Ian Barker

Careless users cause data loss incidents

A new study from Proofpoint shows that 85 percent of organizations polled experienced at least one data loss incident in the past year. Even the country with the lowest percentage -- the UK -- still had 73 percent of respondents reporting at least one incident in the past 12 months.

What's particularly interesting though is that careless users, accounting for 70.6 percent, are much more likely to cause these incidents than compromised (48.1 percent) or misconfigured systems (45.3 percent).

Continue reading

'Blame game' with service providers puts organizations at risk

Organizations are putting their critical operations at risk by enabling the widespread continuation of a 'blame game' culture between their IT teams and third-party service providers, according to a new report.

The survey from Dynatrace finds that 91 percent of organisations are still playing the blame game with IT service providers when problems occur. This increases the reliance on war-room-style meetings to identify and resolve the cause of problems, which extends the duration of incidents and creates tense workplace environments that heighten the risk of losing skilled talent.

Continue reading

70 percent think misinformation could impact elections

As the US Congress talks about potentially banning TikTok, a new survey from Media.com shows that 70 percent of social media users are moderately to extremely concerned that misinformation will impact the 2024 US Presidential election.

Respondents are also inclined to hold social media companies accountable for misinformation and hate speech, with a slim majority (51 percent) favoring increased regulation and 62 percent calling for legal action for social platforms that allow misinformation to spread.

Continue reading

What can we expect from the third decade of cloud computing? [Q&A]

Cloud has been a cornerstone of the computing industry for many years. As it enters its third decade in 2024, economic pressures, anti-monopoly moves and more mean things will look different for hyperscale providers.

We spoke to Amol Dalvi, VP of Product of Nerdio, to discuss what we can expect to see over the next 10 years.

Continue reading

Dark web election posts up almost 400 percent

The number of new posts on dark web forums about elections surged by 394 percent in 2023 compared to 2022, research released this week by cybersecurity firm NordVPN reveals. And in the first two months of 2024 alone, users have already published almost half as many posts.

With more than 60 countries holding national elections in 2024, representing over half of the world's population, this is a significant year in history for global democracy so it's unsurprising that there's an increase in interest.

Continue reading

Logs, metrics and traces -- unlocking observability [Q&A]

Ensuring observability has always involved three pillars: logs, metrics and traces. However, the reality is that most organizations simply store this information in silos which are incapable of communicating with one another.

Jeremy Burton, CEO of Observe, believes organizations need to go beyond the three pillars of past failed solutions and instead view observability as purely a data problem. We talked to him to learn more.

Continue reading

New solution offers faster response to MS365 compromises

Business email compromise (BEC) is one of the most common and expensive threats to organizations so they need to respond to attacks quickly and effectively.

To allow companies to investigate and respond to Microsoft 365 compromises such as BEC, account takeover (ATO) and insider threats, Cado Security is introducing a new feature to its platform so customers can automatically import the Microsoft 365 Unified Audit Log (UAL) by timeframe, user, IP, or workload.

Continue reading

Companies expose 35,000 sensitive SaaS assets each year

SaaS

A new report from DoControl finds that companies are generating approximately 286,000 new SaaS assets, such as files or recordings, each week. However, it also found the public exposure of 35,000 sensitive assets at the average company, a significant lapse in data management and access controls.

The report finds a 182 percent increase in employees sharing company-owned assets via their personal email too. In 2023, findings show that the average company had one out of six employees share data with their personal email account (1.3 million assets).

Continue reading

Attackers exploit email forwarding rules to compromise accounts

Detections for malicious email forwarding rules have risen by nearly 600 percent in 2023, as adversaries compromised email accounts, redirected sensitive communications to archive folders and other places users are unlikely to look, and attempted to modify payroll or wire transfer destinations, re-routing money into the criminal’s account.

This is one of the findings in the latest Threat Detection Report from Red Canary. Half of the threats in top 10 leverage malvertising and/or SEO poisoning, occasionally leading to more serious payloads like ransomware precursors that could lead to a serious attack if not detected.

Continue reading

Flaws in ChatGPT extensions allowed access to sensitive data

New threat research from Salt Labs has uncovered critical security flaws within ChatGPT plugins, highlighting a new risk for enterprises.

Plugins provide AI chatbots like ChatGPT with access and permissions to perform tasks on behalf of users within third party websites. For example, committing code to GitHub repositories or retrieving data from an organization's Google Drives.

Continue reading

Humans represent the biggest security gap

According to a new report, 74 percent of all cyber breaches are caused by human factors, including errors, stolen credentials, misuse of access privileges, or social engineering.

More than two-thirds believe employees are putting the organization at risk through the misuse of email, oversharing company information on social media, and careless web browsing. This highlights the need for staff to receive better training on the risks.

Continue reading

Bridging the gap between development and security teams [Q&A]

Couple with laptops

Friction and lack of communication between development and security teams can lead to problems in software development and testing.

How can we bridge the gap between developer and security teams and help them see that they have common goals? We spoke to Scott Gerlach, CSO and co-founder of StackHawk, the company making web application and API security testing part of software delivery, to find out.

Continue reading

Fake web traffic gets more sophisticated

Fake/genuine

Bots have been around for a long time, but they're now much more sophisticated, capable of mimicking human behavior, evading detection, and perpetrating a wide range of malicious activities.

A new report from CHEQ shows that latest bots are able to scrape data without permission, inflate engagement metrics, commit fraud, and compromise the security and integrity of websites, mobile apps, and APIs.

Continue reading

Centralizing observability saves businesses time and money

binoculars lomg term view

Observability is key to allowing organizations to manage their systems effectively, helping improve performance, cut workloads and save money.

Grafana has released its latest Obervability Survey, based on responses from over 300 industry practitioners which shows that 70 percent of teams are using four or more observability technologies.

Continue reading

Managing spending is the biggest cloud challenge

cloud cost

For the second year running managing cloud spending is the top challenge facing organizations, according to the latest Flexera State of the Cloud Report.

The survey of over 750 respondents shows more than a quarter of them spend over $12 million a year on cloud (29 percent), and 22 percent spend that much on SaaS.

Continue reading

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.