legacy VPNs in handling scalable and secure connections for dispersed teams as the backhauling of traffic to remote data centers introduces high latency and reduced performance, along with significant security vulnerabilities.

50% cited SaaS applications like Microsoft 365, highlighting the difficulty of enforcing data governance and access control across cloud-based services. Similarly, 49% noted the challenge of securing remote endpoints (e.g., laptops, mobile devices), emphasizing the risks associated with unmanaged devices operating outside of controlled environments.

Additionally, securing internal applications (46%) and cloud infrastructure (45%) remains complex as companies adopt hybrid cloud environments where security policies must span multiple platforms. To address these challenges, organizations should consider using flexible, scalable platforms that unify security across remote networks, SaaS, and endpoint devices. SASE platforms help eliminate the need for traditional VPNs, providing secure, direct access to cloud and on-prem applications through SDWAN and ZTNA, without compromising performance.

Managing Secure Access: Complexity and Visibility Gaps

As organizations scale their operations and embrace a mix of cloud, on-premises, and remote infrastructures, managing secure access has become more challenging.

The most pressing issue, reported by 23% of respondents, is the complexity of managing access policies across multiple platforms. This highlights the strain organizations face when trying to maintain consistency across fragmented systems. Similarly, 16% cited rising costs related to scaling capacity and bandwidth. Lack of visibility into user activity (14%) is another critical issue, as gaps in monitoring can leave organizations vulnerable to undetected threats, especially as cloud use grows.

Additional challenges include inflexible technologies that struggle to support mixed environments (11%) and excessive user privileges (10%), both of which can expose organizations to risks. Less frequently mentioned but still relevant concerns, like latency and integration issues, signal the persistent technical difficulties organizations face with legacy systems.

To address these challenges, organizations should turn to integrated platforms like SSE, which streamline policy enforcement across various environments and provide real-time visibility into user activities. Investing in cloud-native solutions with built-in scalability and adopting Zero Trust principles can significantly reduce complexity, ensuring security controls evolve alongside business needs. Additionally, focusing on technologies that provide granular user access control can help prevent privilege misuse while maintaining flexibility in policy enforcement.

Filling Strategic Gaps with MSSPs

The inherent challenges of cybersecurity threats and the rapid evolution of attack methods have left many organizations struggling to maintain sufficient in-house defense capabilities. This challenge drives the need for strategic partnerships with MSSPs, enabling companies to fill critical skill gaps and access advanced security solutions that would otherwise be beyond their internal capacity.

The survey shows that 47% of respondents identified lack of in-house expertise as a key reason for turning to MSSPs. This highlights a common issue: many organizations, despite their investment in cybersecurity, lack the deep, specialized skills needed to manage complex security tasks at scale.

In response, 46% of participants seek external access to specialized skills or expertise, recognizing that third-party providers can offer capabilities such as advanced threat detection and response that would be costly or impractical to build internally. Enhanced incident response capabilities (44%) and proactive threat detection (43%) were frequently cited, reflecting the importance of having robust, responsive measures in place to mitigate sophisticated attacks.

For security teams, leveraging MSSPs can provide much-needed flexibility and scale, enabling a stronger defense without overwhelming internal resources. However, organizations should look for providers that integrate seamlessly with their existing security architecture, offering proactive services such as threat intelligence and automated incident response. By doing so, they can enhance their security posture while maintaining agility and focusing on strategic initiatives.

 

Growing SASE Adoption and Urgency

As digital transformation accelerates and IT environments evolve, the need for a unified, cloud-centric approach to secure network access has intensified.

According to the survey, 32% of respondents are currently implementing SASE solutions, reflecting the growing momentum toward adopting this architecture. An additional 31% are currently evaluating SASE solutions. Combined with those planning to implement within the next year (24%), it’s critical that these organizations prioritize SASE solutions quickly in order to maintain security.

Despite strong interest, only 8% of organizations have fully implemented SASE, highlighting the complexity and gradual nature of this transition. This slow progress leaves organizations vulnerable as threat actors accelerate their tactics, striking with unprecedented speed and sophistication.

Given the growing adoption rate, organizations should focus on integrating SASE components, prioritizing technologies like ZTNA, SWG and Cloud Security Access Brokers (CASB) that provide immediate security benefits for cloud and remote work environments. Partnering with managed service providers that specialize in SASE deployment can further accelerate the process and help overcome integration challenges, allowing businesses to leverage the scalability, flexibility, and comprehensive security capabilities that SASE offers.

The Drivers Behind SASE Adoption

The survey reveals key factors driving the adoption of SASE solutions, which continue to gain traction as organizations modernize their security and networking infrastructures. 45% of respondents point to secure remote access for a distributed workforce as the leading driver, highlighting the ongoing need to safeguard access for remote and hybrid workers.

42% of respondents cite the need to enhance cloud security and visibility, showing that as businesses migrate to the cloud, maintaining control over data and securing access points remain significant challenges. Meanwhile, 40% express a desire to implement a Zero Trust security model and simplify their network and security architecture, indicating that organizations want to consolidate complex infrastructures and adopt continuous verification principles. Other notable factors include improving network performance (39%) and achieving cost savings through consolidation of tools (38%).

To capitalize on these drivers, organizations should focus on deploying SASE platforms that integrate Zero Trust principles with unified security across cloud and remote environments. By enhancing visibility and optimizing network performance, SASE offers a comprehensive approach that simplifies operations and strengthens security, making it essential for companies undergoing digital transformation.

Benefits Driving SASE Adoption

The survey results reveal a clear set of priorities driving organizations to adopt SASE solutions, reflecting the wide-ranging benefits that this architecture brings to both security and network management.

54% of respondents report an enhanced security posture, showing that organizations prioritize SASE’s ability to integrate security directly into the network, thereby reducing vulnerabilities. 52% value the simplified management of security and networking functions, reflecting SASE’s consolidation of tools and reduced complexity in managing hybrid infrastructures.

50% of respondents noted enhanced productivity and secure access for remote workforces as key benefits, underscoring the importance of seamless, secure access for distributed teams. Improved application performance and bandwidth optimization was highlighted by 49%, pointing to SASE’s ability to use SD-WAN for intelligent traffic routing.

Organizations can fully leverage these benefits by prioritizing SASE deployments that unify network and security functions, enhancing scalability and reducing operational overhead. This approach not only strengthens security but also supports productivity and optimizes network performance, aligning with broader digital transformation efforts.

Key Challenges in Implementing SASE

Organizations adopting SASE face a variety of challenges, especially as they attempt to integrate these solutions into their existing infrastructure. 48% of respondents identified integration with existing systems as their biggest challenge, underscoring the difficulty in aligning legacy infrastructure with modern, cloud-native architectures. 44% also reported struggles with policy management across multiple environments, reflecting the challenge of ensuring consistent security controls across on premises, cloud, and remote work settings.

Operational and transitional issues are also significant, with 38% concerned about user disruption during transition and 37% struggling to phase out legacy security tools. These challenges are further compounded by a lack of in-house expertise (37%), as many organizations don’t have the skill sets needed to effectively manage SASE deployments at scale.

To mitigate these issues, organizations should focus on identifying specific integration points where SASE can provide immediate value, such as enhancing cloud security visibility or improving remote access management. Partnering with SASE providers that offer built-in integration, APIs, and automation features can reduce the burden of policy management and limit downtime.

SASE Components Adoption

Understanding which components of SASE organizations are prioritizing offers valuable insight into how they are modernizing their security strategies. The key component, SD-WAN has been implemented or planned by 52% of respondents, highlighting its role in optimizing network performance for distributed environments. ZTNA follows closely at 49%, reflecting the importance of Zero Trust principles in securing remote access. 47% have adopted SWG, emphasizing the need for securing web traffic and enforcing policies.

FWaaS at 45% reflects a clear shift towards cloud-delivered security, while CASB (Cloud Access Security Broker) at 41% underscores the need for securing cloud applications more robustly.

To succeed in SASE implementation, organizations should focus on deploying high-impact components like SD-WAN and ZTNA first. Simplifying management by consolidating these services into integrated platforms will reduce complexity and improve scalability. Partnering with managed service providers that offer seamless integration can help ease the transition while ensuring ongoing optimization.

SASE Management Models

The decision of how to manage an SASE deployment often reflects an organization’s need to balance control with complexity and availability of skilled resources. 46% of respondents favor a co-managed approach with an MSP, indicating a common strategy of retaining oversight while leveraging external expertise for operational management. This model helps bridge internal capability gaps without fully relinquishing control over the infrastructure.

Meanwhile, 32% opt for fully managed SASE by an MSP, suggesting that many organizations prefer outsourcing to simplify their SASE deployment and management, especially those with limited resources. 16% manage SASE in-house, likely representing larger organizations with strong internal IT and security expertise.

Organizations should align their management model with their overall security strategy and internal resources. A co-managed approach provides flexibility, while outsourcing to MSPs ensures technical expertise and scalability, especially when internal teams are limited.

Key SASE Use Cases for Organizations

Understanding the most relevant use cases for SASE can help organizations prioritize deployment strategies based on their unique networking and security needs.

According to the survey, 52% of respondents consider secure remote and hybrid access for employees the most relevant use case, driven by the need to protect distributed workforces and access scenarios. Access and security for cloud applications ranked next at 47%, reflecting the increasing reliance on SaaS platforms and the growing importance of cloud security. Simplifying WAN infrastructure and management (45%) highlights the push to streamline network operations as organizations transition to SD-WAN.

