According to a new report 84 percent of respondents say their organization has experienced an identity-related breach in the last year, with 78 percent citing a direct business impact as a result.

The report, from the Identity Defined Security Alliance (IDSA), finds that 98 percent of respondents report that the number of identities is increasing, primarily driven by cloud adoption, third-party relationships and machine identities.

Continue reading →

The latest 2022 Cloud Salary Survey from O'Reilly shows that tech workers make more money in hybrid or remote work scenarios and gain increased salary and skills training through workplace learning.

It also shows that 20 percent of tech workers report they've already changed employers over the last year, and 25 percent of respondents are planning to find new employment with better compensation.

Continue reading →

It's reckoned that women make up only around a quarter of the cybersecurity workforce. And yet the women who do work in the sector are generally better qualified than their male counterparts.

Despite this there is still a clear divide across the technology sector generally, in both treatment and pay. So, is the cybersecurity sector under-utilizing female talent? And what advantages can a more gender diverse workforce deliver?

Continue reading →

Although ransomware remained the most common threat last year the number of new ransomware families and unique variants discovered in 2021 decreased significantly compared to previous years.

Researchers from WithSecure suggest that this could highlight a potential opportunity to disrupt the cybercrime ecosystem that's exacerbated the problem in recent years.

Continue reading →

According to a new report, 60 percent of enterprises have low confidence in their ability to manage attack surface risk.

The study from technology management firm Oomnitza finds businesses increasingly dealing with a hybrid workplace, hybrid cloud, and digital business growth, which makes the ability to manage cyber risk more challenging.

Continue reading →

The widespread use of open source software within modern application development leads to significant security risks, according to a new report.

The research from developer security firm Snyk and the Linux Foundation finds 41 percent of organizations don't have high confidence in their open source software security.

Continue reading →

Why do development projects fail? And perhaps more importantly what do senior management need to understand about why they fail? Those are the questions that a new study from AI platform vFunction sets out to answer.

Based on a survey by Wakefield Research of 250 US software developers and architects, at a senior level within enterprises of 5,000 or more staff, it looks at the differences in goals, challenges and reasons for failure between business leaders and architects.

Continue reading →

New managed detection and response (MDR) offerings launched by Trustwave aim to give organizations real-time 24x7 monitoring of their hybrid multi-cloud environments for active threats and anomalies.

Trustwave MDR and Trustwave MDR Elite are backed by a team of global threat operators, threat hunters, and malware experts. Clients also get a free subscription to Trustwave Security Colony -- a battle-tested resource specifically built for CISOs that includes toolkits, guidelines, playbooks, and assessment capabilities.

Continue reading →

The Great Resignation has hit the IT industry harder than most, with recent figures from Gartner suggesting only 29 percent of global IT workers have a ‘high intent’ to stay in their current role.

AI is sometimes blamed for reducing the number of jobs, but could a democratization of AI in the workplace help retain staff by giving them the skills to be more involved in the flow of work?

Continue reading →

Website pop-ups asking you to consent to cookies have become a regular -- if irritating -- feature for European internet users since the introduction of GDPR in 2018.

As part of a post Brexit shake up of data law the UK government has announced that its Data Reform Bill will cut down on the number of times these 'user consent' boxes will be shown.

Continue reading →

We've become familiar with the widespread use of ransomware, but researchers at Rapid7 have been examining the rise of a newer phenomenon, 'double extortion'.

Pioneered by the Maze ransomware group, double extortion involves cybercriminals collecting files before encrypting them. Then if the target organization refuses to pay they threaten to release sensitive information.

Continue reading →

Edge computing is aimed at bringing computing power closer to the source of data, such as IoT devices. It's increasingly being seen as an alternative to traditional data center and cloud models.

Stewart McGrath is the CEO at Section, a global Edge as a Service (EaaS) provider that helps organizations improve availability of their containerized application workloads in the cloud. We spoke to him to find out how and why companies are moving applications out to the edge.

Continue reading →

Choosing a partner business with a poor security posture makes an organization 360-times more likely to be at risk compared to choosing a top security performer, according to a new study.

The risk surface research from Cyentia Institute and RiskRecon shows that single demographic factors, such as industry, size and region, aren't enough to assess the risk posed by third parties.

Continue reading →

New research shows that 85 percent of companies are modernizing their applications to a microservices architecture.

The study from Solo.io and ClearPath Strategies reveals that 56 percent of organizations with at least half of their applications on a microservices architecture have faster development cycles, with daily or more frequent releases.

Continue reading →

Only 16 percent of respondents to a new survey have a fully mature identity and access management (IAM) strategy in place, yet 56 percent have experienced identity-related incidents in the last three years.

The study carried out by the Ponemon Institute for enterprise identity specialist Saviynt shows that the 84 percent without a mature strategy are currently dealing with inadequate budgets, programs stuck in a planning phase, and a lack of senior-level awareness.

Continue reading →