BetaNews Staff

So far this century, one tech startup after another has reshaped the way that we live. Facebook transformed social interaction. Uber changed how we get around. Tinder changed how we date. While these companies have been highly forward-thinking, they have also persistently struggled to solve crucial challenges regarding background checks and user safety.

2019 brought many of these issues into the limelight. Here are four of the most surprising things we learned about startups and sexual offenses in 2019.

Continue reading →

There have been a lot of "media moves" in the mobile world recently, including the launch of Facebook News, Samsung’s "rebrand" of Bixby Home to Samsung Daily and more that demonstrate the battle for consumer attention on mobile devices is quickly heating up.

But Apple’s moves in both hardware, software, and media put them far ahead in making frictionless, seamless, and integrated media experiences. Apple’s hardware and software (already in the hands of millions) extends from the watch and the phone to the tablet and TV enabling cross-device media integrations (e.g., recommendations, control, etc.) that will transform the media landscape. Additionally, Apple already owns or has partnerships with streaming video, news publishers, game makers, and more, giving them the power, scale, and reach to dominate media.

Continue reading →

Many predictions that we saw around artificial intelligence (AI) for 2019 leaned towards one extreme or the other -- ranging from the notion that AI will no longer be a thing to the idea that it’ll realize its full potential and completely change how industries work at a fundamental level. Advancing AI is going to be an incremental process and it’s unrealistic to think that the world will suddenly abandon it completely or exponentially accelerate its development in that area.

But in the security industry, we have still seen progress surrounding AI, as we’ve gotten better at using machine learning technology to identify and recognize behaviors to identify security anomalies. In most cases, security technology can now correlate the anomalous behavior with threat intelligence and contextual data from other systems. It can also leverage automated investigative actions to provide an analyst with a strong picture of something being bad or not with minimal human intervention.

Continue reading →

Email is suffering an identity crisis. Email’s core protocols make no provisions for authenticating the identities of senders, which has resulted in a worldwide spearphishing and impersonation epidemic, leading to billions of dollars in monetary losses, security mitigation costs, and brand damage. As a result, email security will be a central theme in the new year, both as a source of threats as well as an increasingly urgent issue for cybersecurity professionals to address.

In 2020, we will see email security prove itself to be a weak link in election security as well as corporate security. At the same time, Domain-based Message Authentication, Reporting and Conformance (DMARC) will gain popularity across several industries, driven both by the need to eliminate domain spoofing, and by the desire for brands to take advantage of Brand Indicators for Message Identification (BIMI), a new standard that requires DMARC. Email authentication works -- but it’s up to domain owners to take advantage of it. Increasingly they will do so, as they realize that a failure to proactively defend their domains can leave them vulnerable to convincing exploits from cybercriminals.

Continue reading →

As we enter the new year, the criticality of securing sensitive data will continue to mold and transform the structure of security strategies across enterprises, resulting in a heightened focus on access control and data-centric investments. With numerous data privacy regulations on the horizon, the cost of data breaches will be more catastrophic for businesses. In 2020, enterprises must invest in proactive strategies that combat the dynamic threats targeting an organization’s most sensitive data.

Enterprises can expect the trend of increased data breaches in ERP (Enterprise resource planning) systems to continue to rise in 2020

Continue reading →

Not too long ago, information security was a human scale issue. Because the number of assets to compromise was contained, and because there were only a few attack vectors in the adversarial arsenal, enterprises were able to train security analysts to identify and mitigate threats and vulnerabilities.

Managed endpoints, internal applications, routers, switches, DNS servers and domain controllers compromised the majority of an enterprise’s network presence. In today’s world, mobile devices, cloud applications, IoT, and third party connections to vendors have dramatically grown the enterprise digital footprint. Additionally, adversaries were not nearly as sophisticated as they are today, leveraging only a small fraction of modern day attack vectors. Today’s threat actors have a much larger arsenal of attack vectors to use, including newly discovered vulnerabilities, misconfigured cloud services, and more services and applications exposed to the internet.

Continue reading →

Advanced persistent threats (APTs) have become aggressive in their attempts to breach organizations’ networks. These malicious actors look to gain unauthorized access to infrastructures for prolonged periods of time so that they can perform various acts including mining and stealing sensitive data. Their ability to evade conventional security measures have allowed them to cause costly data breaches against many businesses.

Hackers have even found ways to intensify their malicious activities. According to an Accenture report, threat actors and groups have now teamed up to conduct targeted intrusions and spread malware. Among them are financially motivated groups such as the Cobalt Group and Contract Crew. These increasing cyberattack threats have prompted companies to toughen up their security. Gartner estimates that security spending will grow to $170.4 billion in 2022.

Continue reading →

Multi-cloud environments have been a hot topic for the last year. Already, businesses have been realizing the benefits of a vendor-agnostic approach, which not only minimizes costs but gives them the freedom to innovate. However, there are a couple of aspects of operations which will be key in ensuring multi-cloud remains viable for enterprises in the long-term.

Despite the freedom which comes with a vendor neutral ecosystem, orchestrators haven’t yet overcome the headache associated with migrating workloads between these different cloud infrastructures. The past year saw major cloud players like IBM making acquisitions to address this, but as yet, they haven’t found a successful solution. Over the next year, this will be a priority for enterprises looking to remove the bottlenecks in their CI/CD pipeline. Organizations will invest in services which can help them harness a multi-cloud ecosystem, by supporting fast deployment, scalability, integration and operational tasks across public and private clouds.

