Ian Barker

Digital services, including Generative AI, rely heavily upon Application Programming Interfaces (APIs) to access and relay data. But securing these conduits can be difficult so is this a problem that AI could help solve?

We spoke to James Sherlow, systems engineering director, EMEA, at Cequence Security, to find out how Generative AI might be used to address API security.

Continue reading →

Account takeover attacks have increased 24 percent in the second quarter of 2024 compared to the same period last year, according to AI-powered anti-fraud platform Sift.

Account takeovers accounted for losses of almost $13 billion in 2023. To combat the problem Sift’s latest quarterly product update feature an enhanced solution to protect businesses from ATO fraud throughout the entire consumer journey.

Continue reading →

Software supply chain attacks have increasingly made the headlines in recent years. They occur when attackers change the code in third-party software components in order to compromise the applications using them.

These attacks can be used to steal data, corrupt systems or move laterally through networks. We spoke to Ansh Patnaik, chief product officer at CyCognito, to learn more about this type of attack and how to combat it.

Continue reading →

Last year Google launched its Secure AI Framework (SAIF) to help people safely and responsibly deploy AI models.

Today it's adding to that with a new tool that can help others assess their security posture, apply these best practices, and put SAIF principles into action.

Continue reading →

A new study by the IEEE -- the world's largest technical professional organization -- focuses on on what are likely to be the most important technologies in 2025 along with future technology trends, including expectations for AI's market growth, benefits, uses, and skill sets.

The study surveyed over 350 CIOs, CTOs, IT directors, and other technology leaders in Brazil, China, India, the UK and US at organizations with more than 1,000 employees, it finds that 58 percent believe AI will be the most important tech next year, while 26 percent say cloud computing and 24 percent robotics.

Continue reading →

Most cyberattacks are carried out using compromised credentials, but it can be hard for businesses to know if their information has been leaked.

In order to make it easier to discover leaked data, Quadrant Information Security is launching a free Dark Web Reports service offering insights into compromised credentials and leaked information and actionable advice on how to address them.

Continue reading →

While businesses understand that third-party JavaScript tags collect information, only 13 percent are confident they understand what information they collect and only 26 percent are aware that tags can leak their private user data to other organizations.

A new report from the Jscrambler platform for client-side protection, with research conducted by Dimensional Research, shows 97 percent of respondents say they know that third-party tags collect sensitive or private information regularly.

Continue reading →

Many executives are concerned about their employees' level of cyber risk awareness, with a new survey showing that 70 percent believe their employees lack critical cybersecurity knowledge, up from 56 percent in 2023.

The study, of 1,850 executives across 29 countries, from Fortinet also shows that over 60 percent of respondents expect more employees to fall victim to attacks in which cybercriminals use AI.

Continue reading →

A new report reveals that 90 percent of SaaS applications and 91 percent of AI tools within enterprises remain unmanaged, suggesting a widespread vulnerability that continues to grow.

The study from Grip Security highlights the limitations of traditional security strategies in combating 'SaaS risk creep' the number of SaaS applications used in an enterprise increased by 40 percent over the last two years.

Continue reading →

As we head towards the end of the year, the pace of challenges posed by technologies like AI shows no signs of letting up.

So what should CEOs be doing to ensure that their workforces are equipped to deal with the changes and ensure that their business remains competitive? We spoke to Mike Lee, general manager at AND Digital, to find out.

Continue reading →

A new report from Sysdig highlights the growing cost and scale of cloud attacks and the evolution of tactics being used by attackers.

Among the findings are that over $100,000 is lost per day to AI resource jacking. It hasn't taken long for threat actors to leverage stolen cloud access to exploit large language models (LLMs), as illustrated by an LLMjacking attack that left one victim on the hook for $30,000 in just three hours. Left unchecked, an LLMjacking operation can cost more than $100,000 per day.

Continue reading →

In an ever more interconnected world facing growing numbers of cyberattacks, it's critical to ensure that technology systems are resilient in order to keep people safe.

Google has announced that it's signed up to the CISA's Secure by Design pledge, a voluntary commitment to specific security goals.

Continue reading →

A new report from Splunk looks at the role of observability within today's increasingly complex IT environments.

Based on a survey of 1,850 ITOps and developer professionals, it finds enterprises with good observability resolve issues faster, boost developer productivity, control costs and improve customer satisfaction. Due to such benefits, 86 percent of all respondents plan to increase their observability investments.

Continue reading →

Long-lived credentials on major cloud platforms continue to be a huge risk for organizations, according to a new report from Datadog.

Long-lived cloud credentials never expire and frequently get leaked in source code, container images, build logs and application artifacts, making them a major security risk. The report finds that 46 percent of organizations are still using unmanaged users with long-lived credentials.

Continue reading →

The manufacturing industry is the most affected by cyber attacks, accounting for over 25 percent of all incidents, across the top 10 industries, of which 45 percent are malware attacks.

According to a new report from security awareness training company KnowBe4 the industry has become increasingly attractive to cybercriminals in recent years due to its interconnected nature, having a low tolerance for downtime, and valuable intellectual property stored in its databases, which could save competitors millions if obtained.

Continue reading →