Ian Barker

Although the goals and challenges of IT and security professionals overlap, 72 percent of respondents to a new survey report that security data and IT data are siloed in their organization, contributing to elevated security risk.

The survey of over 7,000 executive leaders, IT and cybersecurity professionals‌ and office workers, from Ivanti finds 63 percent report that siloed data slows down security response times.

Continue reading →

The last six months has seen a 341 percent increase in malicious emails, including an alarming spike in phishing, BEC, and other message-based attacks fueled by the continued growth of generative AI.

The latest State of Phishing Report from SlashNext finds that since the launch of ChatGPT in November 2022, there has been a 4,151 percent increase in malicious emails sent.

Continue reading →

More than half of telecom and IT engineers responding to a new survey believe the use of AI will improve network operational efficiency by 40 percent or more.

In addition the study from Ciena, with research by Censuswide, shows an overwhelming 85 percent of respondents express confidence in communication service providers' (CSPs) ability to monetize AI traffic across networks.

Continue reading →

New research from Scalable Software finds that, on average, employees lose nearly four hours a week (3.78) because of digital employee experience (DEX) failings.

The survey of 400 US and UK IT decision makers also shows that 90 percent of respondents in both the US and UK say their organization suffers from 'productivity paranoia' over hybrid working. This means they’re unable to accurately assess productivity or identify where blockers occur.

Continue reading →

Microsoft has announced a series of updates to Edge for Business aimed at making the browser a more attractive proposition for enterprises.

Launched at Build yesterday, new features include screenshot prevention in order to block data exfiltration, this also applies to Copilot prompts and responses. There's also improved leak protection for sensitive documents.

Continue reading →

We tend to think of the internet as being something that's the same all over the world, but with nations like China, India and Russia increasingly closing off the wider web to their citizens, is the global nature of the internet under threat?

We spoke to Ruoting Sun, VP of Product at Secureframe about the phenomenon of 'internet fracturing' and what it means for businesses.

Continue reading →

The amount of corporate data workers put into AI tools increased 485 percent from March 2023 to March 2024, and is increasing exponentially. The trend is highest among tech workers with 23.6 percent putting corporate data into an AI tool.

A new report from Cyberhaven looks at AI adoption trends and their link to heightened risk. A worrying finding is that 73.8 percent of ChatGPT usage at work is through non-corporate accounts, that unlike enterprise versions incorporate whatever you share in public models.

Continue reading →

According to a new survey, 77 percent of organizations have suffered from instances of cyberattacks or data breaches in the past 12 months due to improper access or over-privileged users.

The study from ConductorOne, based on a survey of 523 US-based IT security leaders at companies with 250 to 10,000 employees, also finds 41 percent of respondents say there had been multiple instances of cyberattacks or data breaches due to the same improper access issues.

Continue reading →

More than half of respondents (53 percent) to a new survey say their existing cybersecurity solutions do not effectively address website impersonation attacks, and 41 percent say their existing solutions only partially protect them and their customers.

The study from Memcyco, based on research from Global Surveyz, finds just six percent of brands claim to have a solution that effectively addresses these attacks despite 87 percent of companies recognizing website impersonation as a major issue and 69 percent admitting to having had these attacks carried out against their own website.

Continue reading →

A new Dark Side of GenAI report from Immersive Labs looks at 'prompt injection' attacks, in which individuals input specific instructions to trick chatbots into revealing sensitive information, potentially exposing organizations to data leaks.

Using data gathered from a public prompt injection challenge the report finds a worrying 88 percent of participants successfully tricked the GenAI bot into giving away sensitive information in at least one level of an increasingly difficult challenge.

Continue reading →

Last year saw more mass compromise events arising from zero-day vulnerabilities (53 percent) than from older vulnerabilities for the first time since 2021.

The latest Attack Intelligence Report from Rapid7 also shows mass compromise events stemming from exploitation of network edge devices have almost doubled since the start of 2023, with 36 percent of widely exploited vulnerabilities occurring in network perimeter technologies. More than 60 percent of the vulnerabilities Rapid7 analyzed in network and security appliances in 2023 were exploited as zero-days.

Continue reading →

The financial sector in the UK is under constant attack and that it is grappling to keep pace with ever-evolving cyber threats, according to a new report from security awareness training company KnowBe4.

The frequency of ransomware attacks on the financial sector in the UK doubled in 2023, showcasing an alarming escalation. Phishing and Business Email Compromise (BEC) remain the top threats to organizations including financial institutions.

Continue reading →

Concern around deepfakes has been growing for some time and new research released by ISMS.online shows deepfakes now rank as the second most common information security incident for UK businesses and have been experienced by over a third of organizations.

The report, based on a survey of over 500 information security professionals across the UK, shows that nearly 32 percent of UK businesses have experienced a deepfake security incident in the last 12 months.

Continue reading →

The job of the CISO is becoming increasingly complex, with new rules around security and compliance, disclosure requirements following incidents, and more.

We spoke to John Morello, CTO of Gutsy, a company which was the first to apply process mining to security, to find out how things are changing and how CISOs should respond.

Continue reading →

For banks, know-your-customer (KYC) measures amount to 40 percent of all anti money laundering (AML) compliance costs, totaling $5.7 million each year. This sum is tiny, however, compared to what is paid for non-compliance. In 2022, global fines for inadequate AML grew by 50 percent, almost reaching $5 billion.

We spoke to Vaidotas Šedys, head of risk management at web intelligence platform Oxylabs, to discover that KYC-related challenges are not just faced by banks but are an issue for proxy and web scraping service providers too.

Continue reading →