A new survey of information security professionals carried out at last month's Black Hat conference suggests that the majority think encryption backdoors are ineffective and potentially dangerous.

The study carried out by machine identity protection company Venafi finds that 72 percent of respondents don't believe encryption backdoors would make their nations safer from terrorists.

Continue reading →

According to a new survey, workloads run on in-house systems suffer 51 percent more security incidents than those on public cloud services.

The study from cloud security and compliance company Alert Logic analyzed more 2 million security incidents captured by its intrusion detection systems over 18 months.

Continue reading →

Passwords and their effectiveness is a subject that continues to come under the spotlight, particularly with the publication of a recent United States National Institute for Standards and Technology (NIST) document recommending a move to passphrases.

Security awareness training specialist KnowBe4 has carried out a survey of 2,600 IT professionals to look at how organizations are managing passwords and determine how the proposed passphrase concept stacks up against methods currently in use.

Continue reading →

As the internet of things spreads into more and more areas, increasing numbers of medical devices are now connected, making them vulnerable to cyber attacks that could shut down medical processes, expose critical hospital and patient data, and ultimately put patient safety at risk.

Many medical devices are not built with cybersecurity in mind, yet a survey by Deloitte Cyber Risk Services of over 370 professionals organizations operating in the medical device/IoT arena shows that 36.5 percent have suffered a cyber security incident in the past year.

Continue reading →

Businesses are struggling to keep pace against the rising level of cyber security threats, according to a new study.

The Threat Monitoring, Detection and Response Report from Crowd Research Partners -- produced in partnership with a number of leading cyber security vendors -- finds that the biggest concern is dealing with advanced threats in three key areas, ransomware (48 percent), phishing attacks (48 percent) and attendant data loss (47 percent).

Continue reading →

Accessing privileged accounts is the hacker's number one choice of the easiest and fastest way to get access to critical data according to a new study.

Privileged account solutions specialist Thycotic carried out a survey of more than 250 hackers at 2017's Black Hat conference and found that 32 percent of respondents see privileged accounts as the best way of getting hold of sensitive data, with 27 percent preferring access to user email accounts.

Continue reading →

When enterprises have a range of different IT systems and integrated supply chains it can lead to gaps in security coverage which are easily overlooked.

Fortress Information Security is launching a new Emerging Security Risk Management platform to provide an enterprise-wide visualization capability allowing organizations to spot and address gaps.

Continue reading →

Businesses are increasingly keen to move ahead with cloud strategies and, according to a new survey, one of the reasons may be simply that they don’t want to miss out.

The study from backup and archiving company Commvault with CITO Research finds that 81 percent of C-level and other IT leaders are either extremely concerned or very concerned about missing out on cloud advancements.

Continue reading →

Workloads on AWS can be vulnerable to a number of different threats including cross-site scripting, SQL injection and botnets, and if one virtual server is compromised malware has potential to move to a customer's other machines.

To secure this McAfee is launching its Virtual Network Security Platform for AWS to provide advanced security in the public cloud.

Continue reading →

Both users and their endpoint devices are the primary target for cyber criminals with phishing being the most prevalent threat according to a new report.

The study from research and education specialist the SANS Institute finds security professionals rate phishing at 72 percent, spyware at 50 percent, ransomware at 49 percent, and Trojans at 47 percent as being the top threats today.

Continue reading →

Increasingly businesses are moving their data and applications to the cloud. But there are always concerns about how secure the information is.

Network security company Portnox has put together an infographic looking at some of the myths surrounding cloud security and explaining why they're ill-founded.

Continue reading →

Employees are putting corporate data at risk by using unsecured hotspots and over sharing on cloud services, according to a new report.

The study from cloud security specialist Bitglass set up Wi-Fi hotspots in random public spaces for two hour time slots, and captured and analyzed traffic, finding that of the 834 people in the public spaces, 187 unique devices (around 20 percent) connected.

Continue reading →

The number one priority for security executives is achieving complete breach intolerance according to a new study from endpoint security company Endgame in conjunction with Forrester Research.

The study of over 150 security decision makers in large US enterprises also finds 64 percent of executives are concerned that the next breach or attack they experience could be severe, a fear that is heightened by the fact that decision makers don’t know the system or the vector that will be attacked next.

Continue reading →

Many businesses rely on outsourcing some or all of their IT to managed service providers (MSPs), but a new study from Kaspersky Lab reveals that two out of three MSPs are suffering from a shortage of qualified cyber security staff.

Among the findings are that cyber security is no longer seen as a separate or optional function among MSPs with 92 percent now including it as part of their portfolio of services. More than half (51 percent) cite security as essential to their customers' operational continuity in the next three to five years.

Continue reading →

Traditional methods of securing endpoints rely on installed agents and are affected by network dependencies.

Endpoint security specialist Absolute is launching a new version of its solution that's always connected to every endpoint. Absolute 7 uses Persistence technology that’s embedded in the firmware of many popular endpoint devices, to deliver always-connected visibility and control with a tether to every device both on and off the corporate network.

Continue reading →