Endpoint devices represent the primary entry point for attackers to compromise company networks. In fact, up to 90 percent of all successful cyberattacks originate at an endpoint device. About 68 percent of organizations have experienced at least one endpoint attack that compromised their data or IT infrastructure.
Organizations aren’t spending enough on cybersecurity. As we explained in our previous post, many business leaders have misconceptions about the risks to their organizations and the level of security needed to protect against the latest attacks. They may view security as a “nice to have,” whereas new technologies such as AI are seen as strategic investments that will drive the business forward.
Cybersecurity budgets increased by about 4 percent in 2025 — half the 8 percent budget growth in 2024. Cyber threats continue to escalate, but organizations aren’t dedicating enough of their IT budgets to addressing that risk.
Meanwhile, AI is taking more and more of the IT budget pie.
It’s troubling to think about physical security risks in the workplace. However, a recent study found that workplace crime is rising due to increased aggression, growing numbers of weapons, and economic and social factors. A separate study found that the high cost of living is driving more workplace theft.
AI has caused numerous unexpected issues, ranging from bias and discrimination in critical decision-making systems to misinformation and security threats. These problems often stem from the technology’s complexity and reliance on human-biased data.
However, one challenge is all too predictable: shadow AI. Employees are using an array of AI tools that aren’t sanctioned, monitored or managed by the IT department.
Is your organization taking full advantage of Microsoft 365’s security features?
A recent benchmark study of more than 1.6 million M365 users found shocking security gaps. Even fundamental security measures are not fully implemented in many organizations.
K-12 schools and libraries have a new weapon in the war against cyberattacks — funding through a Federal Communications Commission (FCC) pilot program.
On June 6, 2024, the FCC approved the Schools and Libraries Cybersecurity Pilot Program, earmarking $200 million for security solutions and services over the three-year pilot.
As of June 15, 2024, smaller reporting companies must comply with new Securities and Exchange Commission (SEC) breach disclosure rules. Under the rules, publicly traded companies must report a security incident within four days after determining it is “material.
Organizations expand geographically for many reasons, whether to tap into new markets, better serve existing customers, gain needed skill sets, or take advantage of lower real estate or labor costs. An organization’s geographic footprint can expand quickly due to mergers and acquisitions, and more and more employees are working remotely in home-based offices that become an extension of the business.
Evasive malware is exactly what the name suggests — malware that can continually change its characteristics to avoid detection. And the latest research from WatchGuard’s Threat Lab finds that it’s increasing dramatically.
To compile its Internet Security Report for Q4 2023, WatchGuard analyzed threat telemetry from tens of thousands of its network appliances and millions of endpoint products.
