In fast growing companies, SaaS adoption outpaces the ability to keep track of security. Staying on top of who’s got access to which SaaS apps and with what privileges, who’s sharing sensitive data with whom, how’s data flowing between SaaS apps is a real challenge for IT/security teams because they don’t manage all the SaaS apps themselves. Gartner has estimated that “By 2024, 70% of IT organizations will lack the relevant roles, skills and tools to support SaaS-enabled digital transformation.”

John Kouroutzoglou has been involved in physical and cyber security for over 15 years. He has worked in government and in the private sector at large global firms such Alcatel-Lucent, HP and EY. He is currently the Information Security & Compliance Manager at Australia’s leading real estate technology firm – Domain Group. John’s areas of expertise include: Fraud Prevention, Insider Threat Management, Security Awareness Training, 3rd Party Due-Diligence, Privacy and Personal Security.

Before I co-founded Detexian as the CTO, I had a long career in Information Technology which started onboard HMNZS Te Kaha as an Electronics Technician. Working on classified equipment at sea was my first exposure to both security and doing things right the first time, a mantra I still live by today.

In a modern cloud-based business, messaging is critical. Your staff often want to be able to use any device from any location to send and receive email; and if it’s not an option, they will create auto-forwarding of work emails to get around the rules to their personal accounts which offer this flexibility. That may not sound terrible at all if you can trust your staff to do the right things?

A SANS staff member unknowingly authorized a malicious app via a phishing email that led to 28,000 individuals data being breached.