wonderfully unique software solutions

LastPass signs new CIO for passwordless innovation versus AI threat

Password management software vendor LastPass has hired a new chief information officer (CIO) to drive sales, anticipating demand in line with potential for AI driven identity and authentication threats.

Asad Siddiqui, who took the reins this month, said the company expects a “pivotal” time of transformation.

“I’m excited by the potential to help elevate security and bring technological innovations to ensure LastPass remains at the forefront of providing seamless and secure experiences,” he said in the announcement.

Siddiqui, previously CIO at SaaS provider Celigo, is expected to direct LastPass teams in the creation and execution of the technological vision, strategy and operating plans in support of business strategy, it said.

The vendor has been spotlighting risks from AI-powered phishing. An increase in large language model (LLM)-powered dynamic content may make detecting social engineering harder, it said.

In a LastPass social-engineering focused survey, some 95% of the IT and security professionals who responded agreed that social engineering attacks have become more sophisticated in the last year.

Alex Cox, director of threat intelligence at LastPass, said that the evolving landscape of AI-fuelled social engineering attacks meant security practices must adapt. LLMs mean criminals can also coordinate their assaults with more precision and customisation.

“IT and security leaders recognise this threat,” Cox said, with less reliance on passwords rapidly becoming more important in many organisations’ defences.

Phishing and other types of social engineering attacks focus on fooling people into revealing information or data that compromises their own or their organisation’s security.

According to LastPass, 81% of respondent businesses saw more phishing attacks in the past year, with phishing expected to remain a major threat versus business email compromise, vishing, smishing or baiting.

“While 88% of respondents feel confident in their phishing testing programmes, only 16% actually identify 75-100% of suspicious activity within these phishing testing programmes,” it said.

“Bad actors can use generative AI to whip up traditional phishing emails in far less time than it takes to craft those messages by hand,” noted LastPass in this blog post.

The vendor said that replacing passwords with passkeys will typically enhance resilience against social engineering, with password managers helpful in preventing user credentials from being exposed via social engineering.

( Image by kalhh from Pixabay )

Recent Articles

Hornetsecurity expands M365 cloud security offer with Vade deal

Cloud email security provider Hornetsecurity has added a partnership with Vade, increasing focus on answering data sovereignty requirements with best-in-class cloud, compliance...

Cross-browser testing provider BrowserStack named Microsoft ‘partner of choice’

Software testing platform provider BrowserStack has announced a strategic partnership with Microsoft to support Visual Studio App Center users transitioning to BrowserStack...

JetBrains rolls out full-line code completion for its IDEs

Developer tools company JetBrains has added to its AI-enablement tools with full-line code completion for its integrated development environments (IDEs), separate to...

OpenText renews X12 supply-chain data standards partnership

Enterprise information management (EIM) software vendor OpenText is renewing its partner licensing agreement with the X12 electronic data interchange (EDI) standards organisation.

LiveAction NPM performance extended for Cisco unified server users

Network intelligence from vendor LiveAction has been certified to work with high performance Cisco servers, increasing availability of its packet data and...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox