Ian Barker

Passkeys are often touted as being the way to achieve a passwordless future. But as yet passkeys are supported by only a small number of websites. Passkeys are a safer, more efficient way of authenticating users, but it will be a long time before they become the norm -- if indeed they ever become the norm.

We talked to Darren Guccione, CEO and co-founder of Keeper Security, to discuss the use cases for passkeys, the barriers to mass adoption and how users can adopt and secure passkeys in conjunction with their passwords.

Continue reading →

Recent technology developments related to AI and the rise of quantum computing can put the integrity of digital agreements at risk, potentially leading to data loss, manipulation, identity or asset theft, and legal consequences for an organization.

For this reason OneSpan is launching a new Trust Vault feature for its e-signature solution that helps guarantee the integrity and long-term viability of documents using immutable storage based on blockchain technology.

Continue reading →

AI has been very much top of the agenda this week. We've had President Biden's executive order on AI, we've had the AI Safety Summit in the UK, we've even had Collins Dictionary choosing AI as its word of the year (not to be confused with the three-toed sloth beloved of Scrabble players).

Today we also have new research from SnapLogic looking at how generative AI is being used, viewed, and adopted within large enterprises.

Continue reading →

A new report from Dashlane finds that password health and hygiene have improved globally over the past year, reducing the risk of account takeover for consumers and businesses.

However, reuse is still widespread leaving user accounts particularly vulnerable to password-spraying attacks if they’re not protected by strong multi-factor authentication.

Continue reading →

A new survey of over 280 developers and technical decision makers finds two-thirds dealing with major flaws in homegrown authorization efficiency, security, and app performance. As a result, most organizations (83 percent) plan to invest more into policy as code as a solution.

In case you're unfamiliar with the concept, policy-as-code is an approach to policy management in which policies are defined, shared, updated and enforced using code rather than relying on manual processes.

Continue reading →

With the UK's national 'Stop Sell' having commenced in September this year and the Public Switched Telephone Network (PSTN) switch off due by December 2025, business owners need to have all the facts and critical information that they need to act fast and confidently to make the right decisions about their digital alternatives.

With the switch off deadline looming how can businesses in the UK ensure that they are prepared for these significant, but exciting changes to communications?

Continue reading →

We're all familiar with link shortening services, those handy tools that allow you to shrink URLs down to a manageable size to make them easier to share.

Of course in the past these have been used for nefarious purposes too, hiding the true nature of a link to get people to click on phishing or malware messages. Now though researchers at Infoblox have uncovered something even more sinister, the operation of a shady link shortening service made especially for cybercrime.

Continue reading →

The UK cybersecurity workforce gap has reached a record high, with 73,439 professionals needed to adequately safeguard digital assets, representing a 29.3 percent increase over 2022.

Research by security professionals organization ISC2 shows the UK cybersecurity workforce has reached 367,300 people, an 8.3 percent increase from 2022, representing more than 28,000 new jobs.

Continue reading →

A new report from HP Wolf Security reveals cybercriminal marketplaces offering low-level attackers the tools needed to bypass detection and infect users in the form of so-called 'meal kits'.

These are pre-packaged malware kits which give low-level attackers all the ingredients to evade detection tools, making it easier for them to breach organizations and steal sensitive data.

Continue reading →

A new survey of over 300 cybersecurity professionals from SlashNext looks at cybercriminal behavior and activity on the Dark Web particularly as it relates to leveraging Generative AI tools and chatbots and finds a startling 1,265 percent increase in malicious phishing emails since the launch of ChatGPT in November 2022.

It also shows a 967 percent increase in credential phishing in particular and that 68 percent of all phishing emails are text-based Business Email Compromise (BEC) attacks.

Continue reading →

Over the last two years, the average organization's cybersecurity program was prepared to preventively defend against, or block, just 57 percent of the cyberattacks it encountered. This means 43 percent of attacks launched are successful and need to be remediated after the fact.

This is among the findings of a new report from Tenable, based on a survey of over 800 IT and cybersecurity leaders carried out by Forrester Consulting.

Continue reading →

The shift to remote and hybrid working has led to many problems for IT teams, not least that it offers an expanded attack surface. Add in the threat from cybercriminals looking to capitalize on advanced AI capabilities to create malware and you have some major challenges.

We spoke to Doug Kersten, CISO of enterprise collaboration specialist Appfire, to discuss the key security challenges product and DevOps teams face today and how to overcome them.

Continue reading →

Nearly 87 percent of Android and 60 percent of iOS apps request access to device functions unrelated to their performance, according to new research by NordVPN.

Researchers analyzed the most popular mobile apps globally in 18 categories. They found that up to 14 percent of apps collect more unnecessary than necessary data for the apps' performance and only eight percent collect no unnecessary data. On average, every fifth requested permission was not actually needed for the app’s functionality.

Continue reading →

This week Malwarebytes has launched a new identity theft protection solution aimed at individuals, helping them secure their digital identities and defend against identity and online threats.

Called -- imagine how many meetings it must have taken! -- Identity Theft Protection, it includes real-time identity monitoring and alerts, robust credit protection and reporting and live agent-supported identity recovery and resolution services, all backed by up to a $2 million identity theft insurance policy.

Continue reading →

One of the effects of the pandemic and the shift to remote and hybrid working has been that organizations have become increasingly reliant on messaging tools like Teams and Slack.

But new research from CybSafe shows that 47 percent of workers have received no training in the use of these platforms and could be putting themselves and their employers at risk.

Continue reading →