- CIOsurge
- Posts
- VEILDrive attack exploits Microsoft services to distribute malware | CIOSurge
VEILDrive attack exploits Microsoft services to distribute malware | CIOSurge
Cloud-Based Threats, CX-Driven IT Shifts, and CIO-Led AI Innovation
Zack Tembi
November 13, 2024
Powered by Single Fin
Welcome to this week’s edition of CIOsurge!
Get ready for a fresh dive into the latest trends, insights, and strategies shaping the future of IT leadership.
Let’s make this week a game-changer.
Stay sharp. Stay ahead.
📂 VEILDrive attack exploits Microsoft services to distribute malware
The VEILDrive campaign exploits Microsoft services like Teams, SharePoint, Quick Assist, and OneDrive to distribute spear-phishing attacks and malware. It targets critical infrastructure by leveraging trusted, compromised accounts. The attackers use Teams messages, impersonating IT staff, and OneDrive-based command-and-control to evade detection, bypassing traditional monitoring and defenses with a cloud-centric strategy.
For IT leaders, the VEILDrive attack is a wake-up call on the vulnerabilities that can arise when trusted services like Microsoft Teams and OneDrive are exploited. These platforms are critical for our daily operations, and attackers are increasingly leveraging their trusted status to bypass traditional defenses. The use of legitimate SaaS services to distribute malware makes detection more challenging and underscores the need for stringent identity verification and external access controls.
As CIOs, we need to rethink our approach to monitoring interactions across collaboration tools. This means investing in enhanced threat detection capabilities that focus not just on malicious software, but on unusual usage patterns of seemingly benign tools. Staying ahead of these threats is key to protecting our organizations from actors who are exploiting our reliance on these platforms. - Zack Tembi
🌟 Customer Experience Drives CIO Technology Shifts
The shift toward customer experience (CX) is becoming central for CIOs, as illustrated by Bojangles CIO Richard Del Valle. His team moved from infrastructure-focused to guest-focused IT, enhancing CX through tech like self-serve kiosks and AI. Industry-wide, 51% of IT leaders plan increased CX involvement, reflecting the growing role of CIOs in driving seamless, customer-centric technology transformations.
In today’s competitive landscape, the shift toward customer experience as a core IT priority is something we, as technology leaders, can't afford to overlook. Bojangles’ approach shows how aligning IT initiatives directly with customer expectations—whether through AI-driven ordering systems or seamless self-serve kiosks—can drive both operational efficiency and brand loyalty. For us CIOs, it’s about recognizing that our role now extends beyond managing infrastructure; we're directly impacting how our customers interact with our brand.
This pivot requires more than just technological updates; it involves a change in mindset. We need to work cross-functionally and leverage technology to create consistent, meaningful experiences, all while balancing our infrastructure needs. As we see more CEOs prioritizing CX, it’s essential that we, too, become champions of these efforts—ensuring that our strategies not only meet technical standards but elevate the overall customer journey. - Zack Tembi
🗞️ At A Glance
💡 CIO Spotlights
Pat Klein on Leading Transformation Through Adaptable, Strategic Leadership
Pat Klein shares how his background in business consulting shaped his approach to technology leadership, driving practical, cross-industry solutions as a CIO.
Faced with legacy system limitations, Klein led a digital overhaul focused on agility, cybersecurity, and aligning IT with business goals to boost customer satisfaction and operational efficiency.
Known for his hands-on, resilient style, Klein emphasizes lifelong learning, team collaboration, and creating a culture open to innovation and thoughtful risk-taking.
Liberty Mutual CIO Monica Caldas drives digital acumen to power AI innovation
Monica Caldas, CIO of Liberty Mutual, leads initiatives to build a tech-savvy workforce, enhancing the insurer’s readiness for generative AI.
Through programs like Executech, Caldas empowers employees with essential tech skills to foster collaboration and innovation.
Under her guidance, Liberty Mutual has deployed Liberty GPT, with 25% of staff now using it to improve productivity through tailored AI capabilities.