Security Operations Centers (SOCs) aim to detect, investigate, remediate, and restore organizational systems to a fully functional, secure state, whether it's defending against insider threats, data exfiltration attempts, or malware attacks.

However, examining the daily issues faced by many SOCs reveals a concerning array of challenges that place increasing pressure on the work of SOCs and the dedicated professionals who manage them.

Continue reading →

Serious gaps in digital rights management could expose private and public sector organizations to security and compliance risks.

A new 'Sensitive Content Communications Privacy and Compliance' report from Kiteworks finds many organizations lack unified tracking, control, and security of private data that is sent, shared, and transferred with third parties, which creates significant risk of unauthorized access, both malicious and accidental.

Continue reading →

As the pandemic forced many businesses to adopt remote work, IT departments had to quickly adapt to new infrastructures and tools to support their employees from a distance.

But as hybrid working starts to become permanent businesses are reviewing their tech investments and seeking to provide a better remote user experience.

Continue reading →

Today's typical large organization is holding 35 petabytes of data across its systems and this is expected to double by 2025. But 75 percent of IT leaders are concerned that their current infrastructure won't be able to scale to meet this demand.

A new report, from infrastructure specialist Hitachi Vantara, shows that while technologies like generative AI are spurring a goldrush to greater insights, automation, and predictability, they are simultaneously putting pressure on the already-strained infrastructure and hybrid cloud environments on which they run.

Continue reading →

A new report reveals the most impersonated brands in phishing attacks for the first half of 2023, with Facebook taking the top slot, followed by Microsoft.

The report from email security company Vade, shows Facebook accounted for 18 percent of all phishing URLs and Microsoft for 15 percent. Taken together these two accounted for more unique phishing URLs than the next top five brands combined (Crédit Agricole, SoftBank, Orange, PayPal and Apple).

Continue reading →

The cyber talent shortage is a greater concern for CISOs than ongoing economic uncertainty, according to the latest Information Security Maturity Report from ClubCISO and Telstra Purple.

Insufficient staff is named as the top (51 percent) concern for CISOs when asked which factors most affect their ability to deliver against their objectives.

Continue reading →

Enterprises plan to invest $33 million in digital transformation projects in the next 12 months, according to a survey of 600 senior IT decision makers.

But the research, from database platform Couchbase, also finds a shift in priorities. 78 percent of IT decision makers confirm their main priorities for transformation have changed in the last three years, and 54 percent say their digital transformation focus has become more reactive to market changes and customer preferences, in order to help the wider organization stay agile.

Continue reading →

While 75 percent of organizations have made significant strides to upgrade their infrastructure in the past year and 78 percent have increased their security budgets, only two percent of industry experts are confident in their security strategies, according to a new report.

The study, from critical infrastructure protection specialist OPSWAT, also finds most organizations have embraced public cloud hosting for their web applications, with an overwhelming 97 percent already employing or planning to implement containerization.

Continue reading →

The latest 'In the Mind of a Hacker' report from Bugcrowd, which includes responses from 1,000 white hat hackers across 85 countries, finds 55 percent saying that generative AI can already outperform hackers or will be able to do so within the next five years.

But despite this, hackers aren't especially worried about being replaced, with 72 percent saying that generative AI will not be able to replicate the creativity of human hackers.

Continue reading →

While IT security leaders are concerned about attacks that use malware-exfiltrated authentication data, many still lack the necessary tools to investigate the security and organizational impact of these infections and effectively prevent follow-on attacks.

Research from cybercrime analytics company SpyCloud shows 98 percent of over 300 mid-market and enterprise IT security professionals from the US and UK surveyed say better visibility into at-risk applications would significantly improve their security posture.

Continue reading →

The pandemic changed the way we work, with more people working from home and fewer in the office. That meant we became much more reliant on tools like Slack and Teams in order to keep in touch with colleagues.

Even though some people are now going back to the office, reliance on these collaboration tools remains high. The dark side of this trend is that cybercriminals have noticed and are increasingly using them as vectors for phishing attacks.

Continue reading →

There's been a lot of buzz around the use of generative AI recently, but businesses have sometimes struggled to find appropriate use cases for the technology.

Today IBM is rolling out its enterprise-ready AI and data platform, watsonx, which the company first previewed back in May of this year.

Continue reading →

User authorization for access to data is complicated. Knowing who has access to what information is often difficult because of complex role hierarchies, different authorization models used for different technologies, and the variety of data that may be accessible across technologies and clouds.

Ben Herzberg, chief scientist at data security platform Satori, believes there's often a blindspot around authorization, but that the issue doesn't have to be as complex as it can seem. We talked to him to learn more.

Continue reading →

Mark Zuckerberg claims that some 30 million people have signed up for Meta's Threads app since its launch on Thursday.

You might be tempted to think, “He would say that,” but in the rush to join the new Twitter alternative are people overlooking the security and privacy implications of the app? Quite a few experts think so.

Continue reading →

Recent reports have shown that email is still the channel where enterprises are most vulnerable to attacks, in particular phishing.

But adding new browser-based layers of security protection can disrupt such killchains, for example by preventing phishing victims from accessing or engaging with spoofed sites. We spoke to Red Access co-founder and CTO Tal Dery to find out more.

Continue reading →