BetaNews Staff

Interconnected digital technology advances at a rapid pace, and so do the tactics and strategies employed by malicious individuals, criminal groups, and even nation-states. The World Economic Forum predicts global cybercrime will reach $10.5 trillion by 2025, forcing businesses and governments to look for next-generation solutions against emerging digital threats.

Unfortunately, deliberate criminal activity is only part of the challenge in this data-driven era. Costly leaks of sensitive data might happen due to simple human errors -- in September, Microsoft’s data was leaked two times, not only disclosing the company’s plans for the next-gen Xbox but also exposing private employee data. As we already know, at least one of these events happened due to an accidentally misconfigured URL link.

Continue reading →

In an era driven by digital transformation, cloud computing has emerged as a game-changer for businesses of all sizes. However, as cloud adoption continues to soar, so does the need to manage cloud costs effectively. Balancing cost reduction with maintaining and increasing resiliency has become a top priority for businesses seeking to maximize the benefits of the cloud.

The need to optimize is evident, but achieving this goal can be complicated. Without appropriate cost containment and governance strategies, organizations risk falling into a continuous climb spend pattern. Often, businesses address cost optimization as a sporadic, reactive exercise -- like making annual bulk purchases of reserved instances. To break free from this cycle and achieve sustained cost efficiency, a shift towards a collaborative, ongoing and iterative approach to cost optimization and management is a key priority.

Continue reading →

Cybersecurity Awareness Month does precisely what its name suggests. It serves as a reminder of the sector's importance for businesses and consumers across the globe.  

As we look back on yet another year where threats have continued to evolve, and the task at hand seems greater than ever -- it's important to take cognizance of the cyber-dangers out there and recognize our roles in the fight against 'hackers'. 

Continue reading →

The enormous wave of public interest in AI is undoubtedly caused by how the results of machine learning were turned into a product bundle in the form of ChatGPT. A layman might come to the conclusion that artificial intelligence came out of the blue in 2022. Its success, however, lies in astronomically high investments in infrastructure and countless hours of human and machine labor at OpenAI. How can you make use of the currently available models in your company?

The more technical crowds have been talking about AI since the fifties, but it was first a mathematical concept -- this is where we get the famous Turing test from. Thanks to brilliant scientific work, research investments, and mass adoption of computer technology in the nineties, we are now experiencing what authors in the past used to write sci-fi novels about. One could think that AI is just a software achievement. However, advancements in miniaturization, increases in computing power, and reductions in the costs of obtaining hardware play a big role too. What would’ve cost hundreds of billions of dollars back in the day now sets you back "just" a couple of millions.

Continue reading →

While AI is taking the workplace by storm, this technology -- especially the AI-enabled smart and automated platform tools -- will not replace the role of employees in the workplace. Instead, AI will become more integrated into everyday workflows as a way to help employees do their jobs more effectively.

For example, generative AI is emerging as a tool that can help with content creation, such as sales pitches, email newsletters and, memos. In applications like this, the technology is already helping to provide users with a better day-to-day and overall experience, which positively contributes to adoption. This in turn has a direct impact on technology investment ROI at scale. 

Continue reading →

It’s the 20th anniversary of Cybersecurity Awareness Month, and it’s safe to say a lot has changed in the cybersecurity industry since then. For example, just over the last year, we have seen the meteoric rise of generative AI and the huge impact it is already having on the cybersecurity industry.

Aaron Kiemele, CISO at Jamf, argues that now with the rise of generative AI, the threat posed by techniques such as phishing has completely changed: "With the advancements in large language models for machine learning, such as ChatGPT, cybercriminals are leveraging AI to automate attacks, analyze vast amounts of data, and craft more effective phishing emails or malware to achieve their nefarious ends. We can no longer rely on bad spelling or sketchy formatting."

Continue reading →

Imagine if you were attacked and you didn’t know the identity of the assailant. Not knowing who they were, what their motivations are, or their attack track record would leave you feeling helpless.

There is a disturbing new trend in ransomware attacks: anonymity. In the "halcyon" days of early attacks, the group attacking the victim would always say who they were. Now though, we are seeing a spike in attacks where the offending group is concealing their identity, and finding out who they are is a complicated process. If you’re lucky enough to have a wealth of dark web and other data to examine, threat actors are human, which means they usually make a mistake that reveals them.

Continue reading →

Facing an onslaught of cyber-attacks originating from social engineering is now par for the course for many security professionals. However, a growing but often overlooked issue is how this technique is being manipulated to help gain entry to physical offices and workplaces to perpetrate cybercrime.

Very similar to social engineering in the digital world, cybercriminals are relying on human vulnerabilities to trick individuals into allowing them entry to premises.  Referred to as physical social engineering (PSE), this form of deception exploits typical behaviors and emotions with the goal of obtaining security credentials to give attackers access to confidential data and sensitive information held on computer systems.

