Lisa Tetrault
Sr Vice President, Arctic Wolf (Canada)Lisa Tetrault is the Senior Vice President of Security Services at Arctic Wolf, where she helps organizations strengthen their resilience in an increasingly cloud-driven world. With deep expertise in security operations and modern threat landscapes, she champions the need to elevate SaaS security alongside traditional endpoint protection. Known for her clear, practical guidance and people-centric leadership, Lisa focuses on closing visibility gaps, building strong security cultures, and ensuring organizations stay ahead of emerging cyber risks.
The way organizations work has transformed. Today, Software-as-a-Service (SaaS) applications drive everything from collaboration and finance to supply chain operations and customer engagement. This shift has unlocked efficiency and scale, but it has also opened new pathways for attackers.
For years, endpoint security has been treated as the foundation of cyber defense and it still is. But as attackers increasingly focus on SaaS platforms, treating endpoints as the only frontline is like securing the front door while leaving the windows wide open.
In today’s cloud-first world, SaaS environments must be treated with equal urgency. According to Arctic Wolf’s 2025 State of Cybersecurity Trends Report, 84% of organizations have deployed next-generation endpoint security, yet only 40% report full coverage across their environments. That gap matters. Attackers look for the path of least resistance and increasingly, that path is through SaaS applications rather than devices.
The same report found that 70% of organizations experienced at least one significant cyberattack in 2024, underscoring that even with widespread endpoint tools in place, defenses are far from airtight.
The SaaS Security Blind Spot
In our Security Operations Centers, we continue to see the same SaaS security challenges surface across industries:
- • Permissions and misconfigurations: Inconsistent access rights and weak defaults create open doors for attackers.
- • Shadow IT: Employees adopt unapproved tools that bypass IT governance.
- • Identity risks: Stolen or poorly managed credentials provide direct access to sensitive systems.
- • Compliance gaps: Without strong governance, sensitive data can be exposed in ways that trigger regulatory action.
Attackers very well understand these gaps. They no longer need to compromise a device when they can exploit a SaaS platform directly, making the job much easier.
Why Endpoints Alone Aren’t Enough
Endpoint security remains essential, malware, ransomware, and phishing are not going away. But SaaS platforms now hold just as much sensitive data, from customer records to intellectual property. Treating endpoint and SaaS security as separate silos creates blind spots. Treating them as complementary reduces the opportunities attackers can exploit.
Culture Makes the Difference
In my experience, the strongest defenses emerge where culture and technology align. Recognition programs, stretch assignments, and continuous training create engagement -and engaged teams spot problems before they become breaches.
Endpoints remain a critical layer of defense. But SaaS platforms have become equally strategic. Attackers don’t care whether they compromise a laptop or a cloud app – they go where the data lives.
Organizations that treat SaaS security with the same urgency as endpoints, and that approach both as part of a unified defense, will be better prepared for the evolving threat landscape.