Other key use cases include secure internet access (42%) and ZTNA (40%), both of which focus on securing user traffic and identities across network environments.

To fully leverage these use cases, organizations should deploy SASE solutions that address secure access for remote work, cloud services, and WAN management, ensuring seamless security and consistent policy enforcement across all IT environments.

SASE and SSE: Distinct Roles in Unified Security

Many cybersecurity professionals wonder how SASE and SSE differ, as both play critical roles in securing today’s complex, distributed environments.

SASE and SSE share common goals in modern cybersecurity architectures but differ in scope and focus. Both aim to unify and simplify security for distributed networks, yet while SASE encompasses networking and security functions, SSE focuses solely on the security side.

SASE

Combines security with network optimization by integrating technologies such as SDWAN and Zero Trust Network Access (ZTNA) with Secure Web Gateway (SWG), Firewallas-a-Service (FWaaS), and Cloud Access Security Broker (CASB) within a single, cloudnative framework. This approach enables organizations to secure remote access while ensuring optimal network performance.

SSE

As a subset of SASE, narrows the focus to security controls—specifically SWG, CASB, and ZTNA—without incorporating networking aspects like SD-WAN. SSE is ideal for organizations prioritizing security and access control, often working in tandem with existing network solutions.

In essence, SASE is suited for organizations needing a unified, end-to-end network and security approach, while SSE serves those focused on strengthening security postures in existing network frameworks. Both models help enforce Zero Trust principles and offer centralized management, enhancing scalability and control in cloud-centric, distributed environments.

SSE Adoption: A Path to Enhanced Security

Understanding the adoption of SSE offers insight into how organizations are securing cloud access and enforcing consistent security policies across increasingly distributed environments.

According to the survey, 41% of respondents are planning to implement SSE within 12 months, showing that many organizations are still in the evaluation or preparation phase. This suggests that while interest in SSE is high, full deployment remains a future priority for many. 33% are currently implementing SSE, indicating that a significant portion of organizations are actively transitioning to this model. Meanwhile, 18% have fully implemented SSE, reflecting that while adoption is underway, few have reached full maturity. Only 8% of respondents report having no plans to implement SSE, likely because they either have alternative solutions in place or are not yet ready to transition to cloud native security.

To accelerate SSE adoption, organizations should consider focusing on specific pain points, such as improving cloud security and ensuring visibility across hybrid work environments. A targeted approach that addresses immediate needs, such as securing remote access or optimizing application performance, can deliver quick wins and drive faster overall implementation. Additionally, aligning SSE deployment with existing business initiatives, like cloud migration or Zero Trust strategies, ensures that the transition integrates smoothly with ongoing projects without overwhelming internal teams.

Key Drivers for SSE Adoption

Identifying the primary reasons organizations are adopting SSE reveals the strategic benefits driving its implementation.

The survey shows that 55% of respondents prioritize enhanced cloud security and visibility as the top driver, reflecting the need to protect cloud environments where traditional security tools fall short. 48% are motivated by implementing Zero Trust strategies, emphasizing the importance of reducing insider threats and improving access control. Simplifying remote access for distributed workforces (45%) highlights the ongoing demand for secure, efficient access solutions.

Additional drivers include simplifying security management (44%) and enhancing scalability (39%), showing the need for flexible solutions that can grow with the business. Improving network performance (37%) and meeting compliance requirements (35%) also rank high, indicating SSE’s ability to reduce latency and enforce consistent security policies.

To address these drivers, organizations should focus on deploying SSE solutions that tackle their most immediate needs first, such as real-time data protection, cloud security, and efficient remote access.

SASE: Optimizing Secure Network Access

As digital transformation accelerates and IT landscapes evolve, the need for a unified, cloud-centric approach to secure network access has intensified. SASE, or Secure Access Service Edge, combines networking and security into a single, cloud-native framework, providing a comprehensive solution that addresses the needs of remote work, cloud migration, and increasingly distributed workforces.

What SASE Offers

SASE architectures bring together essential technologies—such as SD-WAN, Zero Trust Network Access (ZTNA), Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), and Firewall-as-a-Service (FWaaS)—into a cohesive security model designed to operate seamlessly across both cloud and on-premises environments. With strategically placed global points of presence (PoPs), SASE enables consistent and high-performance access to cloud resources and applications by minimizing latency and optimizing traffic flow.

Why SASE Matters

The traditional network security model, focused on perimeter defense, has been disrupted by the growth of hybrid workforces (implemented by 63% of organizations) and the adoption of cloud services. With SASE, remote users gain direct, secure access to applications and data without the need for inefficient traffic backhauling, allowing organizations to maintain control and enforce security policies wherever users and applications are located. Using a unified, cloud-based security infrastructure, SASE simplifies network management and reduces operational complexity by consolidating tools and eliminating redundant infrastructure.

