Ian Barker

Chinese AI models (like DeepSeek) are outperforming US models like Meta Llama in specific categories such as sensitive information disclosure according to a new AI Trust Score introduced by Tumeryk.

It evaluates AI models across nine key factors, including data leakages, toxic content, truthfulness, and bias. This enables CISO’s to ensure their AI deployments are secure, compliant, and trustworthy, and offers developers solutions for addressing any issues in their AI applications.

Are you ready to welcome our new machine overlords? Okay, that might be a bit drastic, but the latest report from Sysdig reveals that there are now 40,000x more machine identities than human identities.

This has led to a greatly expanded attack surface as machine IDs are 7.5 times more risky, a dangerous liability given that nearly 40 percent of breaches start with credential exploitation.

The shift to hybrid working means that managing enterprise networks has become more complicated, but legacy remote access solutions fall short in meeting the needs of supporting both managed and unmanaged users and devices.

Unmanaged users don't want to install heavyweight clients designed for managed use, such as VPN or ZTNA clients. Plus, in the case of contractors or consultants who service multiple customers, it's just not possible or practical to install multiple clients.

A new survey from Lansweeper of almost 200 managed service providers across North America and Europe shows 90 percent recognize AI as vital to their growth strategy, with 63.6 percent rating it as 'very important.'

Despite its priority status though only 41.5 percent of respondents report AI integration levels above 25 percent, indicating that many MSPs are still in the early stages of adoption.

Protecting critical national infrastructure (CNI) against attack is a huge undertaking for governments and for those organizations that deliver CNI services.

New regulation in Europe -- the NIS2 Directive -- includes an increased focus on resilience for CNI, covering traditional critical services like banking, utilities, transport and public safety as well as new provisions for digital service providers. In 2025, the Digital Operational Resilience Act (DORA) will enforce more stringent resilience and security requirements on the financial sector. And in the UK, the forthcoming Cyber Security and Resilience Bill will demand more investment in security too.

A new survey looking at the challenges faced by database administrators (DBAs) shows 35 percent of organizations cite data integration as a top challenge.

Additionally, the study from Quest Software shows 42 percent of organizations report that data migrations are a significant obstacle to overcome, with complications in ensuring database reliability and performance.

A new report shows 70 percent of secrets leaked in 2022 remain active today, creating an expanding attack surface that grows more dangerous with each passing day.

The study from GitGuardian also reveals a 25 percent increase in leaked secrets year-on-year, with 23.8 million new credentials detected on public GitHub in 2024 alone.

You might not often feel sorry for executives and entrepreneurs but research from Deloitte shows that their 'family offices' are prime targets for cybercriminals looking to exploit their personal networks, private data, and home devices which represent a weak security link.

This is why BlackCloak is launching Digital Executive Protection, an enhanced family office cybersecurity bundle designed to protect high-net-worth individuals, and corporate leaders.

A new report from cyber insurance provider Coalition shows 58 percent of ransomware claims in 2024 started with threat actors compromising perimeter security appliances like virtual private networks (VPNs) or firewalls.

Remote desktop products are the second-most exploited for ransomware attacks at 18 percent. The most common initial access vectors (IAVs) being stolen credentials (47 percent) and software exploits (29 percent). Vendors including Fortinet, Cisco, SonicWall, Palo Alto Networks, and Microsoft build the most commonly compromised products.

While 86 percent of employees believe they can confidently identify phishing emails, nearly half have fallen for scams according to new research from security awareness training company KnowBe4.

The study, which surveyed professionals across the UK, USA, Germany, France, Netherlands, and South Africa, reveals a growing gap between confidence and competence in identifying cyber threats.

A new report shows 76 percent of companies across Asia, Europe and the Middle East are intrigued by the potential of digital technologies, including AI and cloud computing, in driving sustainable development.

But the study from Alibaba Cloud also reveals that 59 percent of businesses acknowledge a gap in understanding how digital technology can assist in achieving sustainability goals.

As with other forms of 'off the books' shadow tech, used by employees without company approval, shadow AI is a double-edged sword.

Cyberhaven Labs recently reported a sharp 485 percent increase in corporate data flowing to AI systems, with much of it going to risky shadow AI apps.

A new study finds that 92 percent of those surveyed in the manufacturing industry say AI is a top C-Suite priority and the same percentage agree it provides a competitive advantage.

But the report from Riverbed also shows that 69 percent are concerned about the suitability of their organization's data for AI usage, and only 42 percent rated their data as excellent for completeness and accuracy. It's notable too that 42 percent say their data quality is a barrier to further AI investment.

A recent survey found that only 37 percent of businesses are prepared for AI. This means they risk being left behind as competitors embrace the technology.

We spoke to Richard Tworek, CTO at Riverbed about how organizations can embrace AI and how they can succeed in today's rapidly evolving landscape.

New research from governance, risk, and compliance (GRC) specialist MetricStream, in collaboration with GRC Report, looks at risk practitioners' priorities for 2025.

Navigating the complex regulatory landscape is among their top challenges this year, named by 51 percent, with new guidelines, evolving requirements, and unexpected policy shifts occurring almost weekly.