Normal view

Built to Last: What Stonehenge Teaches us About IT Architecture & Cyber Resilience

23 June 2026 at 17:55

Anyone who has seen the impressive frame of Stonehenge against the morning’s sunrise cannot help but be struck by its resilience, how it has withstood time and the unpredictable impact of nature and humans. And partly because of this, a recent conversation I had with the CIO of a large healthcare technology company made me realize that it was a fitting metaphor for cybersecurity.

As our conversation wove through familiar topics — the challenges and breakthroughs in enterprise IT architecture — we recognised and discussed a recurring pattern throughout most EMEA and multinational enterprises. Those organisations have gradually but surely evolved into a mosaic of vendor fragmentation, ‘micro-platforms’ across vendor-specific technologies, and rapidly developing data silos that no single IT architecture can solve on its own. 

The increased heterogeneity of hardware, operating systems, and cloud architectures now comes with a dizzying mix of cybersecurity tools and services, often optimised for Vendor X’s platform. This has led to the situation that a large organisation typically has more than 30 cybersecurity point solutions in place to protect their digital assets. And now that we have thrown AI into that mix, designing the right cybersecurity solution is as confusing as it is imperative.

That’s when I was reminded of Stonehenge. Its lintel-and-joinery design is strikingly simple and elegant, and it stands as a brilliant monument to long-term resilience. Just as Stonehenge has endured against natural and human threats, so organisations must build a cybersecurity architecture that endures a revolutionary rate of change and threat diversity, including geopolitical turbulence and AI entering the value chain. 

For CISOs, CIOs, board members, C-suite executives and line-of-business leaders concerned with operational resilience, cybersecurity architecture matters—deeply. 

And we should not forget that cybersecurity is a data problem. The more telemetry data you have, the more effectively you can execute security algorithms and protect your digital essentials across all your enterprise IT pillars, i.e., IT, OT, Clouds, Networks, Workplace, Endpoints, etc. We at Palo Alto Networks are able to combine relevant telemetry data from networks, firewalls, clouds, browsers, endpoints and the internet. 

Stonehenge was built from massive, self-reinforcing pillars and platforms of stone. The lintels and joinery help hold together the overall structure as a cohesive unit, and they have striking similarities to how IT architects are now thinking about cybersecurity. In today’s technology architecture, Stonehenge’s vertical pillars are an IT organisation’s specialised, vendor-specific IT domains—sometimes with its own security tools and capabilities rather than as a strategically integrated zero-trust cybersecurity framework across your enterprise IT pillars.

Now, Stonehenge’s with its unique resilience, can also serve in its own construction as a model for modern cybersecurity architecture. Like our evolution towards modular platformisation evolved deliberately and assuredly over time and it spans all key domains of cybersecurity, ie network, cloud, AI,  identity security and all key building blocks for an AI-driven SOC, the last line of defense that has to be real-time. In other words, it is the linchpin of our strategy for enterprise security built upon such key areas as Identity, the Autonomous SOC, and Network Security. 

Stonehenge’s lintel is analogous to cybersecurity platformization, a growing trend rapidly replacing the now-outdated best-of-breed point solution mindset. This employs a modular approach that gives flexibility and control to the security architect looking to add security domain capabilities as needs evolve. The mortise-and-tenon joinery of Stonehenge works because the parts fit together rather than being stacked as an afterthought, in much the same way modern cybersecurity frameworks are built upon the concept of embedded functionality rather than being bolted on. 

An important example here is Palo Alto Networks’ decision to power the cybersecurity platform core with Precision AI, rather than its technology being added as a separate tool. This approach enables Precision AI to power data, analytics, and workflows, making it an omnipresent resource for smarter and faster prevention, detection and response.

Another important element of any enduring architecture is its ability to provide stability to the overall framework. In cybersecurity architecture, this is the all-important cyber data layer across an integrated zero trust framework. As organisations continue to struggle with data silos across networks, cloud environments, security operations centres, and edge systems, the cybersecurity data lake takes on a heightened role of importance for the resilience of the entire cyber framework. Again, let’s not forget, cybersecurity is a data problem, a domain in its own right across all vertical IT pillars.

Now, Stonehenge with its unique resilience, can also serve in its own construction as a model for modern cybersecurity architecture. Like our evolution towards modular platformization evolved deliberately and assuredly over time and it spans all key domains of cybersecurity, i.e.  network, cloud, AI, endpoints, identity security and all key building blocks for an AI-driven SOC, the last line of defense that has to be real-time. In other words, it is the linchpin of our strategy for enterprise security built upon such key areas as Identity, the Autonomous SOC, and Network Security/SASE. 