SASE Benefits

1. Performance Optimization: SASE enhances application and network performance by routing traffic through distributed points of presence (PoPs), strategically located data centers, or nodes distributed globally. These PoPs act as on-ramps to cloud services, ensuring minimal latency and maximum efficiency, particularly for remote workers, regardless of their location.

2. Simplified Management: By converging security and networking in a single platform, SASE enables centralized policy control, visibility, and reporting across all environments.

3. Enhanced Security Posture: Integrating technologies like ZTNA, SWG, and CASB into the network enables real-time threat detection and response, ensuring that only trusted users can access sensitive resources.

4. Flexibility and Scalability: Cloud-based delivery provides elastic scalability, which adapts seamlessly to fluctuating bandwidth needs and offers resilience for expanding cloud environments.

5. Reduced Operational Burden: With a managed SASE approach, organizations can offload significant operational demands, focusing internal resources on strategic objectives rather than routine security management.

For organizations facing evolving network demands, SASE offers an adaptable, unified framework that bridges the gap between security and networking while optimizing access to cloud applications and internet services. This approach empowers security teams to enforce Zero Trust principles and simplifies the management of complex, distributed environments.

Next Steps: Best Practices for Secure Network Access

Securing network access across hybrid and cloud environments requires adopting an integrated, multifaceted technology strategy. The following best practices offer a streamlined approach to strengthen security while reducing complexity.

1.DEPLOY SASE FOR UNIFIED SECURITY

With 52% of organizations finding remote network connectivity challenging, SASE integrates key components like SD-WAN and ZTNA to secure remote and hybrid access. Focus on these core components to streamline operations while enhancing security.

2.SIMPLIFY POLICY MANAGEMENT

Managing access policies across multiple environments is a key issue for organizations. Simplify this process with platforms like SASE or SSE, which provide centralized management and realtime visibility.

3.ADOPT A ZERO TRUST SECURITY STRATEGY

Zero Trust continuously verifies users and devices, ensuring secure access. With 42% of organizations planning to implement Zero Trust soon, focus on implementing ZTNA to protect against unauthorized access.

4.ENHANCE CLOUD SECURITY

55% of respondents cited cloud security and visibility as a major driver for SSE. Tools like CASB enforce governance and protection for cloud apps, ensuring data security in distributed work environments.

5.INVEST IN SCALABILITY AND FLEXIBILITY

39% of respondents highlight the need for scalable security solutions. Cloud-based platforms such as SASE offer flexible, scalable security that adapts to growing infrastructures, improving both performance and security.

6.FOCUS ON COMPLIANCE

Meeting compliance needs is critical for 35% of organizations. Integrated platforms like SSE provide built-in compliance controls, helping align security with industry regulations and streamlining audits.

7.LEVERAGE MANAGED SECURITY SERVICES

47% of respondents rely on managed services due to in-house skill gaps. By partnering with MSSPs, organizations can benefit from SASE / SSE expertise, continuous monitoring, and expert threat detection, without overburdening internal teams.

These best practices help organizations address security challenges while supporting flexibility, scalability, and control across hybrid and cloud environments.

Conclusion

As organizations continue to adapt to the demands of increasingly distributed IT environments and heightened security challenges, the findings of this report underscore the critical importance of modern, integrated approaches such as SASE and SSE.

While interest and adoption rates are rising, the complexities of full implementation remain a hurdle. Strategic investments in scalable, cloud-native solutions, along with partnerships that bridge expertise gaps, will be essential in maintaining robust security postures.

By prioritizing flexible architectures and embracing Zero Trust principles, organizations can better position themselves to face evolving threats and ensure secure, seamless access across all environments.

Methodology and Demographics

This 2025 Secure Network Access Report is based on a comprehensive online survey of 411 cybersecurity professionals, conducted in November 2024, to gain deep insight into the latest trends, key challenges, and solutions for secure network access.

The survey utilized a methodology ensuring a diverse representation of respondents, from technical executives to IT security practitioners, across various industries and organization sizes. This approach ensures a holistic and balanced view of the network security landscape, capturing insights from different organizational perspectives.

__

About Hughes

Hughes Network Systems provides broadband equipment and services; managed services featuring smart, software-defined networking; and end-to-end network operation for millions of consumers, businesses, and governments worldwide.

As a Managed Security Service Provider (MSSP), we provide customers with comprehensive security coverage that protects, detects, and responds to modern threats. With an extensive networking background, Hughes Managed Cybersecurity Services provides businesses of all sizes with the convergence of network and security solutions they desire. Top brands in the restaurant, retail, franchise, grocery, c-store & retail petroleum, government, and healthcare industries rely on Hughes for managed network services. Our experience managing large networks gives us a unique advantage when it comes to cybersecurity. We know how to defend networks because we’ve been building customer networks for decades. Customers rely on our proven experience, leading innovation, and top tier customer service delivery.

