A new poll of over 500 security decision makers and developers shows a disconnect and even some distrust between CISOs and developers relating to how security-conscious each department is within the organization and what their roles are.

The Harris Poll conducted for Chainguard finds a majority of both developers and CISOs view software supply chain security as a top priority in their roles (70 percent and 52 percent respectively).

Continue reading →

Given all the interest in AI at the moment it's no surprise that cybercriminals are keen to cash in with a rise in AI themed attacks.

One way of doing this is with a .ai domain name. An unexpected beneficiary of this is the British Overseas Territory of Anguilla which has .ai as its country code.

Continue reading →

A major new threat has made its presence felt in the last few months. Cybercriminals have expanded the use of screen spoofing or overlay attacks from web applications to trusted mobile apps.

What’s more, the availability of as-a-service technology has lowered the threshold for attacks. We spoke to Dr. Klaus Schenk, SVP security and threat research at Verimatrix, to learn more about how these attacks work and what can be done to guard against them.

Continue reading →

Downtime-producing incidents such as application outages and service degradation are putting organizations at risk of losing up to $499,999 per hour on average, so it's no surprise they're turning to AI to help their responses.

A new State of DevOps Automation and AI report from Transposit shows 84.5 percent of respondents either believe AI can significantly streamline their incident management processes and improve overall efficiency or are excited about the opportunities AI presents for automating certain aspects of incident management.

Continue reading →

The risks from shadow and unauthorized apps have been known for years, but new research from Armis finds employees of 67 percent of UK organizations are introducing risk to the business by downloading applications and software onto assets without the knowledge or management of IT or security teams.

In addition the study, carried out by Vanson Bourne, finds 39 percent of enterprises admit to feeling challenged by increasingly complicated regulations and governance requirements.

Continue reading →

A new report from access management platform Cerby highlights the critical need for best practices for businesses and political leaders to secure their accounts as the November 2024 US elections quickly approach.

Researchers analyzed social media platforms Facebook, Twitter (X), Instagram, TikTok, and YouTube across six key security parameters. The report provides detailed insights into gaps in their support for enterprise-grade authentication and authorization.

Continue reading →

Many people choose to browse the internet using a VPN because it offers a number of benefits including privacy and safety, and this is true whatever operating system you use.

With the launch of an all new app for Linux, Proton VPN is offering users of the open source OS greater functionality and a more intuitive interface. The Proton VPN Linux app natively supports Proton VPN's core security and privacy features.

Continue reading →

A new survey of 800 security and IT leaders from large organizations shows 76 percent of security and IT pros believe we are heading towards a cloud reckoning in terms of costs and security.

The study from Venafi finds that 84 percent believe Kubernetes will soon be the main platform used to develop all applications. But, three-quarters worry that the speed and complexity of Kubernetes and containers is creating new security blind spots.

Continue reading →

As businesses look to manage their cybersecurity risk, many have turned to insurance to cover the financial implications of a successful breach.

However, insurers naturally want to limit their own exposure to risk and the small print of the policy may limit some claims. In particular this can apply to IoT devices which represent a major unprotected attack surface in corporate networks.

Continue reading →

Passkeys are often touted as being the way to achieve a passwordless future. But as yet passkeys are supported by only a small number of websites. Passkeys are a safer, more efficient way of authenticating users, but it will be a long time before they become the norm -- if indeed they ever become the norm.

We talked to Darren Guccione, CEO and co-founder of Keeper Security, to discuss the use cases for passkeys, the barriers to mass adoption and how users can adopt and secure passkeys in conjunction with their passwords.

Continue reading →

Recent technology developments related to AI and the rise of quantum computing can put the integrity of digital agreements at risk, potentially leading to data loss, manipulation, identity or asset theft, and legal consequences for an organization.

For this reason OneSpan is launching a new Trust Vault feature for its e-signature solution that helps guarantee the integrity and long-term viability of documents using immutable storage based on blockchain technology.

Continue reading →

AI has been very much top of the agenda this week. We've had President Biden's executive order on AI, we've had the AI Safety Summit in the UK, we've even had Collins Dictionary choosing AI as its word of the year (not to be confused with the three-toed sloth beloved of Scrabble players).

Today we also have new research from SnapLogic looking at how generative AI is being used, viewed, and adopted within large enterprises.

Continue reading →

A new report from Dashlane finds that password health and hygiene have improved globally over the past year, reducing the risk of account takeover for consumers and businesses.

However, reuse is still widespread leaving user accounts particularly vulnerable to password-spraying attacks if they’re not protected by strong multi-factor authentication.

Continue reading →

A new survey of over 280 developers and technical decision makers finds two-thirds dealing with major flaws in homegrown authorization efficiency, security, and app performance. As a result, most organizations (83 percent) plan to invest more into policy as code as a solution.

In case you're unfamiliar with the concept, policy-as-code is an approach to policy management in which policies are defined, shared, updated and enforced using code rather than relying on manual processes.

Continue reading →

With the UK's national 'Stop Sell' having commenced in September this year and the Public Switched Telephone Network (PSTN) switch off due by December 2025, business owners need to have all the facts and critical information that they need to act fast and confidently to make the right decisions about their digital alternatives.

With the switch off deadline looming how can businesses in the UK ensure that they are prepared for these significant, but exciting changes to communications?

Continue reading →