Another critical element of the cyber platform is something even Stonehenge hasn't had to face: securing AI itself, especially the opportunity and threat represented by agentic AI. AI security must become part of the platform design and implementation, as we have done with our Prisma AIRS (AI Runtime Security) platform for enabling an organisation's growing AI portfolio to remain a vital asset and not an inviting attack vector. Agents now are not just another non-human identity; they are an entirely new class of identity, with a striking mismatch in speed between agent decision-making and human governance. The inside-out attack paths taken by hackers' ill-intentioned agents represent a major threat to under-protected AI supply chains. The same pressure now also comes from geopolitics and from AI moving into the value chain itself, such as in the case of the Factory of the Future.

Similarly, our recent acquisition of CyberArk gives us what we believe is the industry’s strongest identity security platform, Idira, positioning it as yet another vertical pillar connected to the overall cybersecurity platform lintel. Cortex XSIAM and its security data lake are deliberately open — ingesting and correlating third-party telemetry alongside our own, over 17 petabytes of telemetry data each day — to form a secure data layer that is accessible to users based on policy management and credentials validation. Palo Alto Networks leverages this mountain of data, along with around-the-clock scanning of more than 5 billion daily security events, to feed Precision AI in order to detect and block potentially devastating attacks. Currently, we detect about 9,6m new attacks per day that have not been there the day before. The use of automated AI in attack vectors has been accelerating the time of exfiltration of data from the compromise of an organization. This delay was 9 days about 3 years ago, now data is exfiltrated in most cases in less than a day, sometimes already within less than one hour!

In this context, it's also important to highlight the importance of an Autonomous SOC pillar, particularly since compliance reporting windows are continuously contracting from days to mere hours calling for real-time, highly automated defence. Today, mean-time-to-detect and mean-time-to-respond are board-level imperatives commanding more conversation and attention at an organisation’s highest levels. The Autonomous SOC pillar is a vital element in helping enterprises achieve even faster detection and remediation, ideally down into single minutes. If it also integrates the historic enterprise SIEM you can further simplify your SOC operations and gain solid financial benefits by platformization of your security relevant data.

Finally, keep in mind the use of supply chains to build the actual platform. For Stonehenge, that was an impressive physical supply chain: The bluestones used in the structure were hauled about 250 kilometers from Wales without the benefit of air, rail, or truck transport. For Palo Alto Networks’ cybersecurity platform, the supply chain was no less impressive, but more virtual than physical, often faced with attacks on third-party interdependencies such as SaaS applications, APIs and in times of Frontier AI models, the Open Source components. 

Like the pyramids, the Great Wall of China, and the Roman road system, the most remarkable aspect to Stonehenge isn’t just its engineering elegance, but its ability to withstand changing conditions and threats over time. Whether you’re a CEO, board member, CIO, CISO or security engineer, the decisions you make about cybersecurity carry significant impact and implications. In order to achieve Stonehenge-like resiliency, technical and business leaders should commit to an architectural model designed not only for today’s needs, but for what those needs are likely to be over the long term. 

Therefore, cybersecurity should be architected as a horizontal, dedicated platform across all your IT domains and businesses. With this you are able to provide real-time and platformized cybersecurity for tomorrow. And tomorrow is going to be a more and more AI-driven business world. 

 

Helmut Reisinger is CEO for Europe, Middle East, and Africa at Palo Alto Networks.

The post Built to Last: What Stonehenge Teaches us About IT Architecture & Cyber Resilience appeared first on Palo Alto Networks Blog.

Cyber Resilience is the New Business Continuity Plan

19 May 2026 at 13:30

The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose.

The post Cyber Resilience is the New Business Continuity Plan appeared first on SecurityWeek.

Which cybersecurity terms your management might be misinterpreting

9 February 2026 at 18:48

To implement effective cybersecurity programs and keep the security team deeply integrated into all business processes, the CISO needs to regularly demonstrate the value of this work to senior management. This requires speaking the language of business, but a dangerous trap awaits those who try.  Security professionals and executives often use the same words, but for entirely different things. Sometimes, a number of similar terms are used interchangeably. As a result, top management may not understand which threats the security team is trying to mitigate, what the company’s actual level of cyber-resilience is, or where budget and resources are being allocated. Therefore, before presenting sleek dashboards or calculating the ROI of security programs, it’s worth subtly clarifying these important terminological nuances.

By clarifying these terms and building a shared vocabulary, the CISO and the Board can significantly improve communication and, ultimately, strengthen the organization’s overall security posture.

Why cybersecurity vocabulary matters for management

Varying interpretations of terms are more than just an inconvenience; the consequences can be quite substantial. A lack of clarity regarding details can lead to:

  • Misallocated investments. Management might approve the purchase of a zero trust solution without realizing it’s only one piece of a long-term, comprehensive program with a significantly larger budget. The money is spent, yet the results management expected are never achieved. Similarly, with regard to cloud migration, management may assume that moving to the cloud automatically transfers all security responsibility to the provider, and subsequently reject the cloud security budget.
  • Blind acceptance of risk. Business unit leaders may accept cybersecurity risks without having a full understanding of the potential impact.
  • Lack of governance. Without understanding the terminology, management can’t ask the right — tough — questions, or assign areas of responsibility effectively. When an incident occurs, it often turns out that business owners believed security was entirely within the CISO’s domain, while the CISO lacked the authority to influence business processes.