There is a strong amount of synergy between our services, which include Managed SASE, Managed Detection and Response (MDR), Network Detection and Response (NDR), Ransomware & Zero-Day Prevention, and Unified Threat Management (UTM). Our customers also take advantage of our Managed Network Services, such as Wi-Fi, VoIP, Wireless 5G, Managed LEO, Digital Signage, and more.

Learn how Hughes Managed Cybersecurity can protect your business. Learn more www.hughes.com

__

Cybersecurity Insiders brings together 600,000+ IT security professionals and world-class technology vendors to facilitate smart problem-solving and collaboration in tackling today’s most critical cybersecurity challenges.

Our approach focuses on creating and curating unique content that educates and informs cybersecurity professionals about the latest cybersecurity trends, solutions, and best practices. From comprehensive research studies and unbiased product reviews to practical e-guides, engaging webinars, and educational articles – we are committed to providing resources that provide evidence-based answers to today’s complex cybersecurity challenges.

For more information: email us info@cybersecurity-insiders.com or visit cybersecurity-insiders.com

 

The post State of Secure Network Access 2025 appeared first on Cybersecurity Insiders.

Since they first appeared in the 1990s, quick response (QR) codes have rapidly become intertwined in our daily lives. Used today for everything from ordering food to paying for parking or undertaking virtual tours at a museum exhibition, QR codes make it convenient and easy to access digital information using a smartphone camera. However, just as with any other widespread technology, it’s no surprise that cybercriminals have now begun to exploit them.

News stories about members of the public who have been scammed when they scanned a malicious QR code in public spaces are becoming commonplace. However, this type of fraud is relatively small compared to the more targeted types of cyber fraud now being directed at UK businesses.

As cybercriminals hone and evolve their phishing tactics, they have begun sending out emails with phony QR codes designed to trick people into providing sensitive information or downloading malware. With these so-called quishing attacks on the rise, organisations will need to take steps to counter this sophisticated new attack trend.

What is ‘quishing’ and what is it being used for?

QR phishing, or quishing, works like a standard phishing attack except that the malicious link is hidden in a QR code rather than a ‘click through’ email link. When the recipient scans the QR code with their phone or a QR code reader, they are re-directed to a malicious website that may request sensitive information or download malware. The QR code links used in quishing attacks can also initiate actions on a smartphone, including the composition and distribution of phishing emails to the user’s contacts. All of this further compromises the victim and the organisation they work with.

As with phishing attacks, quishing attacks use social engineering tactics to establish a degree of trust while impressing the need for urgent action. An email could feature an urgent message stating that an employee will be unable to access their data or applications unless they scan and confirm their identity. Alternatively, printed leaflets and brochures featuring offers that can be accessed with a quick scan of a QR code can be sent through to an organisation for distribution or collection from the front desk.

What’s prompting scammers and hackers to use quishing?

Cybercriminals have become adept at exploiting everyday tools to convince employees to reveal confidential information or execute fraudulent transactions and this new attack strategy is fast gaining in popularity for a number of reasons.

Interpreted as harmless images, digital QR codes are sometimes capable of bypassing a number of basic email scanners and firewalls. Added to this, users will typically scan QR codes using their own personal devices which will lack the enterprise cyber security tools that can detect potential compromises.

Cybercriminals also don’t really need to write complex code to deliver a QR code link. In some instances, they can simply stick a fake QR code over an existing piece of physical content.

Finally, the general public is so used to using phones on a day to day basis, most will think nothing of using a phone to scan a QR code and then log into services without feeling the need to exercise caution; people seem to see a phone as a safety blanket when it comes to security, one which is somehow immune to traditional attack vectors. 

A versatile attack method

Capable of being delivered via email, texts, WhatsApp messages, social media posts, and websites, as well as printed copy, the sheer versatility of QR codes is making them the attack vector of choice for a growing number of cybercriminals. 

In recent months, attackers have become increasingly inventive and are now perpetrating quishing attacks via video conferencing apps. They are also using attacker-in-the-middle/impersonation token attacks in a bid to outmanoeuvre multi-factor authentication techniques.

Aware that general knowledge or awareness around quishing attacks means that few employees will be on their guard, attackers are keen to leverage people’s inherent trust in QR codes to swerve cyber security defences and perpetrate their malevolent activities.

Key mitigation steps

Personnel across the enterprise need to be alerted to this new threat, and organisations need to deliver education and training on what quishing is and the importance of treating QR codes with the same degree of suspicion and caution as dubious looking email links. They should also be informed of the risks they face outside work, whenever they scan a QR code in a public place. Using a scanning app to preview a QR code link before accessing it is an essential precautionary step that will help prevent malicious QR codes from automatically downloading malware when scanned.

Organisations should also review their email filtering, URL filtering, and endpoint protection to ensure it is up to date and is capable of blocking phishing emails with suspect QR codes before they reach a recipient. Should a user open a malicious link, endpoint protection should ensure that QR codes are prevented from launching a malware attack and virus scanners and checkers can be used to identify and remove active or dormant malware.

