Ian Barker

Although 63 percent of organizations claim their architecture is integrated throughout development (from design to deployment and beyond), a new study shows more than half (56 percent) have documentation that doesn't match the architecture in production.

The research from vFunction shows the impact of this architecture disconnect has potentially resulted in project delays (53 percent), security or compliance challenges (50 percent), scalability limitations (46 percent), and reduced engineering team productivity (28 percent).

Continue reading →

A new survey of nearly 1,500 IT, engineering, and cybersecurity professionals worldwide reveals that 69 percent say maintaining data security and compliance is a top data management obstacle.

Not far behind is managing data volume and growth, cited by 67 percent. The research from Splunk shows 62 percent of respondents claim that difficulties with data management resulted in compliance failures.

Continue reading →

New research highlights the growing threat of identity-based attacks and looks at organizations ability to defend against them.

The study from Huntress shows 67 percent of organizations reported an increase in identity-based incidents over the past three years, with these attacks comprising more than 40 percent of security incidents for 35 percent of organizations in the past year alone.

Continue reading →

A new survey for Robin AI reveals that while nearly one in three people would be open to letting a robot lawyer represent them in court, the vast majority would only do so if a human lawyer was overseeing the process.

The research carried out by Perspectus Global polled a sample of 4,152 people across the US and UK and finds that on average, respondents say they would need a 57 percent discount to choose an AI lawyer over a human.

Continue reading →

When used legitimately, HTML attachments in emails enable organizations to share content, such as newsletters or invitations, that display properly when opened in an email client or web browser.

But a new report from Barracuda reveals that 23 percent of HTML attachments are malicious, making them the most weaponized text file type. Overall more than three-quarters of the malicious files detected overall were HTML, and 24 percent of email messages overall are now unwanted or malicious spam.

Continue reading →

Mobile threats are no longer an emerging issue, they're here, rapidly evolving, and targeting the devices organizations depend on every day.

As employees use smartphones, laptops, and tablets to access sensitive data and systems, a new report from Zimperium zLabs shows attackers are increasingly exploiting these endpoints through mobile-first strategies that bypass traditional security defenses.

Continue reading →

A new report from managed security services company LevelBlue reveals that organizations are forging ahead with AI innovations despite increased security concerns.

The report shows AI-powered attacks, such as deepfakes and synthetic identity attacks, are expected to rise in 2025, but many remain unprepared. The report finds that only 29 percent of executives say they are prepared for AI-powered threats, despite nearly half (42 percent) believing they will happen.

Continue reading →

In recent years, businesses have stampeded to move systems to the cloud. But in doing so they often unwittingly introduce multiple layers of virtualization which means they can be paying to run the same processes multiple times.

Can optimization techniques help to improve performance and cut cloud costs? We spoke to Dr. Ignacio M Llorente, CEO and founder of OpenNebula Systems to find out more.

Continue reading →

A new survey of 1,000 businesses across the UK, UK, Europe and the Asia-Pacific region reveals a worrying disconnect between organizations' perceived readiness and actual performance in cyber crisis response.

The study for Semperis, with research from Censuswide, finds 90 percent of enterprises surveyed struggle with serious blockers to effective cyber response. Top issues include cross-team communication gaps (48 percent), out-of-date response plans (45 percent) and unclear roles and responsibilities (41 percent).

Continue reading →

As artificial intelligence (AI) continues to reshape industries, data privacy and security concerns are escalating. The rapid growth of AI applications presents new challenges for companies in safeguarding sensitive information.

Emerging advanced AI models like Deepseek, developed outside the US, underscore the risks of handling critical data. We spoke to Amar Kanagaraj, CEO of Protecto -- a data guardrail company focused on AI security and privacy -- to get his insights on the most pressing AI data protection challenges.

Continue reading →

Enterprises are grappling with an increasing compliance burden, subject to multiple frameworks and more regulatory mandates that stretch resources and drive-up costs.

Misconfigurations can further complicate things, often leading to non-compliance and regulatory penalties. Plus time-consuming tasks like auditing, reporting, and system remediation are prone to human error.

Continue reading →

A new study shows that 92 percent of IT leaders believe the new era of digital transformation will increase digital friction and that less than half (47 percent) of employees have the requisite digital dexterity to adapt to technological changes.

The report from digital employee experience (DEX) specialist Nexthink, based on a survey of 1,100 IT decision makers worldwide, shows a further 88 percent expect workers to be daunted by new technologies such as generative AI.

Continue reading →

A new study from Backslash Security looks at seven current versions of OpenAI's GPT, Anthropic's Claude and Google's Gemini to test the influence varying prompting techniques have on their ability to produce secure code.

Three tiers of prompting techniques, ranging from 'naive' to 'comprehensive,' were used to generate code for everyday use cases. Code output was measured by its resilience against 10 Common Weakness Enumeration (CWE) use cases. The results show that although secure code output success rises with prompt sophistication all LLMs generally produced insecure code by default.

Continue reading →

Security teams know they need to test their main applications, but they often struggle to identify which other assets to cover. On average, organizations can miss testing nine out of 10 of their complex web apps.

Security testing platform Detectify is announcing the launch of its new Asset Classification and Scan Recommendations capabilities which enable organizations to easily identify and swiftly act on their complex web applications.

Continue reading →

A new report from API and AI security solutions company Wallarm finds that of around 4,700 security issues analyzed in Agentic AI projects, 49 percent were API-related, underscoring the inseparable nature of agent and API security.

The report also finds that over 1,000 issues in Agentic AI repositories remain unaddressed. 22 percent of reported security issues remain open too, with some lingering for 1,200-plus days, highlighting a critical gap between vulnerability discovery and remediation.

Continue reading →