Cyber-risk vs. IT risk

Many executives believe that cybersecurity is a purely technical issue they can hand off to IT. Even though the importance of cybersecurity to business is indisputable, and cyber-incidents have long ranked as a top business risk, surveys show that many organizations still fail to engage non-technical leaders in cybersecurity discussions.

Information security risks are often lumped in with IT concerns like uptime and service availability.  In reality, cyberrisk is a strategic business risk linked to business continuity, financial loss, and reputational damage.

IT risks are generally operational in nature, affecting efficiency, reliability, and cost management. Responding to IT incidents is often handled entirely by IT staff. Major cybersecurity incidents, however, have a much broader scope; they require the engagement of nearly every department, and have a long-term impact on the organization in many ways — including as regards reputation, regulatory compliance, customer relationships, and overall financial health.

Compliance vs. security

Cybersecurity is integrated into regulatory requirements at every level — from international directives like NIS2 and GDPR, to cross-border industry guidelines like PCI DSS, plus specific departmental mandates. As a result, company management often views cybersecurity measures as compliance checkboxes, believing that once regulatory requirements are met, cybersecurity issues can be considered resolved. This mindset can stem from a conscious effort to minimize security spending (“we’re not doing more than what we’re required to”) or from a sincere misunderstanding (“we’ve passed an ISO 27001 audit, so we’re unhackable”).

In reality, compliance is meeting the minimum requirements of auditors and government regulators at a specific point in time. Unfortunately, the history of large-scale cyberattacks on major organizations proves that “minimum” requirements have that name for a reason. For real protection against modern cyberthreats, companies must continuously improve their security strategies and measures according to the specific needs of the given industry.

Threat, vulnerability, and risk

These three terms are often used synonymously, which leads to erroneous conclusions made by management: “There’s a critical vulnerability on our server? That means we have a critical risk!” To avoid panic or, conversely, inaction, it’s vital to use these terms precisely and understand how they relate to one another.

A vulnerability is a weakness — an “open door”. This could be a flaw in software code, a misconfigured server, an unlocked server room, or an employee who opens every email attachment.

A threat is a potential cause of an incident. This could be a malicious actor, malware, or even a natural disaster. A threat is what might “walk through that open door”.

Risk is the potential loss. It’s the cumulative assessment of the likelihood of a successful attack, and what the organization stands to lose as a result (the impact).

The connections among these elements are best explained with a simple formula:

Risk = (Threat × Vulnerability) × Impact

This can be illustrated as follows. Imagine a critical vulnerability with a maximum severity rating is discovered in an outdated system. However, this system is disconnected from all networks, sits in an isolated room, and is handled by only three vetted employees. The probability of an attacker reaching it is near zero. Meanwhile, the lack of two-factor authentication in the accounting systems creates a real, high risk, resulting from both a high probability of attack and significant potential damage.

Incident response, disaster recovery, and business continuity

Management’s perception of security crises is often oversimplified: “If we get hit by ransomware, we’ll just activate the IT Disaster Recovery plan and restore from backups”. However, conflating these concepts — and processes — is extremely dangerous.

Incident Response (IR) is the responsibility of the security team or specialist contractors. Their job is to localize the threat, kick the attacker out of the network, and stop the attack from spreading.

Disaster Recovery (DR) is an IT engineering task. It’s the process of restoring servers and data from backups after the incident response has been completed.

Business Continuity (BC) is a strategic task for top management. It’s the plan for how the company continues to serve customers, ship goods, pay compensation, and talk to the press while its primary systems are still offline.

If management focuses solely on recovery, the company will lack an action plan for the most critical period of downtime.

Security awareness vs. security culture

Leaders at all levels sometimes assume that simply conducting security training guarantees results: “The employees have passed their annual test, so now they won’t click on a phishing link”. Unfortunately, relying solely on training organized by HR and IT won’t cut it. Effectiveness requires changing the team’s behavior, which is impossible without the engagement of business management.

Awareness is knowledge. An employee knows what phishing is and understands the importance of complex passwords.

Security culture refers to behavioral patterns. It’s what an employee does in a stressful situation or when no one’s watching. Culture isn’t shaped by tests, but by an environment where it’s safe to report mistakes and where it’s customary to identify and prevent potentially dangerous situations. If an employee fears punishment, they’ll hide an incident. In a healthy culture, they’ll report a suspicious email to the SOC, or nudge a colleague who forgets to lock their computer, thereby becoming an active link in the defense chain.

Detection vs. prevention

Business leaders often think in outdated “fortress wall” categories: “We bought expensive protection systems, so there should be no way to hack us. If an incident occurs, it means the CISO failed”. In practice, preventing 100% of attacks is technically impossible and economically prohibitive. Modern strategy is built on a balance between cybersecurity and business effectiveness. In a balanced system, components focused on threat detection and prevention work in tandem.

