Welcome to VMblog's roundup of expert commentary in honor of Internet
Safety Month! In this digital age, where connectivity and online
activities have become an integral part of our lives, it is crucial to
prioritize and enhance our understanding of internet safety. To help you
navigate the vast landscape of online security, we heard from some of the industry's top experts who have dedicated
their careers to safeguarding users from potential threats, scams, and
privacy breaches. Their valuable perspectives and advice offer a wealth
of knowledge to ensure a safer online experience for individuals and
families alike.
Internet Safety Month serves as a timely reminder
of the importance of proactive measures to protect ourselves and our
loved ones in the digital realm. Throughout this roundup, you will find a
diverse range of ideas, as these industry experts bring their extensive
experience and deep understanding of the evolving cyber landscape,
shedding light on emerging threats and offering practical strategies to
mitigate risks.
Let this compilation of expert commentary serve
as a valuable resource to you. Stay informed, and take proactive steps
towards a safer and more secure online experience.
--
DARREN GUCCIONE, CEO AND CO-FOUNDER, KEEPER SECURITY
As the cyber threat landscape grows increasingly complex, organizations must implement proactive cyber strategies to achieve full visibility and the strongest protection. Internet Safety Month is a timely reminder for organizations to implement a layered security strategy that includes Privileged Access Management (PAM), advanced AI-powered threat detection and flexible, secure authentication methods.
PAM is a reliable defense against the most prevalent cyber threats that will also protect critical resources in the event of a successful attack. Features like automated password rotation and just-in-time access limit a cybercriminal’s ability to gather or steal data, while session monitoring and recording can allow organizations to identify the root cause of a breach. By providing visibility and access management across the entire organization, PAM solutions limit access sprawl, which significantly mitigates threats and minimizes the impact of any breach.
As threats become more sophisticated, leveraging AI tools enables organizations to enhance threat detection, automate responses and improve incident management. Enterprise IT and security leaders should consider adopting a PAM platform equipped with an agentic AI-powered threat detection system that automatically monitors and analyzes user sessions to identify suspicious or malicious behavior, and act autonomously when it identifies threats.
++
Heath Renfrow, CISO and Co-Founder, Fenix24
As the digital threat landscape continues to evolve, so must our defense strategies. Internet Safety Month serves as a timely reminder that cybersecurity is not just an IT issue, it’s a business imperative. With remote work now a permanent fixture for many organizations, and cyberattacks growing in both sophistication and scale, we need to continuously reinforce foundational cyber hygiene across every layer of the organization.
To improve internet safety and reduce organizational risk, I recommend companies focus on three key priorities:
- Secure Remote Access at Scale: VPNs and MFA alone are not enough. Organizations should adopt a Zero Trust model with granular access controls, ensure remote access is logged and monitored, and regularly audit for unauthorized connections. Assume compromise, and design access protocols accordingly.
- Practical, Role-Based Security Training: Generic security awareness programs no longer cut it. Employees need hands-on training tailored to their roles, with real-world examples of phishing, social engineering, and insider risk. Everyone—from the front desk to the boardroom—must know how to detect threats and act quickly.
- Hardened Communication Channels: Business communications must be treated as critical infrastructure. Encrypted messaging, email authentication protocols (like SPF/DKIM/DMARC), and restricted external file sharing should be standard. Policies should be updated frequently to address emerging threat vectors like QR phishing and business email compromise.
Your cybersecurity posture is only as strong as your least-prepared employee. Culture, not just technology, will determine your resilience. Make security a core organizational value, not just a compliance checkbox. The companies that thrive in today’s threat landscape will be those who lead with both awareness and action.
++
Danny Brickman, CEO and Co-Founder, Oasis Security
Large language models (LLMs) such as ChatGPT, Claude, and Llama have taken the world by storm. These models are transforming the way organizations operate and grow their businesses, and we are only now starting to understand the extent of this transformation.
As we recognize Internet Safety Month in June, it’s important to consider the security implications of this fast-moving shift. The adoption of LLMs has been both rapid and widespread. Whether organizations realize it or not, these technologies are already being connected to and integrated into enterprise environments at scale.
These new tools bring with them novel risks to Non-Human Identity (NHI) management and security, requiring enterprises to rethink how we approach identity, access, and governance in a world where AI tools are deeply embedded in business operations. By shifting our strategies to secure LLM adoption, starting with better visibility and control over NHIs, we can ensure innovation continues without compromising safety.
++
Alex Quilici, CEO of YouMail
When we talk about the internet, most people still picture sitting at a desktop computer, clicking around in a browser. But the reality is, that’s not how we experience the internet anymore. The internet now comes to us. It reaches us through texts, emails, push notifications, apps, and even phone calls, increasingly driven by AI and automation.
We no longer consciously “go online.” We’re always connected. This shift has made it easier than ever to fall for scams, phishing attempts, and malware-laced links, because these threats show up in places we aren’t expecting them: a text from a delivery service, a voicemail from a “bank,” or an email from a coworker.
During Internet Safety Month, it's important to recognize that these new touchpoints have become common delivery mechanisms for phishing, scams, and fraud. Threats now appear as a text claiming to be from a delivery service, an email from someone impersonating a coworker, or a voicemail pushing a fake urgent request. The rise of generative AI is only increasing the sophistication of these attacks.
Staying safe today means being aware of how the internet reaches us. It means putting protections in place for the moments when we are most likely to be caught off guard, like checking a message on the go or clicking a link in a rush.
++
Justin Ong, Brand and Community Director, Auvik
As we recognize Internet Safety Month, it’s worth remembering that the biggest security threats often come from the tools we’re most eager to use. Excitement around new technologies—especially AI—can lead to adoption without proper vetting, creating risks through what’s known as Shadow AI. When teams use AI tools without IT’s oversight, they introduce blind spots, compliance issues, and hidden vulnerabilities.
According to Auvik’s 2025 IT Trends Report, 34% of organizations lack a formal AI policy, and 21% say leadership isn’t paying enough attention to AI risks. Without visibility, IT can’t secure what it doesn’t know exists. That’s why real-time monitoring and mapping, paired with strong cybersecurity awareness, are essential to protecting today’s networks.
++
Mac Grant, Head of Sales and Channel - Americas, ColorTokens
Internet Safety Month reminds us that in large enterprises we can’t expect people to be perfect all the time. Our security teams shouldn’t bear the full burden of keeping attackers out. We need systems that automatically contain breaches and stop threats from spreading across the network. Stopping lateral movement with internal segmentation, identity aware controls, and real time monitoring are all crucial to preventing one compromised device from threatening the entire organization.
++
Devin Ertel, CISO, Menlo Security
The threats facing today’s average internet user continue to evolve daily, with sophisticated methods of phishing leveraging AI and other technology to execute successful cyberattacks. Today, 98% of these attacks originate from internet usage, with 80% specifically targeting end-user browsers. With the web browser serving as a critical business tool that fosters communication and collaboration, it is a prime target for cybercriminals. As employees utilize browsers to perform their daily tasks, one wrong move can place critical company data, networks, and operations at risk of compromise by malicious actors.
Internet Safety Month is a reminder of the key role the browser plays in cybersecurity, and an opportunity for organizations to reassess their current security priorities to ensure they have the systems and resources in place to foster the visibility and control needed to prevent browser-based threats. For true internet safety, organizations must shift their focus to directly securing the browser. Browser security is no longer optional – it is essential for securing enterprise assets and ensuring operational continuity.
##