Ian Barker

New research, from ICS/OT cybersecurity firm SynSaber, has analyzed over 900 CVEs reported in industrial control systems in the second half of 2022 and finds that 35 percent have no patch or remediation available.

Only 56 percent of the CVEs have been reported by the original equipment manufacturer (OEM), while 43 percent have been submitted by security vendors and independent researchers. A firmware update is required to fix 33 percent.

Continue reading →

The role of the CISO has always been a somewhat secondary one in terms of the overall big picture of running a business.

However, a new study from cybersecurity company Coalfire shows that the CISO role is maturing quickly, and gaining more of a voice in the boardroom.

Continue reading →

The advent of quantum computing offers a serious threat to the safety of encrypted information. But current post-quantum cybersecurity (PQC) solutions either can't reach edge devices like laptops and mobile phones or required software installation on these devices which is cumbersome and hard to manage.

Now though QuSecure is launching a new solution for protecting encrypted private data on any website or mobile application with quantum-resilient connections and sessions, all with no end-user installation required.

Continue reading →

As we enter 2023, factors such as an uncertain economy, inflation, the fear of a recession, hiring freezes and layoffs, and supply chain issues continue to take their toll on businesses -- impacting not only daily operations, but budgets for the new year.

When it comes to cybersecurity spending, in particular, Curtis Fechner, engineering fellow, threat management at Optiv, says many executives expect their budgets to be unchanged in 2023, which is a best case scenario as the risk of cuts amid an uncertain economy and business landscape looms large.

Continue reading →

As businesses adopt more complex hybrid IT environments and raise budgets to fend off cyberattacks, as well as keep up with production environments diversifying across various clouds, a new study finds that IT leaders increasingly feel they aren't sufficiently protected.

The latest Data protection Trends Report from data protection specialist Veeam Software shows that a top priority of organizations this year is improving reliability and success of backups, followed by ensuring that Infrastructure as a Service (IaaS) and Software as a Service (SaaS) protection is equal to the protection they rely on for datacenter-centric workloads.

Continue reading →

New research from Node4 into the IT priorities of mid-market businesses in the UK shows hybrid cloud adoption has increased by 11 percent since last year.

Inflationary pressures have led to a re-examination of cloud adoption models and a desire to access more predictable, stable costs -- as well as a wider choice of pricing models. Hybrid cloud is seen as a viable long-term, and potentially more flexible, option that combines the best aspects of public and private cloud.

Continue reading →

Last year saw zero day vulnerabilities being actively exploited in the wild across many of the major web browsers.

For businesses that allow their users to choose which browser they use this is a problem due to the frequency of vulnerabilities. We spoke to Ofer Ben-Noon, co-founder and CEO at Talon Cyber Security and former member of the Israeli intelligence community, to find out more about the current threat landscape and how firms can secure their browsers.

Continue reading →

Open banking first began to roll out in 2018, following the introduction of the PSD2 legislation in the UK, but five years on new research finds that most consumers still don't understand what it is, and the vast majority don't believe that it's safe.

The study from NTT DATA shows 58 percent of UK consumers still don't understand what open banking is, while just 16 percent believe that it's completely safe.

Continue reading →

When threat actors evaluate a company's attack surface, they're not thinking in terms of organizational silos. They're probing for the right combination of vulnerabilities, misconfigurations and identity privileges.

It follows that security organizations shouldn't be operating in silos either. Defenders risk playing into the hands of attackers as organizations struggle with reactive and siloed security programs. Having a sprawl of point tools generates heaps of fragmented data but offers few insights.

Continue reading →

A new set of zero trust email security solutions from Cloudflare are aimed at protecting employees from multichannel phishing attacks, preventing sensitive data from being exfiltrated via email, and helping businesses speed up and simplify deployments,

Compatible with any email provider, the protection is integrated into Cloudflare's platform, helping to secure all of an organization's applications and data.

Continue reading →

New research from cybersecurity company Naoris Protocol finds 48 percent of people surveyed think criminals who break into computer networks with malicious intent should be paid a percentage of the funds they steal and face no prosecution if they return the majority of their spoils.

The survey of over 500 people working in the cybersecurity and web arenas found just 38 percent saying they disagreed with not prosecuting malicious hackers, while 13 percent were unsure.

Continue reading →

According to a new report, 73 percent of business leaders think responsible technology use will become as important as business or financial considerations when making tech decisions.

The study from Thoughtworks is based on a survey of 550 senior executives from nine countries around the world. When asked about the tangible business benefits of adopting responsible technology, the top response was better customer acquisition/retention (47 percent).

Continue reading →

More than nine in 10 IT leaders have invested in process automation over the past year, and 91 percent say their organization plans to increase investment in process automation over the next 24 months, compared with 88 percent when asked the same question a year ago.

These findings come from a new report published today by Camunda, based on research carried out by Regina Corso Consulting, but the study also finds there are concerns, as 69 percent say that as more tasks become automated, it's harder to visualize end-to-end processes.

Continue reading →

Just as machinery becomes less reliable as it gets older and people develop more health issues with age, so it seems software is more likely to have security flaws later in its life.

A new report from security testing company Veracode shows that while 32 percent of applications are found to have flaws at the first scan, by the time they have been in production for five years, nearly 70 percent contain at least one security flaw.

Continue reading →

Personal employee or customer data accounted for nearly half (45 percent) of all data stolen between July 2021 and June 2022 according to the latest report from Imperva.

Companies' source code and proprietary information accounted for a further 6.7 percent and 5.6 percent respectively. On a more positive note, the research finds that theft of credit card information and password details has dropped by 64 percent compared to 2021.

Continue reading →