A new report published by Netskope, a global leader in Secure Access Service Edge (SASE) solutions, has revealed a concerning increase in the effectiveness of phishing attacks during 2024. According to data presented in the Cloud & Threat Report 2024, clicks on phishing links by corporate employees nearly tripled compared to the previous year, highlighting the urgent need to modernize security strategies for cloud and corporate environments.
Phishing Growth: A Persistent Challenge
Phishing remains one of the most effective tactics for cybercriminals. In 2024, more than 8 out of 1,000 employees clicked on phishing links monthly, a 190% increase compared to the 3 out of 1,000 recorded in 2023. This rise reflects the increasing sophistication of phishing campaigns, which now leverage advanced social engineering and trusted platforms to deceive users.
A notable trend is the use of popular cloud applications, such as Microsoft OneDrive, Google Drive, and GitHub, to host malicious content. The report reveals that 88% of organizations downloaded at least one malicious file per month from these platforms. Furthermore, Microsoft was the primary target, with 42% of attacks directed at Microsoft Live and Microsoft 365 credentials.
The Use of Personal Apps: An Open Door to Risk
The increase in the use of personal applications in work environments adds an additional layer of complexity to corporate security management. In 2024:
- 88% of employees used personal cloud apps monthly.
- 26% of users uploaded, posted, or sent sensitive data to these applications.
The most commonly used apps include cloud storage tools, personal email, social media, and generative AI (genAI) platforms. These behaviors have led to an increase in the leakage of regulated data (60%) and intellectual property (16%), making this issue one of the major concerns for organizations.
Generative AI: Revolution and Risk in the Workplace
The use of generative artificial intelligence (genAI) continued to grow significantly in 2024, establishing itself as an essential tool in businesses. Key findings include:
- 94% of organizations are already using generative AI applications, up from 81% in 2023.
- Employee usage tripled, rising from 2.6% to 7.8%.
- Leading companies employ an average of 9.6 genAI applications, while the most advanced utilize over 24 tools of this type.
However, many companies are still in the early stages of implementing controls to manage the risks associated with using these technologies. Only 45% use DLP (Data Loss Prevention) to control the flow of data in genAI applications, and 73% of organizations block at least one genAI application, with an average of 2.4 applications blocked each year.
Key Recommendations for a Safer Environment
To address this landscape, Netskope proposes several essential measures:
- Modernization of data security: Implement comprehensive solutions that combine training, data loss prevention, and advanced phishing protection.
- Management of personal applications: Limit access to unapproved applications, establish clear review processes, and monitor the ongoing use of cloud tools.
- Control of generative AI usage: Approve only verified applications, implement real-time training, and block unauthorized ones to mitigate risks.
Cloud Security as a Cornerstone
The report underscores the importance of adopting a dynamic and proactive cloud security strategy. “Phishing has evolved, and relying solely on employee training is no longer sufficient,” states Ray Canzanese, director of Netskope Threat Labs. “Data security must be seamlessly integrated into all operations of the organization, from phishing defense to generative artificial intelligence management.”
As organizations increasingly adopt advanced technologies such as generative AI and face an ever-changing threat landscape, investing in a robust and up-to-date security strategy is more crucial than ever. The modernization of cybersecurityCybersecurity solutions are essential in the current era… is no longer just an option, but a strategic necessity to ensure business continuity and success.
via: Social Media News