Prevention deflects automated, mass attacks.

Detection and Response help identify and neutralize more professional, targeted attacks that manage to bypass prevention tools or exploit vulnerabilities.

The key objective of the cybersecurity team today isn’t to guarantee total invulnerability, but to detect an attack at an early stage and minimize the impact on the business. To measure success here, the industry typically uses metrics like Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR).

Zero-trust philosophy vs. zero-trust products

The zero trust concept — which implies “never trust, always verify” for all components of IT infrastructure — has long been recognized as relevant and effective in corporate security. It requires constant verification of identity (user accounts, devices, and services) and context for every access request based on the assumption that the network has already been compromised.

However, the presence of “zero trust” in the name of a security solution doesn’t mean an organization can adopt this approach overnight simply by purchasing the product.
Zero trust isn’t a product you can “turn on”; it’s an architectural strategy and a long-term transformation journey. Implementing zero trust requires restructuring access processes and refining IT systems to ensure continuous verification of identity and devices. Buying software without changing processes won’t have a significant effect.

Security of the cloud vs. security in the cloud

When migrating IT services to cloud infrastructure like AWS or Azure, there’s often an illusion of a total risk transfer: “We pay the provider, so security is now their headache”. This is a dangerous misconception, and a misinterpretation of what is known as the Shared Responsibility Model.

Security of the cloud is the provider’s responsibility. It protects the data centers, the physical servers, and the cabling.

Security in the cloud is the client’s responsibility.

Discussions regarding budgets for cloud projects and their security aspects should be accompanied by real life examples. The provider protects the database from unauthorized access according to the settings configured by the client’s employees. If employees leave a database open or use weak passwords, and if two-factor authentication isn’t enabled for the administrator panel, the provider can’t prevent unauthorized individuals from downloading the information — an all-too-common news story. Therefore, the budget for these projects must account for cloud security tools and configuration management on the company side.

Vulnerability scanning vs. penetration testing

Leaders often confuse automated checks, which fall under cyber-hygiene, with assessing IT assets for resilience against sophisticated attacks: “Why pay hackers for a pentest when we run the scanner every week?”

Vulnerability scanning checks a specific list of IT assets for known vulnerabilities. To put it simply, it’s like a security guard doing the rounds to check that the office windows and doors are locked.

Penetration testing (pentesting) is a manual assessment to evaluate the possibility of a real-world breach by exploiting vulnerabilities. To continue the analogy, it’s like hiring an expert burglar to actually try and break into the office.

One doesn’t replace the other; to understand its true security posture, a business needs both tools.

Managed assets vs. attack surface

A common and dangerous misconception concerns the scope of protection and the overall visibility held by IT and Security. A common refrain at meetings is, “We have an accurate inventory list of our hardware. We’re protecting everything we own”.

Managed IT assets are things the IT department has purchased, configured, and can see in their reports.

An attack surface is anything accessible to attackers: any potential entry point into the company. This includes Shadow IT (cloud services, personal messaging apps, test servers…), which is basically anything employees launch themselves in circumvention of official protocols to speed up or simplify their work. Often, it’s these “invisible” assets that become the entry point for an attack, as the security team can’t protect what it doesn’t know exists.

Guarding your family against the latest online threats

24 September 2025 at 22:50

Parents across America face a growing wave of sophisticated online fraud designed to exploit their deepest fears and protective instincts. Americans reported losing more than $12.5 billion to fraud in 2024, representing a 25% increase over the prior year, according to new Federal Trade Commission data.

Parents represent a particularly vulnerable target because scammers understand that nothing motivates faster action than a perceived threat to a child’s safety or wellbeing. These criminals exploit parental love —creating artificial urgency that bypasses normal thinking.

Why scammers target parents

Parents are prime scam targets for several key reasons:

  • They often have established credit, making it attractive for scams involving money.
  • Easy access to cash that hackers try to tap into.
  • Most importantly, parents will go to extraordinary lengths—including financial sacrifice—to protect their children from harm.

Modern technology has made these scams more convincing than ever. Scammers now use artificial intelligence to clone voices, create fake social media profiles, and generate realistic scenarios that seem entirely plausible to worried parents.

The 5 most devastating scams bankrupting parents right now

1. Family emergency scams

The most emotionally devastating scam targeting parents involves fake emergencies. Scammers use AI to clone the voice of a child in distress, calling parents with scenarios like car accidents, jail time, or medical emergencies. The caller, sounding exactly like their child, beg for immediate money transfer while pleading for secrecy.

These scams create powerful emotional responses that override logical thinking. Parents hear their child’s voice saying, “Don’t tell Dad” or “I’m scared,” and immediately spring into action without verification.

“Pause and verify” protocol: Teach your entire family the 24-hour rule for any urgent financial requests. No legitimate emergency requires immediate wire transfers or gift card payments. Always hang up and call back using a known phone number to verify any emergency claims.

