Ian Barker

Current AI models can perform many tasks such as generating text, but these are 'prompted' -- that is the AI isn't acting by itself. But this is about to change with the arrival of agentic AI.

Gartner estimates that by 2028, 33 percent of enterprise software applications will include agentic AI, up from less than one percent in 2024, enabling 15 percent of day-to-day work decisions to be made autonomously.

Continue reading →

Midsize companies are actively rethinking their virtual desktop infrastructure (VDI) and Desktop-as-a-Service (DaaS) strategies, with cost, complexity, and IT resource demands driving urgent change.

A new report from Parallels shows 63 percent of midsize companies are actively seeking new VDI or DaaS solutions to reduce costs and streamline IT management.

Continue reading →

A new report reveals that 73 percent of UK fraud professionals report that online fraud has negatively affected their company's revenue in the past year.

The UK Fraud Industry Pulse Survey from Veriff shows 72.5 percent of businesses have seen an increase in online fraud over the past 12 months.

Continue reading →

A new report from Zafran Security shows that enterprise risk management is shifting from volume to value, and from patching everything to fixing what matters most.

The study, carried out by Foundry MarketPulse, reveals that only one in 50,000 vulnerabilities actually pose a critical risk -- and the ones getting exploited the most are often old, quiet, and ignored.

Continue reading →

Generative AI is already defeating traditional identity verification (IDV) methods like knowledge-based authentication, 2FA, and more.

This shift is likely to see the acceleration of new forms of IDV in 2025 that place a greater emphasis on ensuring they're both more secure and easy for people to use. This will result in a convergence of customer identity and access management (CIAM) which essentially gives customers more control over their identity and verification.

Continue reading →

The latest revision to the PCI DSS standard for protecting payment data, PCI DSS 4.0.1, was announced last year and came into force last month.

But what do these new requirements mean for businesses? We spoke to Simon Wijckmans, CEO at web security platform c/side, to find out.

Continue reading →

A new survey of more than 1,000 IT and security professionals carried out for Cayosoft finds that 88 percent of enterprise hybrid Active Directory environments have critical vulnerabilities.

Microsoft Active Directory is a key element of enterprise IT, but the 2025 Active Directory Insights report identifies glaring gaps in resilience, security, and operational efficiency that could leave critical systems exposed to attack.

Continue reading →

Cybercriminals are pivoting to stealthier tactics, with lower-profile credential theft spiking, while ransomware attacks on enterprises have declined.

These are among the findings of a new report from IBM X-Force which also observes an 84 percent increase in emails delivering infostealers in 2024 compared to the previous year, a method threat actors rely heavily on to scale identity attacks.

Continue reading →

As enterprises turn to increasingly sophisticated AI applications and agentic AI workflows, the large cloud footprint required to support such complex systems has become critically difficult to secure.

To address this issue Operant AI is launching AI Gatekeeper, a runtime defense platform designed to block rogue AI agents, LLM poisoning, and data leakage wherever AI apps are deployed, securing live AI applications end-to-end beyond Kubernetes and the edge.

Continue reading →

Analysis of over 17,000 enterprise-used mobile apps by Zimperium zLabs finds that 92 percent of all apps and 56 percent of the top 100 apps use flawed cryptographic methods that could be putting organizations at risk.

Even more concerning, five percent of top 100 apps were found to have high-severity cryptography flaws including hardcoded keys and outdated algorithms.

Continue reading →

The CVE (Common Vulnerabilities and Exposures) database is widely used across many cybersecurity tools, allowing the tracking of vulnerabilities.

The CVE program has been in existence for 25 years but today MITRE -- the non-profit organization which looks after the database -- has announced that its contract with the US Department of Homeland Security to operate the CVE Program hasn't been renewed.

Continue reading →

Agentic AI has been in the news quite a bit of late, but how should enterprises expect it to impact their organizations?

We spoke to Mike Finley, CTO of AnswerRocket, to discuss Agentic AI's benefits, use cases and more.

Continue reading →

The latest annual Microsoft Vulnerabilities Report from BeyondTrust, reveals a record-breaking number of reported vulnerabilities last year.

Total vulnerabilities reached an all-time high of 1,360 in 2024, an 11 percent increase from the previous record of 1,292 in 2022. Elevation of Privilege (EoP) vulnerabilities comprised 40 percent of all those reported.

Continue reading →

Despite being present on virtually every employee's browser, extensions and plug-ins are rarely monitored by security teams or controlled by IT and a new report shows that could be leaving enterprises at risk.

The study from LayerX Security combines statistics from real-life usage data from enterprise users, with data available from public extension stores to reveal how organizations and employees interact with extensions, the associated risks and security blind spots.

Continue reading →

New research shows that only 29 percent of all organizations say their compliance programs consistently meet internal and external standards.

The report from Swimlane reveals that fragmented workflows, manual evidence gathering and poor collaboration between security and governance, risk and compliance (GRC) teams are leaving organizations vulnerable to audit failures, regulatory penalties and security gaps.

Continue reading →