It is common knowledge that the Hippocratic oath of medicine taken by all healthcare professionals includes a form of the statement "foremost, do no harm." Or, in latin, "primum non nocere."It is just too bad that cyber security professionals do not adhere to such an oath.
A large retailer specializing in office supplies migrated to Office365 earlier this year. As part of that migration, they decided to acquire and deploy a solution for securing cloud access, what Gartner calls a "CASB or Cloud Access Security Broker." Unfortunately for that retailer, their IT team is stretched thin. So they tested a single vendor and went ahead and deployed the solution. As it turned out, the cure is worse than the disease, leaving the retailer in a state of explosive and chronic phishing risk. Phishing this retailer is as easy as shooting fish in a barrel. Here is why.