2. School-related fraud

Cybercriminals pose as school officials, coaches, or administrators claiming children owe money for equipment, field trips, or disciplinary issues. They demand immediate payment via wire transfer, gift cards, or cryptocurrency to avoid serious consequences like suspension or criminal charges.

These scams work because parents want to protect their children’s academic and social standing. The fraudsters create artificial deadlines and threaten embarrassment or legal action if parents don’t act quickly.

Verify information: Hang up and contact the school or organization directly using their official phone number or website to confirm its authenticity.

3. Social media kidnapping hoaxes

In virtual kidnapping scams, fraudsters monitor children’s social media activity to gather personal information. They then call parents claiming to have kidnapped their child, demanding ransom money. Meanwhile, the child is simply unavailable—perhaps in class, at practice, or with friends.

These schemes rely on the parent’s inability to immediately reach their child for confirmation. The scammers use publicly available information from social media posts to make their demands seem legitimate.

Multi-Factor Authentication (MFA): Enable two-factor authentication on all family accounts, especially email, banking, and social media. This simple step blocks 99% of automated attacks, even if passwords are compromised. Show your children how to use authenticator apps rather than SMS authentication when possible. Additionally, It’s critical for parents to set their children’s social media accounts to private, use parental controls, and monitor their child’s social media habits.

4. Financial Sextortion of Minors

The FBI has identified “financial sextortion” of teens as a “rapidly escalating threat”. Criminals trick minors into sharing explicit images, then blackmail both the child and parents for payment. These predators target children through gaming platforms, social media, and messaging apps.

A study found approximately 5% of U.S. students reported that they had been the victim of sextortion.  With 1 in 7 youth victims (15%) saying they harmed themselves in response to sextortion. Parents often discover these crimes only when their children’s demeanor changes or exhibit severe behavioral changes. The psychological damage extends far beyond the financial cost.

Social media privacy settings: Regularly audit your family’s social media accounts together. Scammers harvest information from public posts to make their schemes more convincing. Teach children to never post real-time locations, vacation plans, personal details that criminals can exploit or share personal and explicit photos.

5. College and scholarship scams

As college costs soar, scammers target parents desperate to secure educational funding for their children. They offer fake scholarships, guaranteed admissions, or student loan forgiveness programs that require upfront fees or personal financial information.

These scams often impersonate legitimate organizations and use official-sounding language to appear credible. Parents, stressed about their children’s futures, may overlook red flags in their eagerness to secure opportunities.

Email security awareness: Practice identifying phishing emails with your children using the “STOP, LOOK, THINK” method:

  • STOP: Don’t click links or attachments immediately.
  • LOOK: Check sender addresses carefully for misspellings or suspicious domains.
  • THINK: Ask yourself if the request makes sense and verify independently.

Your 5-step defense plan: stop scammers before they strike

  1. Real-time threat detection: Webroot’s advanced algorithms identify and block malicious websites, phishing attempts, and dangerous downloads before they can compromise family devices or data.
  2. Identity protection services: Comprehensive monitoring of identity, credit, and financial accounts helps detect fraud early, with up to $1 million in fraud expense and stolen funds reimbursement.
  3. Secure family browsing: Webroot automatically warns users about suspicious websites and blocks access to known scam sites, protecting curious children and busy parents from accidentally accessing dangerous content.
  4. Dark Web monitoring: This crucial feature monitors family members’ personal information and sends alerts if data appears in breaches or on criminal marketplaces.
  5. Password security: Strong password management ensures that all family accounts remain protected with unique, complex passwords that children and parents can easily access when needed. Never reuse passwords across accounts and use a password manager to track them all.

Don’t let criminals exploit your parental instincts

  • Establish clear communication protocols with your children.
  • Create unique code words or security questions that only family members know.
  • Practice scenarios where children should verify requests through multiple channels before sharing information or money. Have regular family discussions about online safety to help children understand current threats without creating excessive fear.
  • Participate in school, community centers, and parent organizations cybersecurity workshops specifically designed for families.
  • Combine street-smart awareness with enterprise-level cybersecurity solutions like Webroot to create an impenetrable defense against parent-targeting criminals.

 With October being Cybersecurity Awareness Month now is the perfect time to put your cybersecurity family game plan into place. The criminals betting on your parental panic are about to learn that informed, protected parents don’t make easy targets.

Additional Resources:

The post Guarding your family against the latest online threats appeared first on Webroot Blog.

Tips to make your summer travels cyber safe

17 June 2025 at 15:51

Ready, set, pack! Summer travel season is here and that means family road trips, beach vacations, international adventures and more. While summertime is prime time for getaways, did you know it’s also prime time for online fraud? Scammers are targeting the travel industry, putting millions of travelers at increased risk. Research shows that the travel and tourism sector ranked third in cyberattacks, with nearly 31% of hospitality organizations experiencing a data breach and a record 340 million people affected by cybercrimes. According to Mastercard, travel-related fraud in 2024 increased by 18% during the summer peak season and 28% in the winter peak season. 

