Ian Barker

Enterprises are grappling with an increasing compliance burden, subject to multiple frameworks and more regulatory mandates that stretch resources and drive-up costs.

Misconfigurations can further complicate things, often leading to non-compliance and regulatory penalties. Plus time-consuming tasks like auditing, reporting, and system remediation are prone to human error.

Continue reading →

A new study shows that 92 percent of IT leaders believe the new era of digital transformation will increase digital friction and that less than half (47 percent) of employees have the requisite digital dexterity to adapt to technological changes.

The report from digital employee experience (DEX) specialist Nexthink, based on a survey of 1,100 IT decision makers worldwide, shows a further 88 percent expect workers to be daunted by new technologies such as generative AI.

Continue reading →

A new study from Backslash Security looks at seven current versions of OpenAI's GPT, Anthropic's Claude and Google's Gemini to test the influence varying prompting techniques have on their ability to produce secure code.

Three tiers of prompting techniques, ranging from 'naive' to 'comprehensive,' were used to generate code for everyday use cases. Code output was measured by its resilience against 10 Common Weakness Enumeration (CWE) use cases. The results show that although secure code output success rises with prompt sophistication all LLMs generally produced insecure code by default.

Continue reading →

Security teams know they need to test their main applications, but they often struggle to identify which other assets to cover. On average, organizations can miss testing nine out of 10 of their complex web apps.

Security testing platform Detectify is announcing the launch of its new Asset Classification and Scan Recommendations capabilities which enable organizations to easily identify and swiftly act on their complex web applications.

Continue reading →

A new report from API and AI security solutions company Wallarm finds that of around 4,700 security issues analyzed in Agentic AI projects, 49 percent were API-related, underscoring the inseparable nature of agent and API security.

The report also finds that over 1,000 issues in Agentic AI repositories remain unaddressed. 22 percent of reported security issues remain open too, with some lingering for 1,200-plus days, highlighting a critical gap between vulnerability discovery and remediation.

Continue reading →

The ArcoLinux project is winding down after eight years because its project lead is beginning to feel his age.

Announcing the move in a blog post, Erik Dubois says the ArcoLinux community will discontinue its distribution and related projects.

Continue reading →

In today's fast-paced digital landscape, many product teams are under pressure to deliver payment solutions faster while ensuring accessibility and security across platforms.

To help address these industry needs, payments company Visa is announcing today that for the first time its Visa Product Design System (VPDS), an all-encompassing platform within the Visa technology stack designed to improve the product design and development process, will be publicly available.

Continue reading →

Deepfake-driven social engineering attacks continue to gain momentum but technical solutions to the issue have so far been slow to emerge.

A recent study from IRONSCALES found that traditional Secure Email Gateways (SEGs) fail to stop an average of 67.5 phishing attacks per 100 mailboxes every month. The company is announcing the launch of a new product offering deepfake protection for enterprise email security.

Continue reading →

New research shows that 71.7 percent of workplace AI tools are high or critical risk, with 39.5 percent inadvertently exposing user interaction/training data and 34.4 percent exposing user data.

The analysis from Cyberhaven draws on the actual AI usage patterns of seven million workers, providing an unprecedented view into the adoption patterns and security implications of AI in the corporate environment.

Continue reading →

A new survey of 2,300 adults worldwide reveals that 79 percent of Gen Z believe reusing the same password across multiple accounts is risky, however, 72 percent still admit to doing so.

The study from Bitwarden ahead of next Thursday's World Password Day also shows 59 percent of Gen Z admit to reusing an existing password when updating an account with a company that has experienced a data breach, this is compared to just 23 percent of Boomers.

Continue reading →

As artificial intelligence finds its way into more and more areas there are concerns around accuracy, security, jobs and more.

Addressing these means organizations will need to fill some new roles. To find out what they are and what impact they will have we spoke to Aimei Wei, chief technical officer and co-founder of Stellar Cyber, to get her views on the AI hiring market.

Continue reading →

Malicious actors are increasingly exploiting email to impersonate brands, launch phishing campaigns, and spread false information -- often using sophisticated methods made simpler by emerging technologies.

A new report from Valimail shows that email continues to be the most exploited attack vector for cybercriminals and disinformation campaigns, with artificial intelligence dramatically increasing the sophistication of these threats.

Continue reading →

New research commissioned by Valence Security from the Cloud Security Alliance looks at the current state of SaaS security to uncover key challenges and explore how organizations are securing and managing their SaaS environments.

It finds SaaS security is a top priority for 86 percent of organizations, with 76 percent of respondents saying they are increasing their budgets this year.

Continue reading →

Current AI models can perform many tasks such as generating text, but these are 'prompted' -- that is the AI isn't acting by itself. But this is about to change with the arrival of agentic AI.

Gartner estimates that by 2028, 33 percent of enterprise software applications will include agentic AI, up from less than one percent in 2024, enabling 15 percent of day-to-day work decisions to be made autonomously.

Continue reading →

Midsize companies are actively rethinking their virtual desktop infrastructure (VDI) and Desktop-as-a-Service (DaaS) strategies, with cost, complexity, and IT resource demands driving urgent change.

A new report from Parallels shows 63 percent of midsize companies are actively seeking new VDI or DaaS solutions to reduce costs and streamline IT management.

Continue reading →