Venture capital company Insight Partners on Feb. 18 confirmed that the firm experienced a cyber incident caused by an unspecified social-engineering attack.The case raised some eyebrows in the cybersecurity community especially since Insight Partners’ portfolio includes some big names in the security industry such as Abnormal Security, Checkmarx, Cylance, Island, JFrog, Mimecast, Recorded Future, SentinelOne, Tenable, and Wiz.In a public statement, Insight Partners said it notified all its stakeholders and partners, as well as law enforcement. It’s also working closely with cybersecurity experts, a leading forensics and eDiscovery expert, and outside legal counsel.The company said it detected the incident on Jan. 16, and immediately moved to contain, remediate and start an investigation. Insight Partners said there’s no evidence that the threat actor was present after Jan. 16 — and said there has been no further disruption to the company’s operations from this incident.“This breach at Insight Partners shows how even sophisticated financial firms managing billions in assets remain vulnerable to social engineering attacks, which succeed by exploiting human psychology rather than technical vulnerabilities,” said J. Stephen Kowski, Field CTO at SlashNext Email Security. “Modern cybersecurity requires going beyond traditional security awareness training to include real-time phishing detection and automated response capabilities that can spot, and block sophisticated social-engineering attempts before employees ever see them.”Kowski said the fact that Insight Partners detected and responded to the incident within hours demonstrated good incident response practices, but prevention through advanced threat detection would have been even better. Companies should combine regular security training with AI-powered tools that can identify and stop social engineering attacks in real-time, especially given that these attacks are now the leading cause of cybercrime losses, Kowski said.Mika Aalto, co-founder and CEO at Hoxhunt, added that with social engineering evolving so dramatically in the age of artificial intelligence (AI), training must keep up and plug into the security stack.“Using human threat intelligence to stay ahead of the latest attacks provides an advantage against advanced phishing and social engineering,” said Aalto. “It accelerates incident response and prevents malicious clicks. This means going beyond traditional SAT tooling to adopt behavior change platforms that are designed to measurably reduce human risk.”Lawrence Pingree, vice president at Dispersive, said social engineering is very common these days and increasingly used via virtually every mode of communication: instant messaging, SMS, voice calls, deepfake voice, and traditional in-person communication.“It’s important that processes have been vetted for social-engineering resilience, by having multiple methods of vetting, especially any trusted actions, for example, checking funds transfers and wire transfers,” said Pingree.Chen Burshan, chief executive officer of Skyhawk Security, said to combat social-engineering attacks, continuous employee training and rigorous phishing simulations are essential to reducing human error. However, Burshan said there’s no such thing as a foolproof training program.“Organizations must also implement advanced security controls that can detect and analyze anomalous behavior, even when it appears to come from trusted identities,” said Burshan. “A robust security strategy should not only identify potentially malicious activities, but also validate them in real time, ensuring that any unverified actions trigger an immediate response from security teams.”