Continue reading →

A night on the town brings a feeling like no other. Letting your hair down, dancing with old friends and making new friends as you dance the night away. From alternative and underground to the VIP and luxury, there was something for everyone.

But it seems something has changed. In 2018, The Guardian reported that the value of the UK’s nightclub scene had dropped by an estimated £200m in the past five years. People are swapping gin for gyms and martinis for mini golf. So, is the nightclub industry on its way out? With some adapting, evolving and a heavy helping of tech, it’s possible that we’re seeing nightclubs claw back their popularity. Gone are the days of cheap pints and sticky floors. Nowadays people want uniqueness, something that’s worthy of uploading to Instagram, and something entirely experiential.

Continue reading →

Open source software’s hold on the IT sector has deepened in the last five years. An estimated 96 percent of applications use open source components, and big players like Microsoft, IBM and even the U.S. government now embrace open source projects for their software needs. But while open source has transformed organizations’ ability to use proven and maintained code in the development of new software, it’s not untouchable in terms of security. Using code that’s readable by anyone brings risks -- and issues have occurred in the past.

It’s true that open source makes security efforts more transparent since it’s happening out in the open. If there are flaws in the code, they’re often resolved quickly by committed members of the open source community. Additionally, many open source projects have security scans built into their build processes, so contributions that introduce vulnerabilities directly or through dependencies are few and far between. But leaving the code in the open also allows bad actors to write attacks specific to unpatched vulnerabilities or to unrealized vulnerabilities in libraries that products actively depend on. As a result, teams using open source need to take steps to remain secure.

Continue reading →

Predicting everything that will happen in 2020 is an impossible task, however, the foundation has been laid for two security events to occur. First, all signs point towards the enactment of a federal data privacy law. The fact that the California Consumer Privacy Act (CCPA) is slated to be enacted on January 1, 2020; shows that the US is starting to take a more steadfast approach to consumer privacy. However, if every state were to enact their own laws, then organizations that operate within the US would have to navigate through 50 different mandates. One unified, federal regulation would make it far more seamless for businesses to continue operations, all while remaining compliant.

Second, it is likely that we will see foreign meddling occur in the 2020 US presidential election. This occurred in 2016, and there have already been reports of foreign entities attempting to interfere with US government agencies. In fact, the state of Ohio recently thwarted an attack from a Russian-backed organization on its voting systems. Let’s dive more into these predictions below.

Continue reading →

Some phishing emails are easy to spot: the spelling is bad, the spoofed email is clearly a fake, and the images are too warped to have possibly been sent by a reputable brand. If you receive one of these low-quality phishing emails, you’re lucky. Today’s phishing emails are extremely sophisticated, and if you’re not well trained to spot one, you probably won’t.

Email filters have long relied on fingerprint and reputation-based threat detection to block phishing emails. A fingerprint is essentially all the evidence a phisher leaves behind -- a signature that, once identified, will be recognized on future phishing attempts and the phishing email or webpage blocked. Examples of a fingerprint include the header, subject line, and HTML.

Continue reading →

Every year, threat actors will continue to evolve their current tactics, techniques, and procedures (TTPs) that they use in order to exfiltrate customer, company and partner data, interrupt business operations, implant ransomware, and more. In fact, cybercrime damage costs are predicted to hit $6 trillion annually by 2021, according to research from Cybersecurity Ventures. In 2020, as cybercriminals refine their methods, we will continue to see a plethora of breaches occur due to a common vulnerability: misconfigurations.

Despite organizations running an average of 40 percent of their workloads in the public cloud, most companies fail to be able to accurately identify the risk of misconfiguration in public cloud as higher than the risk in traditional IT environments. In the new year we will also see a greater focus placed on identity in cloud security -- a challenge that’s easier said than done, since approaches that worked in traditional data center environments do not translate to the cloud.

Continue reading →

With Brexit looming large, the only thing that is certain is the uncertainty of Brexit’s impact. A no-deal Brexit conjures visions of trucks and ships backed up at border crossings and ports of entry, slowing commerce to a snail’s pace. But the real business impact of a no-deal Brexit is in the free flow of data between the EU and the U.K., and many small and mid-sized businesses are likely unprepared. It is estimated that 80 percent of Britain’s economy is founded on services, not goods. Between 2005 and 2015, the volume of data entering and leaving the U.K. increased 28 times, and 75 percent of this data was exchanged with EU countries.

In a no-deal Brexit, the U.K. will become a "third country," no longer part of the General Data Protection Regulation (GDPR). Consequently, according to the U.K.’s Information Commissioner’s Office, data from EU countries will likely no longer be able to flow freely into the U.K. without a contract in place between the sender and U.K.-based SMBs that meets EU-approved terms. For those unprepared, the fallout from this could be disastrous. U.K. businesses that manage or store large volumes of data within the EU, such as those in the financial or tech industries, may look to relocate their operations to minimize the risks and impacts for their business. In moving their operations, businesses will need to transfer large volumes of data.

Continue reading →

How big is the Internet of Things (IoT) market? According to a Gartner report, by 2020 connected devices across all technologies will reach 20.6B. The early adopters of this technology can be found in agriculture, utilities, and cities, but the applications are seemingly endless and extend into homes and even wearable devices. In a similar manner that the Internet has changed our lives, so too will its extension into many "things" that connect and extract pertinent data to improve our personal and professional existence.

Interjecting smarts into muted devices will require new methods of connectivity.

Continue reading →