Ian Barker

A new report from Fortinet reveals that despite organizations increasing their data security budgets by 72 percent last year, insider-driven data incidents continue to surge, with 77 percent of companies experiencing at least one breach in the past 18 months.

The study, conducted with Cybersecurity Insiders, exposes a critical disconnect, while security leaders are adopting smarter strategies and securing stronger funding, traditional data loss prevention (DLP) tools are failing to protect against today's sophisticated threats in cloud-heavy, distributed work environments.

Continue reading →

New research reveals that while organizations have nearly doubled their overall AI investment to $27 million (up from $14.7 million in 2024) and 87 percent report that the ROI on their AIOps initiatives has met or exceeded expectations, however, only 12 percent of AI projects have reached full enterprise-wide deployment.

The survey, of 1,200 business decision-makers, IT leaders, and technical specialists, from Riverbed shows organizations report facing several significant barriers to AI implementation. The majority are not fully prepared to roll out AI projects, with challenges including persistent issues with data quality and a gap between leadership optimism and the technical realities of implementation.

Continue reading →

A new report from AI-powered managed extended detection and response company Ontinue shows a sharp rise in MFA-bypassing identity attacks in the first half of the year.

These attacks are using token replay abuse with roughly 20 percent of live incidents involving adversaries reusing stolen refresh tokens to bypass MFA, even after password resets.

Continue reading →

There’s been an 88 percent increase in hardware vulnerabilities amid a proliferation of IoT devices, and 81 percent of security researchers have encountered new hardware vulnerabilities in the past 12 months.

New attack vectors and often forgotten targets like APIs and hardware are vulnerable and should be a key focus for CISOs today according to a new report from crowdsourced security company Bugcrowd, which shows organizations face growing challenges as applications go through multiple development cycles under pressure to release features quickly, often aided by AI-assisted coding.

Continue reading →

Phishing has overtaken all other vectors as the leading entry point for ransomware, cited by 35 percent of affected organizations, up sharply from 25 percent in 2024.

This is one of the findings of a new report from SpyCloud which also shows that 85 percent of organizations were affected by ransomware at least once in the past year, with nearly a third (31 percent) reporting six to 10 ransomware events in the last year.

Continue reading →

Enterprises face a growing volume and complexity of cyber threats which means security teams struggle with alert fatigue and managing a spread of tools.

Sumo Logic is launching a new agent-powered security operations tool to help automate routine tasks, streamline investigations, and give enterprise security teams the freedom and ability to focus on analyzing the biggest security issues facing their organization.

Continue reading →

The proliferation of different cybersecurity tools has created an operational crisis for organizations, with companies struggling to manage an increasing array of defensive technologies.

Organizations today are forced to juggle multiple tools, each with unique UI, costs, and maintenance headaches. They’re also often not able to buy the tools they need, because they are either too expensive or don't exist in the specific capacity they need.

Continue reading →

A new survey from cybersecurity incident response management (CIRM) specialist Cytactic finds 70 percent of cybersecurity leaders say internal misalignment following a cyberattack caused them more chaos than the threat actor itself, leaving many organizations paralyzed by breakdowns in authority, coordination, and clarity.

The report also finds that while 73 percent of leaders describe their response plans as ‘technically comprehensive,’ many admit those plans collapse under real-world pressure. In addition, 86 percent say ‘translation time’ between legal, communications, and technical teams causes costly delays, underlining that breaches are often derailed more by internal breakdowns than by attackers.

Continue reading →

Agentic AI is changing healthcare workflows by moving from passive data analysis to active orchestration of decisions.

But with this come risk. We spoke to Rajan Kohli, CEO of CitiusTech, to discuss how AI is changing healthcare and how organizations can prepare for its impact.

Continue reading →

A new survey of over 1,000 IT and security teams suggests that the more tools organizations deploy to solve problems, the more problems they create.

The study from Kandji finds that too many overlapping tools is an issue for 49 percent, gaps or breakdowns between tools is cited by 46 percent, and security risks due to poor integration by 41 percent. Siloed ownership or communication is a problem for 38 percent while the same percentage say that compliance and audits take too much time.

Continue reading →

A new report from compliance management company Strike Graph finds a worrying disconnect between the growing complexity of regulatory frameworks and organizations' confidence in their ability to manage them.

According to the report, potential errors (63 percent) and data security issues (50.5 percent) are the greatest concerns for respondents adopting AI in compliance processes. That may explain why only 10.6 percent have adopted advanced, agentic AI systems that are poised to revolutionize the governance, risk, and compliance (GRC) market.

Continue reading →

A new report shows that 60 percent of organizations use AI in the software testing process, compared to just 30 percent last year, but 80 percent lack in-house AI testing expertise.

The study from Applause, based on a global survey of more than 2,100 software development and testing professionals, finds 92 percent of organizations are finding it challenging to keep pace with rapidly changing requirements.

Continue reading →

New research released today by Claroty looks at the impacts of economic and geopolitical uncertainty on organizations' ability to protect their cyber-physical systems (CPS) environments.

Cyber-physical systems are those that overlap the cyber world -- things like industrial control and medical devices -- and may therefore slip below the radar of traditional cybersecurity approaches. The survey, of 1,100 infosecurity, OT engineering, clinical and biomedical engineering, and facilities management and plant operations professionals, shows concerns that economic policies and geopolitical tensions are adding to risk.

Continue reading →

The retail industry continues to be a top target for cyber criminals, retailers rely heavily on digital infrastructure to manage consumer data and operations so they remain an attractive target for attackers seeking financial or operational disruption.

The cyberattacks earlier this year hitting UK retail (Marks & Spencer, Co-op, Harrods) are the latest reminder that identity is still one of the weakest links.

Continue reading →

A new study finds 26 percent of surveyed organizations in the UK and US have fallen victim to AI data poisoning in the past year. This is where hackers corrupt the data that trains AI systems by planting hidden backdoors, sabotaging performance, or manipulating outcomes to their advantage.

The research from information security platform IO (formerly ISMS.online) surveyed over 3,000 cybersecurity and information security managers in the UK and US, and finds that that 20 percent of organizations have also reported experiencing deepfake or cloning incidents in the last year.

Continue reading →