To mitigate the risk of physical codes sent in the post, ensure that processes are in place to support anyone responsible for opening mail to report and check any mail received containing QR codes. Digital mailrooms should also have systems in place to spot potentially malicious QR codes.

As cybercriminals adapt their methods, organisations should review and adjust their defence strategies and make sure they deliver security training that ensures everyone stays vigilant. Doing so will enhance the ability of the organisation to withstand quishing attacks and prevent cybercriminals gaining direct access into the company’s systems.

The post Is quishing the new phishing? Protecting your business against the next threat vector appeared first on Cybersecurity Insiders.

Valentine’s day is a great time for many people, however, for many who are lonely because they have lost a loved one, or are single for whatever reason, this can also be a time of depression and a reminder of their loss. Our older generations can be especially prone to feelings of loneliness and loss as they age and lose people close to them to the effects of time. The National Institute on Aging says, “Older adults are at higher risk for social isolation and loneliness due to changes in health and social connections that can come with growing older, hearing, vision, and memory loss, disability, trouble getting around, and/or the loss of family and friends”. As we age, we also tend to suffer from cognitive decline, adding another area the bad actors can exploit.  

Unfortunately, cybercriminals know this and love to take advantage of these emotions, using them to lure people into scams. Romance scams are not new, but they are big business, so scammers are willing to invest time into the attacks. There was a reported loss of $1.14B to romance scams in 2023 with median losses of roughly $2,000 per victim. With potential earnings like that, it is no wonder the scams are so popular.

Romance scams typically start with an unassuming email or text message, often said to have been meant for someone else. If the victim replies, the scammers will often start to converse with the victim, giving them compliments and making them feel good about themselves. This complimentary discussion serves to build an emotional bond between the scammer and victim, which manifests in the form of trust. Once trust is established, there are a few ways the scammers proceed. In some cases, they claim to have suffered a hardship of some sort, a loss of job, illness, etc., and petition the victim for a ‘loan’ to help them out during this tough time. In other cases, the scammers may tell the victim that they are coming to see them, then claim that when they reach the country the victim resides in, that they had a problem with their visa and need to borrow some funds to correct the issue. No matter what the story is, the money is never seen again.

Depending on the scam, the attacker may try to drag out the relationship as long as possible, stoking the feel of romance and exploiting the victim as much as possible. In the beginning, the amount borrowed might be small amounts, and may even be repaid to further establish trust, however, the amount requested by that scammer will quickly grow as they grab as much money as they can from the victim. Eventually the victims generally realize the relationship is a scam, but often this is after they have suffered some significant losses.

Romance scams work because the victim wants to believe they have found someone they can have a friendship and, perhaps a romantic relationship, with. We all want to be loved and to love others, so the emotional tug is strong. Victims often overlook the signs of the scam that are obvious to others because they are so emotionally involved. Even when they begin to suspect a problem, they will often talk themselves out of breaking off the relationship because the scammers make them feel good about themselves and fill the hole that loneliness has left.

When the victim does finally accept that the relationship was a scam, they are often embarrassed, feel foolish, and can be horribly depressed. The scammer simply moves on to another target.

In the past, scammers would often steal another person’s identity and use their photos and bio as the basis of their scam. While this is still common, the evolution of generative AI has allowed scammers to generate entire synthetic personas, complete with photos, videos and audio capabilities, and use those to contact the victims. These personas can be extremely hard to tell from a legitimate online profile, giving the scammers a great tool to use against unwitting victims.

Spotting these scams before they get started is critical. People should be wary of any unsolicited messages they get and rather than engage with the sender, should simply delete the message. People should also be extremely cautious with anyone asking to borrow money, send money for plane tickets, or ask for anything of value. When denied, scammers will often become very aggressive and will try to leverage the emotions they have fostered to get the victim to give in.

Educating people about these scams and how they work is a very important step in avoiding them. If you have elderly friends or family, be sure to warn them about this type of scam and offer them a resource to call if they start to feel uncomfortable about anything. You could be the difference between someone you care about being a victim or staying safe.

__

Erich Kron is a Security Awareness Advocate at KnowBe4. He is a veteran information security professional with over 25 years’ experience in the medical, aerospace manufacturing and defense fields, author, and regular contributor to cybersecurity industry publications. He is the former security manager for the US Army’s 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, SACP and many other certifications.

 

The post Losing in Love: The $1 billion Romance Scam Industry appeared first on Cybersecurity Insiders.

 QuSecure™, Inc., a leader in post-quantum cryptography (PQC) and cryptographic agility, has secured additional funding, bringing its Series A round to $28 million. Led by Two Bear Capital with participation from Accenture Ventures, the investment will accelerate product development, expand QuSecure’s go-to-market strategy, and support the company’s growing presence in government, financial, and critical infrastructure sectors. With the quantum computing market projected to exceed $125 billion by 2030, QuSecure is at the forefront of delivering quantum-resilient cybersecurity solutions.

