Ian Barker

The proliferation of APIs in the financial services industry has created a vast and complex attack surface that traditional security measures cannot adequately protect.

API security specialist Traceable AI surveyed over 150 cybersecurity professionals in the US, uncovering critical vulnerabilities, concerns, and current API security practices in the financial sector.

Continue reading →

New research from WithSecure looks at the trend of mass exploitation of edge services and infrastructure by attackers.

The number of edge service and infrastructure Common Vulnerabilities and Exposures (CVEs) added to the Known Exploited Vulnerability Catalogue (KEV) per month in 2024 is 22 percent higher than in 2023, while the number of other CVEs added to the KEV per month has dropped 56 percent compared to 2023.

Continue reading →

A new report into IT asset management (ITAM) shows that 53 percent of IT teams report challenges gaining or maintaining complete visibility of their technology investments.

The study from Flexera also finds nearly a quarter (22 percent) of the global IT leaders surveyed say they have paid more than $5 million in audit costs over the past three years, up from 15 percent in 2023.

Continue reading →

Organizations face significant challenges with open source security, primarily due to the rapid pace at which open source vulnerabilities are identified compared to the slower pace of remediation efforts.

This discrepancy creates a scenario where security teams are constantly trying to catch up, struggling against an ever-growing list of vulnerabilities that pose serious threats to their systems.

Continue reading →

A new report shows that 87 percent of enterprise decision-makers are a little or a lot less confident in the network investment decisions that they make.

The study from Arelion reveals that confidence levels have been significantly impacted for 40 percent of US decision-makers. 44 percent of enterprise network decision-makers cite technological change as the most disruptive force on networking decisions, followed closely by rising costs (41 percent) and climate change (37 percent).

Continue reading →

The rapid rise of AI across industries has created a critical data blind spot, a lack of insight into the data powering these systems. Training data for AI models can harbor hidden risks, including leaking sensitive information, personal data, and intellectual property.

A new survey of 168 members of the CISO Society carried out by BigID and Lorem Advisory Group looks at the challenges CISOs face in governing, securing, and safeguarding data in today's AI-driven landscape.

Continue reading →

Alongside yesterday's raft of operating system announcements, Apple also unveiled a suite of new tools and features for developers to help them create more powerful and efficient apps.

With Xcode 16, developers can save time in their development process and get more done thanks to features like Swift Assist and predictive code completion. New and expanded APIs also give developers the tools to advance their apps and introduce new features.

Continue reading →

A new survey of 1,000 finance and engineering professionals in the US reveals that 58 percent of respondents say their cloud costs are too high.

The study from CloudZero also shows that 75 percent of employees say they fear losing their jobs if cloud costs abruptly surge by 50 percent or more. This unease is particularly heightened among employees at larger companies, with 100 percent of those at organizations with over 9,000 personnel believing their positions are vulnerable.

Continue reading →

Active Directory (AD) was introduced in the late 90's when corporate networking barely had virtualization and remote work, not to mention cloud services.

AD controls authentication and authorization to most of an organization's on-premises applications and data, and through synchronization and federation with Entra ID, Okta or other cloud identity provider (IDP) provides these same controls to cloud applications and resources.

Continue reading →

New research from Top10VPN has captured and analyzed the network traffic of the 100 most popular free VPNs on Google's Play Store and reviewed their source code.

The findings are rather worrying, showing that 88 percent suffer some kind of data leak (IP, DNS, WebRTC) with 17 percent affected by multiple leaks.

Continue reading →

A new AI technology is emerging alongside LLMs -- Large graphical models (LGMs). An LGM is a probabilistic model that uses a graph to represent the conditional dependence structure between a set of random variables.

Organizations can use LGMs to model the likelihood of different outcomes based on many internal and external variables.

Continue reading →

Ransomware remains an ongoing threat for organizations and is the largest single cause of IT outages and downtime as 41 percent of data is compromised during a cyberattack, according to the latest Veeam 2024 Ransomware Trends Report.

The report, based on 1,200 responses from organizations that have faced a security incident, reveals that only 57 percent of the compromised data is usually recovered, leaving organizations vulnerable to substantial data loss and negative business impacts as a result.

Continue reading →

The work landscape has changed enormously in recent years with hybrid and remote working now becoming the norm. This makes it harder for businesses to secure their systems as there's no longer a clearly defined network perimeter.

1Password now has an Extended Access Management feature that helps organizations to secure every sign-in to every application from every device.

Continue reading →

Research from IT consultancy Zartis shows 72 percent of UK tech executives want more AI regulation, and almost a third (29 percent) want 'a lot more'.

The study, carried out by Censuswide, surveyed 100 senior technology executives in the UK and finds around 80 percent claim global government coordination of AI regulation is important to their company and 41 percent say it’s very important.

Continue reading →

Automation is a critical capability for a proactive security strategy says a new report from automated endpoint and vulnerability management company Syxsense and Omdia, a global analyst.

The research surveyed over 400 respondents including decision makers from North America and Europe, Middle East, and Africa (EMEA), at small and midsize business (SMB)+ sized companies across a variety of industries.

Continue reading →