Why travelers are prime targets

Being in an unfamiliar environment can put your personal information at risk if you’re relying on public Wi-Fi networks, using shared devices, and carrying valuable personal and business data on mobile devices. Let’s be honest, when you go into “vacation mode” and start relaxing, it’s only natural that you might also start letting your guard down. Even the best trips can have stressful moments, and when you miss a flight or get lost in a new destination, it’s easy to become less vigilant about protecting your cybersecurity. This is especially true when you travel to foreign countries. In fact, 90% of international travelers admit to risky tech practices while abroad. Fewer than 1 in 3 travelers (31%) protect their data with a virtual private network (VPN) when traveling internationally.

What to know before you go

Believe it or not, the risks to your data security start long before your vacation begins. As soon as you start booking your trip, the cybercriminals start circling. Fraud rates in sectors associated with the early stages of trip planning increased more than 12% between 2023 and 2024. At a time when inflation and economic pressures are on the rise, people are looking for deep discounts, and scammers are seizing the opportunity to steal your private data and your money.

  • Fake travel websites and rental listings: When you find a killer price on a luxury cruise, a European tour or an oceanfront Airbnb, take another look before you book! Scammers use phony offers, manipulated destination photos, and fake confirmation links to lure victims into “purchasing” great travel deals. Always double check and confirm you’re dealing with a legitimate website or listing before you hand over any credit card information.
  • Phishing scams: Phishing scams that target travel-related platforms are on the rise. Cybercriminals pose as legitimate organizations and use fake emails, text messages and phone calls to lure you into giving up financial information. These messages often ask you to click on links that embed malicious software onto your device and steal your sensitive data. In 2024, the travel website booking.com reported a 500%-900% increase in travel-related phishing scams. This rise was attributed to the large number of scams using AI, making it easier for criminals to mimic trusted sources. If you get a suspicious message, call the company or go to their website and log in directly before clicking on any links.
  • Loyalty fraud: Loyalty fraud, also known as points fraud, happens when scammers steal points or personal information from a loyalty program. The travel industry is especially vulnerable to this type of attack because so many travel-related companies, including travel agents, cruise lines, airlines and hotels, offer points programs for frequent travelers. Thieves often access loyalty accounts with credentials stolen in a data breach. Be sure to create strong passwords for your accounts and check your balances regularly.

Pre-trip security

Before you hit the road, help protect your digital data and devices with a few simple security practices.

  • Alert your financial institutions: Only about half of travelers (52%) alert their financial institutions before traveling abroad, but it’s a powerful way to fight cybercrime. When banks and credit card companies know your travel plans, it’s much easier for them to flag any suspicious transactions.
  • Turn off your Bluetooth:  Bluetooth technology automatically creates wireless connections and can give cybercriminals the ability to see what apps and websites you’re logged into. Only 44% of travelers say they make sure to turn off their Bluetooth signal, but it’s a simple way to thwart hackers. It’s also a good idea to turn off device sharing features and update your passwords before a trip.
  • Update your Wi-Fi setting: Joining unknown Wi-Fi networks is very risky and can open up your personal data to hackers. Since public Wi-Fi often has weak security,  it’s important that your phone doesn’t connect to unsecured networks automatically. Make sure to go into your phone settings and disable auto-join for unknown Wi-Fi networks. It’s a simple way to add a layer of protection when you travel.
  • Use “Find My Device” features: Enable the tracking features on your devices that can locate them if they’re lost or stolen – Find My device for iOS and Find Hub for Android.

Cybersecurity travel risks

  • Rental cars: Did you know that the simple act of syncing your phone to your rental car’s infotainment system can expose your sensitive information to cybercrime? Your phone contains all kinds of information that hackers can use, including contacts, text messages, passwords and more. Infotainment systems store your information each time you connect, and it stays there unless you manually delete it. Security experts say while 57% of people sync their phones to rental cars, only half of them take steps to remove their information. Always remember to delete your profile and data from your rental car before returning it!
  • Screen snoopers: Be cautious of screen snoopers (aka shoulder surfers) who try to see the activity on your laptop or phone in public places like planes, airports, and restaurants. To prevent hackers from stealing your passwords and other private information, use privacy screen protectors to shield your screens from prying eyes and always stay aware of your surroundings.
  • Airport and hotel Wi-Fi:  Always be wary of public Wi-Fi networks when you’re on the road. They’re often unprotected and can make it easy for cybercriminals to intercept your data. Poor Wi-Fi security at airports and hotels can allow hackers to swipe your credentials, lock you out of accounts, and even demand a ransom for your stolen data. To ensure safety while online on public WIFI, purchase a VPN for your devices, like Webroot’s Secure VPN.
  • Fake hotspot attacks: Fraudsters often set up fake hotspots to steal your information. Sometimes they alter the name of a genuine hotspot slightly (Starbucks-Coffee instead of StarbucksCoffee) to trick you into connecting. Always double-check the full network name before logging on to a public hotspot. Also, check to see if the site is using encryption. Legitimate sites that begin with “https” protect your information and make it unreadable to hackers.
  • Charging stations: Public charging stations are super convenient when you’re running low on battery, but they can also pose security risks. Cybercriminals can install malicious software on these stations to steal your device’s data, a tactic known as juice jacking. Always avoid plugging directly into public charging stations and play it safe by packing your own wall chargers, car chargers and external batteries when you travel.
  • Business centers and airport Lounges: Business Centers and lounges typically provide desktop computers for simple tasks like checking emails or printing boarding passes. While convenient, these public computers may be risky, as attackers can plant malware or install hardware that records your keystrokes. When traveling, use your personal devices whenever possible.