The rapid advancement of quantum computing is reshaping the cybersecurity landscape. While quantum technology promises breakthroughs in medicine and materials science, it also threatens traditional encryption standards, potentially rendering them obsolete. Sensitive data, from financial transactions to government communications, could be compromised by quantum computers capable of breaking conventional cryptographic algorithms within seconds.

This funding milestone follows a recent executive order mandating progress toward quantum-safe encryption across U.S. government agencies. The White House has reinforced this urgency through policies such as the National Security Memorandum “Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems.” Additionally, the Endless Frontiers Act has allocated $100 billion in federal funding over five years to support emerging technologies, including quantum computing, with a specific focus on post-quantum cryptography.

“The requirement to upgrade enterprise technologies to post-quantum cryptographic standards is one of the most significant undertakings facing enterprises this decade,” said Mike Goguen, founder and managing partner of Two Bear Capital. “QuSecure’s unique ability to facilitate this migration, without disruption to existing technology solutions, positions them as a pivotal player in this endeavor. We’re proud to partner with and support QuSecure during this critical and transformative period of growth and opportunity. This funding round will position QuSecure to transition from an R&D and product development company to a powerhouse focused on large-scale customer acquisition and the broad adoption of the QuProtect platform.”

QuSecure has also announced the appointment of Rebecca Krauthamer as CEO to lead the company’s next phase of growth. Krauthamer, a co-founder of QuSecure, previously served as the company’s first VP of Engineering and Chief Product Officer. A Stanford University graduate specializing in Artificial Intelligence, she was recognized on Forbes’ “30 Under 30” list for her contributions to quantum computing. She has also been named among the “12 Women Shaping Quantum Computing” and serves on the World Economic Forum’s Global Future Council for quantum technologies.

“The quantum threat isn’t a distant possibility – it’s a reality that organizations need to address today,” said Ms. Krauthamer, co-founder and CEO of QuSecure. “In a progressively digital world, as AI and quantum threats to encryption emerge at an ever-faster pace, it is critical that we evolve from encryption management that requires several years to upgrade algorithms to orchestrated crypto agility for the ability to push a button and upgrade an entire system at once. The ability to orchestrate cryptography at enterprise scale is critical to a robust cybersecurity strategy. The support of Two Bear Capital and Accenture demonstrates a shared vision to provide organizations with a long-term solution to upgrade and manage their encryption standards.”

QuSecure’s patented, software-based security architecture seamlessly integrates with existing IT infrastructures, ensuring organizations can transition to quantum-resistant encryption without major system overhauls. The company’s flagship product, QuProtect, provides multi-layered security to defend against both current and emerging threats. As the industry’s first cryptographic agility platform, QuProtect enables enterprises to upgrade encryption protocols efficiently while maintaining full cryptographic visibility and orchestration. The solution is already deployed across various sectors, including the United States Army and Air Force, telecommunications, energy, financial services, and global cloud service providers.

“Organizations need a reliable quantum-resilient cybersecurity solution that not only adheres to the National Institute of Standards and Technology’s (NIST) post-quantum encryption standards, but can be easily integrated across all parts of a communications network,” said Tom Patterson, emerging technology security lead at Accenture. “We’re investing in trusted providers like QuSecure to help our clients future-proof their global networks today to protect high-risk data faster.”

The post QuSecure Secures Additional Series A Funding to Advance Post-Quantum Cryptography Solutions appeared first on Cybersecurity Insiders.

The modern workplace is a hub of activity — employees balancing hybrid schedules, visitors coming and going, and critical operations running on interconnected systems. With this dynamic environment comes a growing challenge: how do businesses ensure both physical safety and cybersecurity without disrupting trust or productivity?

As workplaces evolve, so do the challenges associated with maintaining security. Hybrid and remote work models introduce new complexities, requiring businesses to protect both people and data across multiple environments. At the same time, IoT devices and AI-powered systems are transforming how organizations monitor and mitigate risks. These trends underscore the growing importance of a comprehensive security strategy — one that protects assets, ensures compliance, and builds a better experience for employees to be happier and more productive.

