Ian Barker

A new report shows that 66 percent of organizations in the UK experienced at least one successful phishing attack in 2023 compared to 91 percent the previous year.

However, the study from Proofpoint shows the negative consequences of attacks have soared, with a 30 percent increase in reports of financial penalties, such as regulatory fines, and a 78 percent increase in reports of reputational damage.

Continue reading →

Attacks targeting the business logic of APIs made up 27 percent of attacks in 2023, a growth of 10 percent since the previous year. Account takeover (ATO) attacks targeting APIs also increased from 35 percent in 2022 to 46 percent in 2023.

This is among the findings of a new report from Imperva which shows API traffic constituted over 71 percent of web traffic last year. While there are benefits of APIs in allowing seamless connectivity, enhancing online experiences, and driving innovation, their widespread adoption leads to new security challenges.

Continue reading →

New research from Tray.io shows that over 90 percent of enterprises are currently experiencing limitations integrating AI into their tech stack.

Almost three-quarters of companies (73 percent) report that more than half of the apps in their tech stack have AI capabilities or AI-augmented features, and 96 say they percent plan to use these features to improve process efficiency and employee productivity, increase customer satisfaction rates and reduce costs.

Continue reading →

As consumers and businesses undergo a sea change shift towards mobile interfaces, embracing everything from retail to human resources management, the landscape of mobile security is experiencing a parallel transformation.

With this surge in reliance on mobile devices, threats have become more sophisticated, spanning network vulnerabilities, the proliferation of malware, and the craftiness of phishing schemes.

Continue reading →

The market for AI in cybersecurity is expected to reach more than $133 billion by 2030 according to a new report from Techopedia.

There's both a positive and negative impact from AI use. Hackers using AI has fueled a huge rise in cybercrime, expected to reach a massive $9.22 trillion cost to internet users in 2024, with the vast majority (85 percent) of cybersecurity professionals blaming AI. This rise is for these key reasons: AI increases the speed and volume of attacks, it adapts to specific defenses, and it creates more sophisticated, personalized attacks.

Continue reading →

The use of Apple devices in the enterprise has increased in recent years. But what's behind this trend and how much impact is it having?

We spoke to Weldon Dodd, SVP of community at Apple device management and security specialist Kandji, to discover how Apple has become a strategic choice for businesses, leading to increased employee productivity and even additional revenue opportunities.

Continue reading →

Apple devices have historically had a reputation for being immune to malware, but a new report from Jamf reveals that it's tracked 300 malware families on macOS and found 21 new ones in 2023.

Jamf's latest Security 360 report examined a sample of 15 million desktop computers, tablets and smartphone devices they protect, across 90 countries and multiple platforms (macOS, iOS/iPad, Android and Windows).

Continue reading →

With responses from more than 1,100 cybersecurity professionals, a new survey reveals that 88 percent of respondents believe that AI will significantly impact their jobs, now or in the near future.

The study from ISC2 shows 35 percent have already witnessed its effects. However, views on exactly what the implications of AI might be are mixed.

Continue reading →

A new report from Cyolo and the Ponemon Institute reveals that third-party access to operational technology environments is significantly expanding the attack surface.

According to the study, 73 percent permit third-party access to OT environments, with an average of 77 third parties per organization granted such access.

Continue reading →

The total number of common vulnerabilities and exposures (CVEs) is expected to increase by 25 percent in 2024 to 34,888 vulnerabilities, or roughly 2,900 per month.

This comes from a new report by 'active insurance' provider Coalition which uses honeypots to monitor for spikes to identify the biggest CVEs before they make news headlines -- thus providing companies with the opportunity to take action before an incident can occur.

Continue reading →

Cloud intrusions increased by 75 percent overall last year as adversaries set their sights on the cloud through the use of valid credentials.

This is one of the findings of the 2024 CrowdStrike Global Threat Report released today. It notes an increase in interactive intrusions and hands-on-keyboard activity (60 percent) as adversaries increasingly exploit stolen credentials to gain initial access at targeted organizations.

Continue reading →

A new report from IBM X-Force Threat Intelligence highlights an emerging global identity crisis as cybercriminals double down on exploiting user identities to compromise enterprises worldwide.

The 2024 X-Force Threat Intelligence Index report records a 71 percent spike in cyberattacks caused by exploiting identity as using valid accounts has become the path of least resistance for cybercriminals, with billions of compromised credentials accessible on the Dark Web.

Continue reading →

The relationship between an organization's chief information officer (CIO) and chief information security officer (CISO) has traditionally been somewhat at odds, since CIO's job is built around sharing information and the CISO's job is to secure it. Plus, the CIO was normally higher in the organizational hierarchy, which could also cause some tension.

But the relationship has evolved in recent years, to the point where the two positions are often more on par with each other. And with security's growing importance to the business (and the boardroom), the two jobs often share the same goals and responsibilities.

Continue reading →

A new report from Cofense based on data from its Phishing Detection Center identifies over 1.5 million malicious emails bypassing customers' secure email gateways (SEGs), a 37 percent increase in threats compared to 2022.

The report shows that SEGs struggle to keep pace with sophisticated phishing campaigns and that relying on 'good enough' email security is no longer an option for most enterprises.

Continue reading →

With more and more businesses relying on SaaS solutions, securing the endpoint browser is vital. Often this involves enterprises imposing a particular browser on their users rather than allowing a choice.

In a new approach, Menlo Security is launching a complete enterprise browser solution that can turn any browser into a secure enterprise browser.

Continue reading →