Ian Barker

One of the risks AI teams face is sensitive data lurking where it shouldn't be -- risks that are increasing as the volume unstructured data grows across all industries, a situation made worse still by GenAI.

Unstructured data management specialist Komprise is launching new sensitive data detection and mitigation capabilities to help organizations prevent the leakage of PII and other sensitive data to AI and reduce the risk of potentially ruinous data breaches.

Continue reading →

It's not exactly Big Brother, but a new analysis of Chrome extensions from Incogni reveals that 67 percent collect user data, and 41 percent collect personally identifiable information (PII), including sensitive details like credit card numbers, passwords, and location data.

Extensions like Grammarly, which make writing almost anything effortless, or Vetted, which act as online shopping assistants, are quickly becoming essentials of everyday life. But because many users trust Google's ecosystem, they also assume that third-party extensions vetted through the Chrome Web Store are equally safe.

Continue reading →

A new report reveals that APIs have emerged as the predominant attack surface over the past year, with AI being the biggest driver of API security risks.

The survey from Wallarm, of 200 US-based enterprise leaders on AI and API security, finds over 53 percent report engaging in multiple AI deployments. These deployments are primarily enabled by API technology, cementing APIs as the foundation of enterprise AI adoption. However, while AI integration drives rapid API adoption across industries, it also introduces unique risks.

Continue reading →

As AI reshapes business operations, companies are facing new challenges around cost uncertainty, security, and data integrity. The rise of hybrid cloud strategies -- combining private clouds with public infrastructure -- is becoming a key approach to addressing these concerns.

While enterprises focus on cost control, safeguarding sensitive corporate data, and preventing AI-driven data leakage, they are also trying to leverage LLMs to exploit data in the public cloud while retaining sensitive data in private clouds that they control.

Continue reading →

The percentage of organizations considering alternatives to Oracle Java has jumped significantly from 72 percent in 2023 to 88 percent today.

The Azul 2025 State of Java Survey and Report finds 99 percent of enterprises are using Java. The top reasons given for considering a migration away from Oracle Java include cost (42 percent), preference for open-source (40 percent), Oracle sales tactics (37 percent), uncertainty created by ongoing changes to pricing and licensing (36 percent), and restrictive Oracle policies (33 percent).

Continue reading →

While 51 percent of organizations rely on their security teams to manage AI risks, 33 percent say that they either lack a dedicated role or are unsure who holds responsibility for AI risk management.

A new report from Wing Security and the Cloud Security Alliance also highlights that only 44 percent of organizations prioritize protecting all their sanctioned applications, while a mere 17 percent include unsanctioned ones as a priority.

Continue reading →

The increased connectivity of business systems and devices is making it harder for organizations to defend against ransomware attacks according to a new report.

The study from Illumio, with research conducted by the Ponemon Institute, shows organizations perceive the cloud and endpoints as being the most vulnerable, and 34 percent say a lack of visibility across hybrid environments makes it difficult to respond to ransomware attacks.

Continue reading →

Fears of a data breach dominate consumer concerns, with 64 percent naming breaches as their top privacy worry.

A new report, based on responses from almost 2,500 people around the world, released by Acronis to mark this year's Data Privacy Day, shows that in spite of heightened awareness 25 percent of respondents have experienced data theft or loss and 12 percent remain unsure if they've been breached, underlining the hidden nature of many cyberattacks.

Continue reading →

Today has seen millions of dollars wiped off US market tech stocks by the launch of DeepSeek, the latest Chinese AI that threatens US dominance in the sector.

This is partly because DeepSeek can run on much less powerful hardware than rivals such as OpenAI's o1. DeepSeek also says that its v3 model, released in December, cost less than $6 million to train, less than a tenth of what Meta spent on its most recent system.

Continue reading →

Reported security incidents in critical infrastructure worldwide have grown by 668 percent since 2022 according to a new report from Forescout.

There have been 10 percent more incidents for critical infrastructure sectors than in 2023 and more than half of all incidents (57 percent) affected critical infrastructure sectors. Network infrastructure devices (routers, firewalls, VPNs, etc.) are the second largest category and increased from three percent (2022) to 11 percent (2023) and now 14 percent (2024).

Continue reading →

A new report from Obsidian Security reveals an unprecedented 300 percent year-on-year increase in SaaS breaches between September 2023 and 2024.

This surge comes as organizations increasingly rely on SaaS applications with current spend on SaaS in the hundreds of billions, or approximately $8,700 per employee for tools such as Workday, Google Workspace, ServiceNow, and Office 365.

Continue reading →

Following a number of high-profile cybersecurity incidents in 2014 CISOs are reassessing their organization's readiness to manage a potential chaos of a full-scale cyber crisis.

New data from Hack The Box shows many CISOs -- based on a sample of 200 across the UK and US -- are concerned about their organization's ability to handle a cyber crisis. This is down to a number of reasons, the rising volume of cyber incidents (31 percent), lack of incident response planning (20 percent), and a lack of realistic, stress-tested crisis simulations (19 percent).

Continue reading →

Over the past decade, cloud computing has emerged as a transformative force, promising unprecedented efficiency and scalability.

However, despite the rush for businesses to adopt this technology, many cloud projects still fail to meet their stated objectives

Continue reading →

A new report finds that 80 percent of organizations are using or planning to adopt passkeys, as they offer a significant reduction in risks like phishing and credential stuffing, compared to traditional passwords.

However, the study from Keeper Security also finds that 40 percent of businesses continue to rely on hybrid authentication systems that blend both passwords and passkeys. These hybrid setups are often needed due to the use of legacy systems and specialized applications that have yet to support passkeys.

Continue reading →

Small and medium-sized businesses (SMBs) are facing an escalating onslaught of cyberattacks as they evolve in both sophistication and speed. Among the most insidious threats are ransomware variants like QakBot and Black Basta, which operate in the shadows, often slipping past the radar of law enforcement and the media.

The consequences of these attacks can be devastating, leaving SMBs exposed and unprepared, with the potential to disrupt operations, damage reputations, and incur significant financial losses.

Continue reading →