The Benefits of a Strong Workplace Security Program

A strong workplace security program does more than just protect assets—it fosters a safer, more efficient environment for employees, visitors, and the business itself. Here’s why prioritizing security is essential:

  • Protecting Your Most Valuable Asset—People: Employees and visitors are the core of any business. Their safety and their workplace experience should be the top priority, as a secure environment enhances workplace experiences and builds trust. This, in turn, bolsters your company’s reputation and employee satisfaction.
  • Safeguarding Data and Systems: As cyberattacks continue to rise, protecting sensitive data and systems is critical. With 52% of organizations reporting data breaches and 62% of leaders planning to increase resources for workplace protection, cybersecurity is more important than ever. A robust security program ensures business continuity by defending against data breaches, network threats, and privacy violations.
  • Controlling Access and Reducing Risk: With employees, contractors, and visitors coming and going, managing access to sensitive areas is crucial. Effective access control systems allow businesses to monitor who enters and exits and tailor permissions for different individuals. These systems not only enhance security but also reduce the risks associated with unauthorized access.
  • Ensuring Compliance and Avoiding Penalties: Security isn’t just a safety measure — it’s a compliance issue. Regulations often mandate specific security protocols, and failure to meet them can be costly. Businesses need to stay ahead of these standards to protect their reputation and avoid penalties.

Essential Tools for Workplace Security

Technology is at the heart of modern workplace security, offering innovative ways to safeguard people, assets, and data. From controlling access to managing emergencies, the right tools can enhance safety and streamline operations. Here are five foundational technologies every workplace should consider:

  • Access Control Systems: Access control systems are essential for ensuring that only authorized individuals can enter specific areas of your workplace. These tools can take various forms, such as key cards, biometric scanners, QR codes, or mobile-based access platforms. By managing permissions, businesses can protect sensitive areas like server rooms or executive offices while maintaining a seamless experience for employees and visitors. Comprehensive systems also enable organizations to monitor and adjust access across multiple locations, ensuring a consistent approach to security.
  • Visitor Management Systems: The days of paper visitor logs are long gone. Modern visitor management systems (VMS) provide a streamlined, professional way to track and control who enters and exits your workplace. These systems often include pre-registration features, ID verification, and blocklist capabilities to discreetly prevent unauthorized access. Beyond enhancing security, they help organizations comply with privacy regulations by securely handling sensitive visitor data. A robust VMS not only ensures safety but also leaves a positive impression on guests.
  • Emergency Response Systems: Emergencies require quick, coordinated communication to keep everyone safe. Mass notification systems, such as digital alerts or mobile messaging platforms, allow organizations to disseminate critical information in real time. These tools are invaluable during situations like evacuations, lockdowns, or severe weather events, enabling businesses to act decisively and minimize risks. Integrating these systems with access control and visitor management tools ensures that emergency protocols are consistent and comprehensive across employees and visitors alike.
  • Cybersecurity Measures: With workplaces increasingly reliant on digital infrastructure, robust cybersecurity tools are a critical component of any security strategy. Password protection platforms, multi-factor authentication, and encryption technologies help safeguard sensitive data and intellectual property. Encouraging employees to adopt strong password practices and investing in tools to manage shared account credentials can further bolster protection against cyber threats.
  • User Experience: The effectiveness of these tools depends on more than just security — they must offer a smooth user experience. Systems that are hard to use or frustrating can drive employees to bypass security measures or, at best, use them reluctantly. A seamless, intuitive interface encourages adoption, enhancing compliance and morale. Well-designed security tools not only protect but also contribute to a positive workplace atmosphere.

Building a Culture of Security in the Workplace

Security is more than just implementing tools — it’s about embedding a safety-first mindset into the organization’s culture. A strong security culture begins with regular risk assessments and audits to identify vulnerabilities. Leaders must prioritize the most critical measures based on the unique risks their business faces. However, security is most effective when employees feel secure and are fully engaged with the tools designed to protect them. Creating an environment where employees feel empowered to use security tools confidently and without frustration is key to sustained success.

Employee education is another cornerstone of a secure workplace. Training programs should provide employees with the knowledge to recognize and respond to both physical and digital threats. The best training can fall short if employees are uncomfortable with or resistant to using security tools. When systems are intuitive and easy to navigate, employees are more likely to engage with them proactively, reducing human error and empowering them to take ownership of their role in workplace safety.

Finally, oversight is essential. Establishing a cross-functional team to manage workplace security ensures consistent implementation and accountability. When security becomes a shared responsibility, it fosters trust, enhances collaboration, and strengthens the culture of safety across the organization.

Investing in a Safer Workplace

Workplace security is no longer a background operation — it’s a critical investment in people, trust, and long-term success. By integrating advanced tools, responding to emerging trends, and cultivating a culture of security, organizations can protect their most valuable assets: their people, data, and reputation. The right security tools not only protect but also enhance the employee experience, ensuring that systems are seamless and intuitive. This fosters greater adoption, boosts morale, and strengthens retention.

Securing the workplace is about more than compliance or technology; it’s about creating an environment where employees feel safe, empowered, and ready to thrive. When employees trust the tools they use, they’re more likely to embrace company policies, including return-to-office initiatives, leading to stronger engagement and long-term success.

 

The post Securing the Modern Workplace: Balancing Safety, Trust, and Productivity appeared first on Cybersecurity Insiders.