Examines the risks and governance frameworks involved when employees use personal devices for work. Topics include crafting enforceable BYOD policies, containerization solutions, acceptable use guidelines, compliance considerations, and balancing employee privacy with organizational data protection.
posts
In 2023, a single employee's compromised personal phone gave threat actors a foothold into MGM Resorts' corporate network. The resulting breach cost the company over $100 million. The attack didn't start with some sophisticated zero-day exploit — it started with a social engineering call to the
In 2023, Verizon's Data Breach Investigations Report found that 74% of all breaches involved the human element — and mobile devices have become the primary attack surface for exploiting that weakness. I've watched organizations spend six figures on perimeter defenses while their employees check corporate email on
In 2023, a single compromised employee phone at MGM Resorts International led to a social engineering attack that cost the company over $100 million in losses. The threat actors didn't hack a firewall or exploit a zero-day. They called the help desk. That incident is a masterclass in
In 2023, a single compromised employee phone gave threat actors a foothold inside MGM Resorts' network. The attackers used social engineering — a phone call to the help desk — and within hours, they had enough access to deploy ransomware that cost the company over $100 million. The device that started