Travel safety best practices

  • Use Wi-Fi networks safely: Always connect using the public Wi-Fi setting, and do not enable auto-reconnect. Always confirm an HTTPS connection when browsing the internet. Avoid accessing websites that require you to supply personal data, such as social security numbers.
  • Avoid financial sites: Refrain from checking your personal banking apps or financial information over public Wi-Fi.
  • Use VPN protection: A VPN encrypts your internet connection, providing a secure channel for your data. Webroot Secure VPN gives you security and peace of mind by protecting your personal information when you’re on public Wi-Fi.
  • Enable two-factor authentication: Use Two-factor Authentication (TFA) on your gadgets and electronic devices. Adding an extra layer of security to your accounts can prevent unauthorized access.
  • Limit public posts about your location: Avoid sharing specific details about your location and travel plans on social media to prevent potential targeting by scammers.
  • Check mobile device settings: Adjust the screen settings on your devices to allow for a shorter automatic sleep feature. Implement screen locks, biometric security, and privacy settings for location services.
  • Bring portable chargers: Avoid using public charging stations by bringing your own power sources.
  • Install comprehensive security software: Use antivirus solutions to safeguard you from online threats, including bank fraud and identity theft. Webroot Total Protection offers comprehensive security, including real-time threat detection and response, automatic updates, and cloud backup. Other features include Wi-Fi security monitoring, secure browsing, and password management.

No matter what your summer destination, make cybersecurity part of your travel plans. From securing your Wi-Fi connection and turning off Bluetooth to enabling two-factor authentication, small steps can make a big difference. Let Webroot keep all your digital data safe while you’re on the go. Then all you have to worry about is remembering to turn on your out-of-office reply!

Looking for more information?

Fighting Back Against Loyalty Fraud

Travel-Related Phishing

Protect Yourself Against AI Phishing Attacks

Travel Scams to Watch Out For

The post Tips to make your summer travels cyber safe appeared first on Webroot Blog.

Build strong digital defenses for your entire family

28 May 2025 at 20:37

The month of June is a time for fun in the sun and a break from the school year, but did you know it’s also the perfect time to step up your family’s online security? June is Internet Safety Month, a yearly reminder to strengthen your defenses against online threats. In today’s hyper-connected world, we use the internet for just about everything, from shopping to banking to streaming and work. That goes for your kids as well. Many of their favorite activities, including gaming and connecting with friends on social media, are connected to the internet.  While all this access means added convenience, it also means constant threats to your family’s online safety.

From phishing scams to malware, hackers are constantly looking for ways to exploit weaknesses in cybersecurity systems and software. Their goal is always the same: to get access to personal data and use it for profit. The rising numbers tell the story. In 2024, the FBI’s Internet Crime Complaint Center (IC3) received more than 850,000 cybercrime complaints, with reported losses exceeding $10.3 billion. This is partly due to the increase in data breaches. Studies show that 51% of Americans report they’ve been victims of a data breach, and 64% say they’ve changed their online behavior for fear of escalating online threats like ransomware and identity theft.

Keep summer screen time safe

It’s not just adults getting targeted online. Children and teens are increasingly exposed to scams (even extortion scams), cyberbullying, and inappropriate content—especially during summer when screen time surges. A recent Pew Research study found that 45% of teens are online almost constantly. So how do you let your kids enjoy their screens safely? Webroot Total Protection and Webroot Essentials offer parental controls that make it easy to manage your children’s online activity and content access. You can block specific websites, filter out inappropriate content and set daily limits on computer time. You can also monitor what sites your kids visit and interact with, and even tailor different levels of protection for each child. Whether your kids are watching YouTube, chatting on Discord, or gaming with friends, it’s a simple way to keep them safe without having to hover over them every time they’re online. 

Protect every device

As we spend more time on our mobile devices, cybercriminals are following suit. A recent security report shows that 70% of fraud is now carried out through mobile channels. From phones and tablets to laptops, the mobile devices your family relies on daily are brimming with personal data. Now more than ever, we need to take steps to protect ourselves and our family. Webroot Essentials provides multi-device protection with real-time threat intelligence. Whether you’re on Android, iOS, Windows or Mac, all the devices in your household are constantly safeguarded against the latest online threats.

Strengthen your password security

Are you still using passwords like your dog’s name and 123? And what about your kids? Chances are their Roblox passwords aren’t as tough to hack as they should be. If there’s one weak link in most people’s security, it’s their passwords. Cybercriminals know that, and they’re taking full advantage. In fact, the 2025 Verizon Data Breach Investigations Report found 81% of data breaches were caused by compromised passwords. Here are some tips to keep all your family’s passwords secure.

  • Make it complicated: It’s important to create long and complex passwords and avoid using anything that’s easy to guess. That means no “Password” or “123456”. It also means no pet names or kid’s names, since hackers can often find those details on social media.
  •  Don’t recycle: Never use the same login for more than one account. It may be easier to remember, but if your username and password for one account are exposed in a data breach, hackers can use them to try and break into all your other accounts.
  • Use a password manager: Let a password manager save you some headaches by doing the hard work for you. Webroot solutions include password managers that store credentials and credit card information and automatically fill in login information, so the whole family can stay secure without having to remember every login. Be careful storing your credit card information on shared devices. You don’t want a shipment of 70,000 lollipops at your door.

Defend against social engineering scams

It’s important to stay aware of the latest online threats. Social engineering scams are designed to gain your trust and then trick you into sharing sensitive details by clicking on fake links or downloading malicious software. The most common type of social engineering is phishing. In a phishing attack, hackers pretend to be someone you trust and use fraudulent emails, texts and websites to try and steal personal information.

Scammers often use phishing to target children. They pose as friends, influencers, or game platforms to trick them into clicking fake links and handing over details like credit card numbers. These scams often start with an offer of an exciting reward or a prize. Take some time to talk with your kids about these common scams.

  • Fake game reward scams: Kids are offered free in-game currency on a popular platform like Fortnite, then asked to click phony links and provide sensitive details. It’s important to remind your children to redeem rewards through official game platforms only and never enter login or payment information into random pop-ups or suspicious links.
  • Social media impersonation scams: Scammers create fake social media profiles to pose as a friend, classmate, or influencer, and use stolen photos or AI-generated content to build seemingly legitimate profiles. The goal is to trick kids into clicking dangerous links or downloading malware. Make sure your children know that even if someone looks familiar, they may not be who they say they are.
  • Friendship and romance scams: A scammer builds an emotional connection with a child, then starts asking for sensitive info like Social Security numbers, photos, or money. Remind your kids that if someone won’t use video chat or meet in person, they’re probably not legitimate. Also remind your children, adding people to your social media friends group
  • Influencer giveaway scams: Fake influencer accounts host phony contests and message “winners” asking for a fee or bank account details. Remind your kids that they should only follow verified social media accounts, and that a real contest won’t ask them to pay to redeem a prize.

Secure your home network

Home security means more than just deadbolts and alarms. With smart TVs, video doorbells, and wireless thermostats, our homes are more connected than ever. While all these Internet of Things (IoT) devices making our lives more convenient, each one is a potential entry point for hackers. Webroot Secure VPN provides encrypted connections for safe browsing at home. When your family is on the go, it protects your online privacy on unsecured networks and shields your personal information from cyberthieves.

Internet safety checklist

  • Update all your operating systems and applications to the latest versions – make sure to do the same for your kids.
  • Enable automatic updates for software and security for the entire family.
  • Run a full system scan to detect any existing malware on all devices in your household.
  • Enable multi-factor authentication on all critical accounts.
  • Create unique passwords for each online account.
  • Change passwords for your family’s most important accounts often, such as banking, email, and social media.
  • Review settings on all social media accounts and make sure all kids’ profiles are private.
  • Check app permissions, especially on your kids’ devices.
  • Clear all browser cookies and caches monthly.
  • Be cautious with suspicious links or unknown senders. Be sure the whole family knows to verify sender addresses before responding to requests for information or clicking any links.
  • Consider comprehensive online security with Webroot Total Protection, which includes antivirus and identity protection, unlimited cloud backup, and up to $1 million in identity theft expense reimbursement. Get protection for up to ten devices and peace of mind that your family’s digital lives are secure.

Cybercriminals never take a break and neither should you. Internet Safety Month is the perfect opportunity to step up the digital safety of your entire household. And remember – online security isn’t just an annual event. Your sensitive data deserves year-round protection, and you can get it with family-friendly solutions from Webroot. Don’t wait for a data breach or other disaster to take action. Keep your kids safe and your data secure by strengthening your digital defenses today!

Looking for more information?

Avoiding Scams that Target Kids and Teens

Protecting Young Online Gamers

How Americans View Data Privacy

Social Security Numbers and Identity Theft

Protect Yourself from AI-Enabled Phishing

Common Types of Phishing Attacks

Why Use a Password Manager?

Defending Your Digital Identity from Evolving Threats

The post Build strong digital defenses for your entire family appeared first on Webroot Blog.

❌