Ian Barker

Breaches decline as confidence in cybersecurity grows

security meter

When major cybersecurity incidents make the headlines it's easy to assume that defenders are fighting a losing battle, but in fact a new report from threat intelligence company DomainTools shows that in breaches are down and confidence in security programs is up.

More than 500 cybersecurity professionals were surveyed and the results show 30 percent of respondents gave their program an 'A' grade this year, doubling over two years from 15 percent in 2017. Less than four percent reported a 'D' or 'F'.

Continue reading

Cybercriminals target shopping apps ahead of Black Friday

Shopping cart key

A new report from attack surface management company RiskIQ shows attackers will leverage popular brands and unsafe consumer shopping habits in the run up to the peak holiday shopping period.

Of all apps that can be found by searching for terms related to holiday shopping, 951, or two percent, are blacklisted as malicious -- a 20 percent increase.

Continue reading

Businesses need to get the data privacy balance right

Data privacy

With multiple privacy regulations and laws having gone into effect over the past year or so and more on the way affecting both consumers and business alike, it’s no wonder people are sometimes confused about how their personal data can be used.

Cisco is releasing the findings of its 2019 End-User Privacy Study, highlighting the top areas where consumers continue to struggle to understand how companies are handling their personal data, and how far data privacy trust has progressed.

Continue reading

Third-party access management leaves organizations exposed

Login screen

A survey of more than 1,000 IT security professionals exposes shortcomings in organizations' approach to managing third-party user identity and access that could leave them vulnerable to compromise.

The study by Dimensional Research for One Identity finds that while 94 percent of organizations grant third-party users access to their network, 61 percent admit they are unsure if those users attempted to or successfully accessed files or data they are not authorized to see.

Continue reading

IT professionals are still keen to embrace the cloud

Cloud growth arrow

Of organizations with on-premise data centers, 88 percent plan on moving at least some of their workloads to the cloud, managed hosting or co-location in the next three years.

This is one of the findings of a new State of IT Infrastructure Management report from data center and cloud solutions firm INAP, which also finds 38 percent of IT professionals expect to see a reduction in their on-premise workloads by 2022.

Continue reading

Transport, legal and banking sectors hardest hit by cyberattacks

Cyber attack

Organizations are being targeted by a mixture of simple, low effort and low-cost attacks along with more sophisticated, targeted campaigns, according to the latest quarterly Threat Intelligence Report from security and compliance specialist Mimecast.

Based on analysis of over 200 billion emails, the report looks at the four main categories of attack types discovered in the quarter: spam, impersonation, opportunistic, and targeted. This quarter's report finds that impersonation attacks are on this rise, accounting for 26 percent of total detections -- and now include voice phishing or 'vishing.'

Continue reading

Google and Fortanix deliver external key management for public cloud

cloud key

Migrating sensitive data to the cloud inevitably raises concerns surrounding compliance and security. Most turn to encryption as a solution, but that in itself raises issues over key management.

While many cloud service providers have allowed customers to bring their own keys (BYOK), Google Cloud Platform is linking up with the Fortanix Self-Defending Key Management Service (SDKMS) to become the first public cloud provider to enable customers to bring their own key management system (BYOKMS).

Continue reading

Increased use of software bots opens up security risks

robot keyboard

Software bots are being used to automate repetitive processes in two thirds of businesses, but this can present risks depending on how properly their access to data is governed.

New research from SailPoint finds many organizations do not have the correct oversight into their day-to-day bot activities. Only five percent of respondents say they have 100 percent of bots, and their access, accounted for in their identity process.

Continue reading

Security companies and domestic violence organizations join in Coalition Against Stalkerware

Stalker

Ten organizations including Avira, the Electronic Frontier Foundation, Kaspersky, Malwarebytes and NortonLifeLock, have joined in a global initiative called the Coalition Against Stalkerware.

Stalkerware programs carry the possibility for intrusion into a person’s private life and are being used as a tool for abuse in cases of domestic violence and stalking. By installing these apps, abusers can get access to their victim's messages, photos, social media, geolocation, audio or camera recordings, and in some cases, this can be done in real-time.

Continue reading

Millions of smartphones could be vulnerable to Android camera hack

Phone lock

The camera applications within Google, Samsung and other Android smartphones could be vulnerable to attack, according to some new research.

Researchers at security platform Checkmarx found that in certain circumstances adversaries can take over smartphone camera apps to record videos, take photos, eavesdrop on conversations, and identify GPS coordinates, all without the user knowing.

Continue reading

New solution uses the cloud to simplify identity management

identity verification

Digital identity platform ForgeRock is launching an Identity Platform-as-a-Service solution to help developers embed modern identity capabilities into their apps.

ForgeRock Identity Cloud provides a full suite of capabilities for identity requirements in any business environment utilizing the same APIs and SDKs as the ForgeRock Identity Platform, so customers can use ForgeRock in any deployment model, on premises, hybrid cloud, public cloud, or as-a-service.

Continue reading

Old equipment leaves enterprises at risk of data breaches

old scrap computers

New research launched today by data erasure and mobile device diagnostics specialist Blancco Technology Group finds end-of-life devices are leaving businesses at risk of data breaches.

The survey of 1,850 senior leaders from the world's largest enterprises in APAC, Europe and North America finds 73 percent agree that the large volume of different devices at end-of-life leaves their company vulnerable to a data security breach, while 68 percent say they are very concerned about the risk of data breach from this equipment.

Continue reading

Chaos engineering platform improves Kubernetes container reliability

Container development

Kubernetes is one of the leading choices for container users, but its benefits of scalability and abstraction also lead to increased complexity, which can make companies reluctant to deploy the technology.

Chaos engineering platform Gremlin is launching support for Kubernetes -- Docker support was launched last year -- so engineers can now use Gremlin to automate the process of identifying and targeting Kubernetes primitives such as nodes and pods, to find issues that can prove difficult to pinpoint at a given moment.

Continue reading

Consumers worry about fraud risk from support desk calls

Phone worry

Almost a third of US consumers (31 percent) think they are at risk of fraud when contacting a brand's customer service department, with 47 percent saying it's because they have to share personal information with a customer service agent.

In another report released for International Fraud Awareness Week, the Sitel Group and CallMiner have looked at consumers' experience and concerns around customer service fraud, voice assistants and information security.

Continue reading

Poor security habits leave Americans vulnerable to fraud

Written passwords

Despite high profile data breaches in 2019 and 33 percent of respondents having been a victim of fraud or identity theft, when asked if they update or change passwords following a data breach at a firm they deal with, 28 percent say only sometimes and nine percent say they don't update their passwords at all.

This is one of the findings of a Shred-it report for International Fraud Awareness Week which highlights the need for improvements in both digital and physical security.

Continue reading

© 1998-2019 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.