Identity solutions provider GlobalSign today celebrates the significant milestone of 25 years as a Certificate Authority (CA).

The company has grown from just a few employees in 1996 to become one of the world's top CAs -- as well as the longest operating -- with over than 550 employees in more than a dozen countries.

Continue reading →

A new technology agnostic and fully customizable security operating system that consolidates an organization's entire technology stack into a single pane of glass is being launched by managed security services company Nuspire.

Called myNuspire, it will give CISOs and security analysts a clear picture into the security program and posture of their organizations in real-time, together with on-demand threat intelligence capabilities.

Continue reading →

Developers are aware that they need to make their websites and apps accessible to as many people as possible, but actually achieving this aim can be a tough task.

To mark the tenth anniversary of Global Accessibility Awareness Day, IBM is launching a new multi-scan report tool as an update to the Accessibility Checker, part of the company's Equal Access Toolkit.

Continue reading →

A survey of 300 security leaders in the US by Scale Venture Partners shows 94 percent say that C-level executives have a better understanding of cybersecurity risks than a year ago.

This is probably due to the twin impacts of the pandemic and the SolarWinds attack. Half say they will increase security budgets to address the impact of SolarWinds, while 40 percent have increased their cyber headcount during the pandemic.

Continue reading →

Around 17.1 million people in the UK lack the essential digital skills (EDS) necessary for work, according to a new study.

The report from FutureDotNow, a coalition of leading organisations focused on accelerating the UK's workplace digital skills, finds only only 23 percent of employees report having any digital skills training from employers.

Continue reading →

The death of the password has been predicted for a long time, yet it remains the most common way of logging into systems.

Identity management company Beyond Identity is looking to solve what is one of the biggest challenges in IT security and aims to re-establish trust in authentication chains by finally eliminating passwords as the weakest link.

Continue reading →

There are many things to consider when it comes to making systems secure, but one thing that is often overlooked is the human angle.

George Finney, CISO, CEO and founder of Well Aware Security believes that cybersecurity is a people problem first and foremost -- people are the ones who write and employ processes and people are the ones who create and use technology. No surprise then that people are behind some 95 percent of cybersecurity incidents.

Continue reading →

A new study shows that 81 percent of development teams have knowingly pushed vulnerable code live, with 20 percent of senior managers even admitting to doing so often.

The report from Immersive Labs based on work by Osterman Research shows low confidence in application security in general, with only half of CISOs believing secure applications could be developed and just 44 percent of all security teams believing their company could withstand a SolarWinds style attack on their build environment.

Continue reading →

The transition to agile development, the rise of microservices, and an increased reliance on cloud services for business operations due to the pandemic have all contributed to an explosion in software development and a dramatic reduction in software delivery time.

But as the speed and complexity of application development skyrockets, application security professionals increasingly find themselves unable to keep up. Silicon Valley startup ArmorCode has produced a next-generation application security solution that consolidates three key AppSec needs into a single intelligent platform and it's raised $3 million in seed financing to develop it further.

Continue reading →

One of the problems the finance and banking sector has had during the pandemic has been reduced branch access and the inability to hold face-to-face meetings.

Identity specialist OneSpan has introduced a technology called Virtual Room. Using this, financial institutions and their customers can digitally review and sign documents together without having to combine multiple tools and apps.

Continue reading →

Over the past 12 months, the COVID-19 pandemic has created the perfect environment for cybercrime to flourish, according to Verizon's 2021 Data Breach Investigations Report.

The report analyzed 29,207 quality incidents, of which 5,258 were confirmed breaches. With large numbers of people working remotely, phishing attacks increased by 11 percent, while attacks using ransomware rose by six percent.

Continue reading →

A new report from cloud-native network detection and response company ExtraHop shows that on the fourth anniversary of the WannaCry attack a high percentage of IT environments are still running known vulnerabilities.

It shows the continuing use of ill-advised and insecure protocols, including Server Message Block version one (SMBv1), which was exploited by the WannaCry ransomware variant to encrypt nearly a quarter of a million machines worldwide, and is still found in 67 percent of environments.

Continue reading →

A large majority of companies that move to multi-cloud environments are not properly configuring their cloud-based services according to a new report from Aqua Security.

Over 12 months, Aqua's research team analysed anonymised cloud infrastructure data from hundreds of organizations. These were divided into SMBs and enterprises based on the volume of cloud resources they scanned.

Continue reading →

HP is launching a newly integrated portfolio of secure by design PCs and printers, hardware-enforced endpoint security software, and endpoint security services to protect its customers from growing cyber threats.

The HP Wolf Security portfolio builds on the company's security research to offer a unified portfolio focused on delivering comprehensive endpoint protection and cyber-resiliency.

Continue reading →

Despite the fact that third party code in IoT projects has grown 17 percent in the past five years, only 56 percent of OEMs have formal policies for testing security.

A report from security testing and software research company GrammaTech, based on findings from a VDC Research survey, reveals that this is despite 73.6 percent of respondents saying security is important, very important or critical.

Continue reading →