Continue reading →

With the increasing reliance on APIs, detecting suspicious API traffic has become crucial to ensure the security and integrity of these interactions. Suspicious API traffic poses a huge threat to the overall system and its data, the traffic can indicate malicious intent such as unauthorized access attempts, data breaches, or even potential attacks targeting vulnerabilities in the API infrastructure.

API traffic refers to the data and requests that are transmitted between different applications or systems using APIs. This allows software programs to communicate and exchange information, enabling seamless integration and interaction between various platforms. API traffic also involves the transfer of data, such as requests for data retrieval or updates, between the client application and the server hosting the API. 

Continue reading →

Generative AI and large language models (LLMs) like ChatGPT are a scorching hot topic right now, and for good reason. A recent MIT study shows that LLMs can improve worker productivity by 50 percent in white-collar settings. Consequently, more than half of C-suite members globally (56 percent) feel pressured to adopt comprehensive GenAI tools during the next year -- yet two in three fear the consequences of rapid GenAI adoption, particularly as it applies to disinformation and data governance.

Leaders are overwhelmed by the prospective benefits -- and consequences -- of adopting GenAI. They may be surprised to learn that a managed service provider (MSP) can assuage their worries and prepare their organization for this newest iteration of digital transformation.

Continue reading →

The modern workforce is more distributed and dependent on devices than ever before. In this hybrid work environment, digital employee experiences are siloed. IT teams are on the hook to ensure end-user productivity despite strained financial resources and the IT talent war.

Despite their technical expertise, IT service teams are limited in their ability to be in multiple locations at once. Distributed workforces further cause significant blind spots and open up businesses to vulnerabilities hiding in the dark estate. That’s where hidden issues live, yet IT teams can’t see them. The potential for unknown risks is nothing new in IT. So why should businesses care about the dark estate, especially now when IT departments are already burdened by lengthy lists of service requests, putting out fires, and keeping up with security challenges?

Continue reading →

In the ever-evolving realm of the cloud, dwell times are now measured in moments, not days. Whereas Mandiant’s 2023 M-Trends report highlighted a global median dwell time of 16 days for on-premises environments, the Sysdig Threat Research Team (TRT) recently reported in their 2023 Global Cloud Threat Report that cloud dwell time is five minutes.

To better understand the stark difference between defenders' abilities to find attackers in the cloud and on-premises, I sat down with the Sysdig TRT to discuss their findings. They circled around four distinct, but closely related reasons.

Continue reading →

Despite considerable efforts by business leaders to protect their digital assets, in today’s cybersecurity landscape, a security breach is all but inevitable. According to reports, threat actors have already compromised hundreds of millions of records in 2023, and IBM says 83 percent of businesses had more than one breach in 2022. Companies must prepare themselves to respond and seamlessly recover post-attack in this climate and starting at the endpoint could help bolster their cyber resilience.

Endpoint management plays a pivotal role in supporting a robust cyber resilience strategy. By maintaining an up-to-date inventory of all devices connected to your network, endpoint management allows for the rapid identification and isolation of potentially compromised systems, preventing the spread of security incidents and minimizing their impact.

An endpoint management approach to cyber resilience is also supported by principles found in the MITRE Corporation’s Cyber Resiliency Engineering Framework (CREF) Navigator. Their cyber resilience framework focuses on sharing an understanding of what it takes to maintain and inform preparedness and is guided by four pillars. These include:

Continue reading →

Amidst a challenging economic climate many businesses are unsurprisingly reviewing their spending, with research from the Institute of Directors finding most businesses are unlikely to increase investment over the next 12 months.

One area currently bucking this trend is the cloud. Research shows almost half of tech and business leaders are increasing investment in cloud-based products and services, and a third of them plan to migrate their legacy enterprise software and on-premises workloads to the cloud.

Continue reading →

When CISOs think about cybersecurity for their companies, there are certain expectations. Password protection, firewalls, and continuously training employees on the latest phishing scams, to name a few. And to be sure, cyber risks like these are as relevant as ever. The persisting problem is, cybersecurity is like any defense contest: the burden (and therefore the disadvantage) is on the defender. You have to win every time, whereas an attacker only has to win once to cause major damage.

Frustratingly, cyber criminals have shown time and time again that they are actually quite gifted at creative approaches, thinking outside the box, and combining advanced tech with old school techniques. For instance, a suspicious-looking form letter email is easy to spot and delete. However, by purchasing even a small amount of personal data from the dark web, a smart criminal can craft a phishing email with just enough familiarity so that its target will most likely open it without hesitation. With enough patience and photoshopping, a malicious actor can send customers a message from their favorite store that leads them to a spoofed website solely created to steal their credit card information. Increasingly today, these attacks targeting customers are more prevalent.

Continue reading →