What we’re talking about
85% of IT professionals fall for this common SaaS data myth
💡 Quick quiz: True or False, SaaS applications include backup & recovery capabilities by default.
If you answered False, you’re among just 15% of pros who fully understand the Shared Responsibility Model. Remember, you and your SaaS provider share the responsibility of security in the cloud, and the security of your SaaS data = your responsibility.
Read on for a bonus question, answered correctly by just 17% of IT professionals.
AI overlords aren’t coming for your password - yet
PassGAN, the latest headline threat, has methods that are surprisingly similar to old-school brute force attacks. PassGAN actually came out in 2017, and ArsTechnica reports that “anything PassGAN can do, these more tried and true tools do as well or better.”
Now, this doesn’t mean that “P@$$w0rd” is a secure password, or that you can throw away that Yubikey. Passkeys (even for Googlers) are still the gold standard. If that’s too costly, MFA and a good password manager (but perhaps not LastPass) will help secure your secrets away from the prying robot eyes of AI (and regular hackers, too).
Ubiquiti learns the real cost of poor internal security protocols
Ex-Cloud Lead, Nickolas Sharp, used internal credentials to download Ubiquiti customer data. When the breach was discovered, Sharp was even asked to participate in the team investigating the attack. While Ubiquiti didn’t pay Sharp’s ransom of $2 million, they did reportedly spend “well over $1.5 million dollars and hundreds of hours of employee and consultant time.” A solid trust but verify program might have been cheaper.