Recent incidents highlight the persistent challenges of insider related threats and increasing sophistication of AI-driven phishing. 

In March 2026, a US court convicted 27-year-old Cameron Curry, a former data analyst at Brightly Software, a Siemens subsidiary that provides SaaS solutions. Upon learning his contract would not be renewed, Curry exfiltrated payment and corporate information he had legal access to. The day after his contract ended, the ex-data analyst, using the pseudonym "Loot", began sending threatening emails to Brightly employees. In those emails, Curry demanded a $2.5 million cryptocurrency ransom in exchange for non-disclosure.

To prove his claims, he attached screenshots containing employees' personal data:

• Names and dates of birth
• Home addresses
• Compensation information

Curry threatened management not only with releasing the data but also with regulatory fines – he promised to report an hidden breach to the U.S. Securities and Exchange Commission (SEC). Following Curry's numerous extortion emails, Brightly paid $7,540 in Bitcoin, which was transferred to a cryptocurrency wallet controlled by Curry. After that, the company contacted the FBI. Following the discovery of evidence, he now faces up to 12 years in prison.

The Brightly incident clearly shows that insider threats are becoming more diverse. That's why Next-Gen DLP systems are now essential for prevention. Such DLP solutions help minimize risks like data theft and subsequent extortion by fully monitoring employee activity and blocking unauthorized transfers of confidential documents to external devices, personal clouds, or messengers.

The second threat, observed in the Middle East, is the rise of phishing attacks powered by generative AI. In April 2026, the UAE Cybersecurity Council warned that AI phishing scams now cause more than 90% of all cyber breaches. Globally, over 3.4 billion phishing emails are sent daily, serving as the entry point for 75% of cyberattacks.

AI makes it harder to detect traditional "red flags" – the signs that used to help recognize phishing: grammar mistakes, unnatural phrasing, poor design. Attackers now create nearly perfect fakes by cloning voices and logos and writing highly personalized texts tailored to specific victims. In response, The UAE Council urged users to remain vigilant before clicking on any links and to verify advertisements, message sources, and any requests involving personal or financial information before disclosing sensitive data.

In today’s environment, businesses require unconventional information security training approaches, such as realistic attack simulations. However, even the most progressive training is not enough, as attackers evolve faster than security teams can update education materials. That's why companies must also implement technical tools to automate monitoring and prevent data breaches.

SearchInform Data Loss Prevention (DLP) solution helps protect sensitive information from being exfiltrated through phishing attacks. DLP tools monitor and control data transfers, ensuring that confidential information is not inadvertently shared with malicious actors. Refer to the white paper to discover how a DLP system helps prevent other external threats, such as hacker intrusions.