Ian Barker

The cybersecurity landscape is more complex than ever and that means enterprises need to have a real-time picture of their exposure.

We spoke to Nadir Izrael, CTO and co-founder of Armis, to learn what this should look like and how security teams can evaluate and evolve their security programs to achieve more control over their asset landscape.

Continue reading →

Thanksgiving, Black Friday, Cyber Monday, and Christmas bring millions of shoppers online with attractive discounts and limited time offers, but of course they also create ideal conditions for cybercriminals to exploit unwary bargain hunters.

A new report from Fortinet's FortiGuard Labs looks at the evolving threat surface of eCommerce, highlighting how cybercriminals are leveraging Remote Code Execution (RCE) exploits, Man-in-the-Middle (MITM) phishing kits, sniffers, and website cloning services to manipulate online transactions and gain access to steal sensitive data.

Continue reading →

Smaller businesses lack the tech resources of larger ones so it's common practice that they not only allow employees to use their personal mobile phones to complete work tasks but in many cases actively expect them to.

Research carried out by OnePoll for SME security solutions company CyberSmart finds that 60 percent of organizations expect their employees to use mobile devices to carry out work tasks despite not providing all of them with work phones.

Continue reading →

As we approach the peak holiday shopping season a new survey of nearly 400 IT security decision-makers and retail customers from identity specialist HYPR shows that 58 percent of retail organizations experienced at least one authentication-related breach and 65 percent were victims of identity fraud over the last 12 months.

Retailers have suffered losses of up to $6.27 million in the last year alone due to insecure authentication methods. By contrast financial institutions reported only $4.57 million lost during the same period.

Continue reading →

With more and more businesses keen to benefit from the possibilities that AI offers it seems like everyone is jumping on the bandwagon. But this raises a number of implementation and management challenges, especially now as enterprise AI workloads begin to scale.

We spoke to Tzvika Zaiffer, solutions director at Spot by NetApp, to discuss how these challenges can be addressed and the best practices that are emerging to ensure that implementations go smoothly.

Continue reading →

Nearly half of businesses admit they are only partially confident in their ability to detect deepfakes, leaving them vulnerable to escalating fraud risks according to a new report.

The report from identity solutions company Regula shows 59 percent of businesses consider video deepfakes a serious threat, while 58 percent feel the same about audio deepfakes.

Continue reading →

The rise of hybrid and remote working has put added emphasis on the need for mobile device management (MDM).

We spoke to Weldon Dodd, SVP of global solutions at cloud-based automation and device management specialist Kandji, to find out more about Apple's approach to MDM and the broader lessons businesses can apply from this in order to solve complex IT challenges.

Continue reading →

New data from Abnormal Security shows that between September 2023 and September 2024, phishing, business email compromise, and vendor email compromise attacks on manufacturers increased significantly.

The number of monthly attacks phishing attacks has grown nearly 83 percent between September 2023 and September 2024. Business email compromise attacks are up 56 percent too.

Continue reading →

A new report from cyber insurance provider Cowbell shows that supply chain attacks have increased by an astounding 431 percent since 2021.

It also shows that large enterprises (those with greater than $50 million revenue) are 2.5 times more likely to encounter cyber incidents. Manufacturing is the most vulnerable sector, driven by its reliance on automation and exposure to intellectual property threats.

Continue reading →

Not familiar with 'fuzzing'? It's a software testing technique that involves feeding invalid, unexpected, or random data into a program to detect coding errors and security vulnerabilities.

Back in August 2023, Google introduced AI-Powered Fuzzing, using large language models (LLM) to improve fuzzing coverage to find more vulnerabilities automatically -- before malicious attackers could exploit them.

Continue reading →

The rise of remote and hybrid work has increased the risk of PCs being compromised by attackers with brief physical access, underscoring the need for protection and visibility into the integrity of devices throughout their lifetimes.

To combat this, HP is launching a new HP Enterprise Security Edition, a unique suite of capabilities designed to enhance the physical security of PC endpoints.

Continue reading →

We've probably all shouted at an advert on TV or muttered darkly at one that pops up when surfing the web, but how would you feel about ads you can actually converse with?

Communications company GMS has developed Generative Response Ads, a technology that enables consumers to engage in real-time conversations directly within ad spaces using AI.

Continue reading →

A new survey, from infrastructure management provider Pulumi, reveals that 58 percent of organizations feel their cloud security is inadequate, underscoring the critical need for enhanced security measures in cloud environments.

This echoes research from other sources which show a 75 percent increase in cloud intrusions from 2022 to 2023, and 44 percent of organizations having faced a cloud data breach -- 14 percent reporting one in the past year.

Continue reading →

Cyberattackers are targeting holidays and weekends to cause maximum disruption, yet many businesses remain underprepared outside of standard working hours.

A new report from Semperis, based on a survey of almost 1,000 cybersecurity professionals, shows that 86 percent of surveyed organizations in the US, UK, France and Germany that were attacked were targeted during a holiday or weekend.

Continue reading →

You may have heard of RISC-V -- usually pronounced 'risk-five' -- it's an instruction set architecture originally designed to support computer architecture research and education but which has evolved to become a standard open architecture for industry.

We spoke to Calista Redmond, CEO of standards body RISC-V International to find out more about the latest developments.

Continue reading →