What happened
Meta’s WhatsApp has launched a new high-security option called Strict Account Settings, a lockdown-style security mode that applies the most restrictive privacy and protection controls to accounts at risk of targeted spyware and cyberattacks.
Who is affected
While available to all users, this mode is primarily intended for journalists, public-facing figures, activists, and other high-risk individuals who may be targeted by sophisticated threat actors.
Why CISOs should care
Messaging platforms like WhatsApp are pervasive in corporate and personal communication, but they are also exploited vectors for spyware, zero-click attacks, and social engineering. Enhanced security modes that trade usability for stronger defenses are an important tool in a layered protection strategy, particularly for high-value targets and executives whose compromise could yield broader organizational impact.
3 practical actions
- Evaluate risk profiles for executives and high-visibility employees to determine who should enable WhatsApp’s Strict Account Settings.
- Update messaging security policies to include guidance on enabling enhanced platform features and phishing awareness.
- Monitor threat intelligence for evolving attack techniques against mobile messaging platforms and adjust defensive measures accordingly.