On Feb 1, 2022, Bloomberg ran a piece of news about a cybersecurity startup seed fundraising USD100M. This number is huge for a company without any proven record of sales.

What led to such impressive, quick success then? After all, we are not talking about booming industries such as blockchain, NFT or AI related projects. This is a company proposing to do something related to very traditional and legacy software, a software that was in fact invented at the same time as the Internet. Your browser!

Phishing attacks are a nightmare for security managers, and for good reasons. The vast majority of successful breaches (over 70% according to research) starts with a phishing attack. Compared to other attack vectors, phishing is less costly and easier to execute on a large scale. And because it relies heavily on human error to succeed, it is harder to prevent.

Human psychology is such that a significant number of users receveing this SMS is likely to click on it and mistake the phishing scam website for the real website.

Statistically, the attacker know that a percentage of users will fall for this trap. But what about technology? Can security software prevent this type of attack?

As organisations grow and mature, they tend to become increasingly aware of their cyber security needs. In commercial environments, this awareness translates into having at the very least, a firewall installed within the office premises. And today, most companies do at least have a firewall to protect them from malicious websites and cyber-attacks. This brings up the question: why do firewall often fail at preventing ransomware attacks?

At the time of writing, a new software vulnerability found on Log4j is disseminating panic among cybersecurity experts. The bug has been given a full risk score 10 out of 10 – for context: only 1.7% of software bugs reach this mark. Amit Yoran, CEO of the cybersecurity firm Tenable, called it “the single biggest, most critical vulnerability of the last decade” – and possibly the biggest in the history of modern computing.

Cybercriminals are creative agents. They are constantly finding ways to evade detection mechanisms deployed by well-funded cybersecurity research firms like FireEye, Sophos, etc. So far cyberattackers’ creativity is winning this cat and mouse game!

Each time security teams come up with new controls and security measures, cybercriminals find ways to circumvent them and gain access to critical information.

In the cybersecurity industry, there is an arms race. Cybersecurity services providers and products are increasing their efforts in detecting new attacks (called zero-day vulnerability exploitations).

At the same time, cybercriminals are finding unheard ways to exploit networks. So far, ransomware gangs are winning – now is the time to invent or re-think if the current detection-only methodology is working.

For any business organization, it is not enough to create a secure information architecture. To stay safe, companies must address the human factors that affect cybersecurity. When employees take computer security lightly, they put the organization’s systems at risk.

Protecting one’s privacy and security is far from easy while browsing the internet. After all, every single user on the internet is alone defending these assets against, on one hand, tech giants investing enourmous resources to target and track users, and on the other, increasingly professionalised cyber criminals.