Ian Barker

A new report shows 89 percent of organizations suffered at least one security incident in the past three years. 52 percent experienced at least four, and 24 percent were victims of an extraordinary 11 incidents.

The 2024 Secure Infrastructure Access from Teleport surveyed 250 senior US and UK decision-makers, assessing enterprise performance in infrastructure access security, dividing respondents into three groups based on a number of factors.

Continue reading →

Malicious actors have been quick to exploit AI, but often security teams are under-equipped with AI solutions to ensure adequate defense.

Red Sift is launching an upskilled LLM assistant that identifies and diagnoses misconfigurations and exposures across email, domains, and internet-facing assets, supporting security teams to prevent incidents before they happen.

Continue reading →

A new report from IBM X-Force looks at the biggest risks enterprises are facing and highlights how attackers know that credentials are the keys to cloud environments, making them highly sought-after on dark web marketplaces.

Attackers are using phishing, keylogging, watering hole and brute force attacks to harvest credentials. Also dark web research highlights the popularity of infostealers, used to steal cloud platform and service-specific credentials.

Continue reading →

Quantum computing presents a substantial problem for securing systems because of its potential to crack existing encryption protocols.

However, the industry is beginning to gear up to face the threat. Tuta, the email provider with the world's first quantum-safe encryption for email, is now launching its new stand-alone encrypted calendar app.

Continue reading →

Compromised non-human identities have led to successful cyberattacks at that 66 percent of enterprises.

A new report from AppViewX, based on a survey of almost 370 IT, cybersecurity, and DevOps professionals by Enterprise Strategy Group (ESG), also shows 57 percent of the episodes where organizations suffered a successful attack tied to NHI compromises got the board of directors attention.

Continue reading →

A new report from Regula reveals that 49 percent of businesses globally have experienced deepfake scams involving either audio or video -- almost doubling the number of incidents since 2022.

The survey, of 575 business decision makers, shows a significant rise in the prevalence of video deepfakes, with a 20 percent increase in companies reporting incidents compared to 2022.

Continue reading →

The EU's latest Network and Information Security Directive (NIS2) comes into effect on October 18, but new research finds that although nearly 80 percent of businesses are confident in their ability to eventually comply with NIS2 guidelines, up to two-thirds say they will miss this imminent deadline.

The survey from Veeam Software, of over 500 IT decision-makers from Belgium, France, Germany, the Netherlands and the UK, shows 90 percent of respondents reporting at least one security incident that the NIS2 directive could have prevented in the past 12 months.

Continue reading →

The world is changing faster than ever, putting pressure on CFOs to create more value and be more strategic and collaborative.

Finance leaders are not only expected to understand the entire business, but they are also bogged down by the administrative work of backward-looking reporting and controls.

Continue reading →

A new report from OpenText finds that collaboration and coordination taking place between nation-states and cybercrime rings to target global supply chains and further geopolitical motives has become a signature trend in the threat landscape.

Russia has been seen to collaborate with malware-as-a-service gangs including Killnet, Lokibot, Ponyloader and Amadey, while China has entered into similar relationships with the Storm0558, Red Relay, and Volt Typhoon cybercrime rings, typically to support its geopolitical agenda in the South China Sea.

Continue reading →

Does AI impact software architecture? Or does software architecture impact AI? The answer of course is both, but how much of an overlap is there between the two?

To find out we spoke to Mike Loukides, vice president of emerging tech content at O'Reilly, about how software architects can work with AI and avoid its more negative effects.

Continue reading →

Sharing is caring so the saying goes, but that shouldn't apply quite so much when applied to sensitive data. A new report from CybSafe shows 38 percent of employees admit to sharing sensitive information without the knowledge of their employer.

The study of over 7,000 individuals across the United States, UK, Canada, Germany, Australia, India and New Zealand, reveals workers are more connected than ever, with 53 percent of participants stating they're always online.

Continue reading →

Traditional processes for ensuring employees have the right levels of access to systems have come under strain and become harder to manage because of the spread of cloud-based software.

A new AI-powered identity governance and administration (IGA) platform from Zilla Security aims to tackle the long-standing challenge of managing hundreds of roles or group membership rules to ensure organizations give users job-appropriate access.

Continue reading →

A new survey from software delivery platform Harness finds that 66 percent of UK consumers think software companies releasing 'bad' code that causes mass outages is on par with, or worse than, supermarkets selling contaminated products that break laws on food safety.

The study of 2,000 UK consumers, conducted by Opinium Research, finds that 44 percent have been affected by an IT outage. 26 percent were impacted by the recent incident caused by a software update from CrowdStrike in July 2024.

Continue reading →

Cybercriminals are increasingly adopting a 'mobile-first' attack strategy to infiltrate enterprise systems by targeting weak, unsecured, and unmanaged mobile endpoints, recognizing mobile as a major entry point to corporate networks and sensitive data.

A new report from Zimperium zLabs shows a significant rise in mobile phishing -- or 'mishing' -- a technique that employs various tactics specifically designed to exploit vulnerabilities in mobile devices.

Continue reading →

It's usually the case that cybersecurity is seen as being all about technology and that humans -- making mistakes and falling for social engineering -- are something of a liability.

But are people really just a problem or can they also be part of the solution? Toney Jennings, CEO of DataStone, believes we need to shift our thinking away from the current paradigm to empowering people as a hidden asset in the protection of their organization. We talked to him to find out more.

Continue reading →