Ian Barker

Newly released research from cybersecurity platform Cynet shows managed service providers (MSPs) are facing growing operational strain as they race to meet demand for cybersecurity services.

While cybersecurity services are driving growth and deepening client relationships, most MSPs are hitting operational roadblocks, held back by fragmented tools, limited automation and lean security teams.

Continue reading →

New research from FireMon shows that 60 percent of enterprise firewalls fail high-severity compliance checks immediately upon evaluation, with another 34 percent falling short at critical levels.

Using data collected anonymously from AI-powered analytics platform FireMon Insights deployments across large enterprises and regulated industries, the study found misconfigurations, outdated rules, and bloated policies that bog down performance and leave security teams struggling to keep up.

Continue reading →

Cybercriminals are increasingly using sophisticated identity-based attacks (phishing, social engineering, leveraging compromised credentials) to gain access as trusted users and move laterally across systems undetected.

We spoke to Cristian Rodriguez, field CTO, Americas at CrowdStrike, about the company’s recent research into these attacks and now organizations can defend against them.

Continue reading →

According to Verizon’s 2025 Data Breach Investigations Report, API-related breaches have increased nearly 40 percent year-on-year, with broken authorization cited as one of the most exploited flaws.

Now though Intruder, a leader in attack surface management, has launched Autoswagger -- a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities.

Continue reading →

A new survey of 1,000 IT, security, and engineering professionals across North America uncovers a fractured landscape of legacy VPNs, slow manual processes, and overlapping tools -- with 99 percent of respondents saying they'd like to redesign their company’s access and networking setup from the ground up.

The study from Tailscale also shows that 83 percent of IT and engineering professionals admit to bypassing security controls in order to get their work done. Also worrying is that 68 percent say they have retained access to internal systems after leaving a previous employer, revealing critical gaps in offboarding and identity lifecycle management.

Continue reading →

Security teams today are overwhelmed by fragmented data, inconsistent tagging, and the manual burden of translating findings into fixes.

A new release of the Seemplicity platform introduces an AI Insights feature along with Detailed Remediation Steps, and Smart Tagging and Scoping, three new capabilities that use AI to solve some of the most painful and time-consuming cybersecurity tasks.

Continue reading →

According to a new report 45 percent of MSPs admit to having a dedicated pool of money set aside for ransomware payments. This is despite increasing pressure from insurers and global governments to avoid paying ransoms to stop fueling criminal enterprises and encourage proactive resilience.

The findings, from cyber risk specialist CyberSmart, also show that 36 percent opt to protect themselves with cyber insurance instead. Worryingly though, 11 percent of MSPs say they have no dedicated budget for ransomware payments or cyber insurance, in many cases leaving them without a contingency plan.

Continue reading →

According to new research 93 percent of firms in the UK today use AI in some capacity, but most lack the frameworks to manage its risks and don’t integrate AI governance into their software development processes.

The study from Trustmarque shows only seven percent have fully embedded governance frameworks to manage AI risks. In addition a mere four percent consider their technology infrastructure fully AI-ready, and just eight percent have integrated AI governance into their software development lifecycle.

Continue reading →

Tech stacks and software landscapes are becoming ever more complex and are only made more so by the arrival of AI.

We spoke to David Gardiner, executive vice president and general manager at Tricentis, to discuss to discuss how AI is changing roles in development and testing as well as how companies can maximize the value of AI while mitigating the many risks.

Continue reading →

Tomorrow -- July 19th -- marks a year since the CrowdStrike outage, which saw major disruption to Microsoft systems around the world caused by a faulty security software update.

Whilst it made the headlines at the time what have been the long-term effects of the outage and what has the industry learned to prevent something similar happening in future?

Continue reading →

A report earlier this year highlighted the fact that machine identities now vastly outnumber humans.

This leads to a wider attack surface leaving many organizations vulnerable to cyberattack and loss of data. We spoke to Refael Angel, the co-founder and CTO of unified secrets and machine identity platform Akeyless Security, to find out more about the problem and how enterprises can protect themselves.

Continue reading →

New threat intelligence from Zimperium reveals over five million unsecured public Wi-Fi networks have been detected globally since the beginning of 2025, with a staggering 33 percent of users still connecting to these open networks, putting enterprise data at risk in the process.

“Mobile devices are now a primary gateway to corporate data, but during travel, they’re also the most vulnerable,” says Kern Smith, VP of global solutions  at Zimperium. “Unsecured Wi-Fi, phishing disguised as travel alerts, and risky sideloaded apps are creating an ideal attack surface for cybercriminals -- especially in peak travel months.”

Continue reading →

Imagine if hackers could give their scam websites a cloak of invisibility, showing one web page to regular people and a harmless page to security scans. Sneaky, huh?

According to new research from SlashNext that’s essentially what’s happening as cybercriminals start to leverage AI-powered cloaking services to shield phishing pages, fake stores, and malware sites from prying eyes.

Continue reading →

As quantum computing speeds edge closer to practical use, the ‘harvest now, decrypt later’ approach is already in motion with adversaries collecting encrypted data today, anticipating they'll be able to crack it tomorrow. But is enough being done to prevent it?

New research from Forescout highlights the urgent need for organizations to prepare for a future where quantum-capable adversaries can break widely used cryptographic protocols.

Continue reading →

A new report from Contrast Security exposes a growing crisis at the application layer as adversaries use AI to easily launch previously sophisticated attacks at scale.

Recent reports from Verizon (DBIR 2025) and Google Mandiant (M-Trends 2025) confirm what many security leaders already suspect: components of the application layer are among the most targeted and least protected part of the modern enterprise.

Continue reading →