BetaNews Staff

It's been another profitable year for the cybercriminal underworld. Once again, headlines have been regularly dominated by serious breaches such as the Royal Mail and Capita, whilst behind the scenes, criminal gangs have raked in huge profits.

The shadow economy of the dark web has continued to thrive and develop as a mirror of the legitimate business world. Threat actors are increasingly well-organized, from highly developed ransomware-as-a-service (RaaS) offerings to extremely lucrative vulnerability trading. Here, we'll delve into the most prominent trends driving the bustling dark web economy -- and how organizations can defend themselves against such threats.

Continue reading →

It is very nearly Halloween and we are preparing ourselves to encounter a host of terrifying creatures and monsters, all who are patiently waiting to make their appearances this year. However, while those beings are terrifying in their own right, it's the monsters lurking in the  shadows of the digital world that seem to strike more fear.

Malicious actors and menacing threats feel ever present in the news. As the adoption of cloud and on-demand computing services increases, malicious actors are waiting to make their move when enterprises lose control of their data security. Enterprises and their leaders are kept awake wondering where their data is, who has access to it, how it is being used and whether it’s safe. This piece will explore how to mitigate some of the most scary monsters that are haunting organizations the holiday season and beyond.

Continue reading →

"Are we secure?" For most security leaders, this is one of the most daunting questions they can be asked. While it may seem like a basic inquiry for those in leadership positions, for those on the ‘cybersecurity front line’, thinking in these terms is far too vague and oversimplifies a complex and ever-evolving threat landscape.

Instead, management and IT teams need to shift their thinking to a far more appropriate measure of security:  "Are we adversary aligned?" But what does adversary alignment really mean?

Continue reading →

Digital transformation is becoming integral to procurement success. In fact, 77 percent of companies have adopted peer-to-peer (P2P) and source-to-contract (S2C) systems. However, acknowledging the importance of digital transformation and taking full advantage of its benefits are two very different things.

Yes, procurement technologies can provide organizations with a competitive advantage and improve operational efficiency, but these benefits are only possible when there is a trusted supplier data foundation. Even as leaders look to digital technologies to accelerate their procurement processes, they run into a consistent and demoralizing roadblock: low-quality supplier data. Whether it’s inaccurate, piecemeal or missing, bad supplier data can lead to extensive time spent on manual outreach, a reliance on supplier portals and conflicting data sources -- ultimately hindering the progress of digital transformation.

Continue reading →

It’s almost impossible to escape the hype around artificial intelligence (AI) and generative AI. The application of these tools is powerful. Text-based tools such as OpenAI’s ChatGPT and Google’s Bard can help people land jobs, significantly cut down the amount of time it takes to build apps and websites, and add much-needed context by analyzing large amounts of threat data. As with most transformative technologies, there are also risks to consider, especially when it comes to cybersecurity.

AI-powered tools have the potential to help organizations overcome the cybersecurity skills gap. This same technology that is helping companies transform their businesses is also a powerful weapon in the hands of cybercriminals. In a practice, that’s sometimes referred to as offensive AI, where cybercriminals use AI to automate scripts that exploit vulnerabilities in an organization’s security system or make social engineering attacks more convincing. There’s no doubt that it represents a growing threat to the cybersecurity landscape that security teams must prepare for.

Continue reading →

The news last month of yet another cyberattack on MGM Resorts, initiating a system shutdown and disrupting its operations, is yet another in a very long list of attacks that we have witnessed in the past couple of years.  Having the right preventive and defensive cybersecurity measures in place for such attacks is a given, and it is what most organizations focus on. But it is also about understanding how the organization will recover from an incident and how they can limit the extent of an attack. 

Today, being impacted by a cyberattack is almost inevitable. The global average cost of a data breach in 2023 was $4.45 million, a 15 percent increase over 3 years, according to IBM. Therefore, companies also need to think about how they can proactively recover, how quickly they can recover, and the cost of recovery to the business.

Continue reading →

Recent advancements in GPU (Graphics Processing Unit) technology, accompanied by new innovative use cases and increased user expectations have produced a profound impact on the industry. Together, they have driven the proliferation of new application architectures, fueling growth in artificial intelligence (AI), machine learning, and visual computing.

In this era of relentless innovation, the key to staying competitive lies in quickly meeting user expectations through cloud delivery. Its multiple advantages -- on-demand consumption, scalability, global availability, a safeguard against supply chain disruptions, and financial perks -- shape a compelling strategy for deploying GPU technology via the cloud.

Continue reading →

According to Dell’Oro Group, there are more than 30 SASE vendors. That number is likely to go up consistently for the foreseeable future. Despite this growth, not all these providers are delivering the same basic foundational elements to customers. At best, these providers don’t realize that they’re not offering a true SASE solution, and at worst, they’re falsely advertising SASE capabilities to expand their customer bases.

For example, would a company that strictly sells bread say that they offer cakes? While bread and cakes do share some of the same ingredients and both end products require a baking process, it would be disingenuous for the bread company to say that it sells cakes. This is the issue we’re currently battling against in the quickly evolving SASE space.

Continue reading →

Cybercriminals frequently target the legal sector due to its extensive holdings of highly confidential, commercially sensitive, and often personal information. As a sector built on trust and reputation, this growing threat continues to disrupt and create havoc in business operations, underscoring the necessity for a deeper understanding of cyber threats and stronger cyber security measures within the legal industry.

A recent report from the National Cyber Security Centre (NCSC), published in early 2023, revealed that the UK has over 32,900 legal enterprises, encompassing barristers, solicitors, and other legal service providers. With an estimated total revenue of £43.9 billion and more than 320,000 people employed in the legal sector, it represents a large and lucrative target for cybercriminals.

Continue reading →

Today, Global Encryption Day 2023, marks the perfect opportunity to reflect on what has been a highly challenging year for the technology.

Encryption acts as a fundamental safeguard of data privacy, securing data both during transmission and while at rest. It often serves as a primary defense against hackers and is indispensable in preventing unauthorized access to sensitive information. With the risk of reputational damage and massive fines for those who are breached, it is essential for any organizations looking to ensure regulatory compliance.  

Continue reading →

The proliferation of fintech platforms has prompted consumers to demand more from their banks. Historically, legacy industry resistance to securely sharing customer data with third parties has deprived banks of opportunities to engage customers and foster longer-term retention more deeply. Many incumbent banks felt an open banking structure threatened their business models. However, as banks shift their mindset and embrace open banking, it’s evident that the 'mainstreaming' of an open banking infrastructure benefits both banks and consumers through a larger marketplace of product options.

Consumers can use open banking by consenting to share their data with other providers securely and receive a more comprehensive range of product offerings and more personalized and efficient services -- all in one place.

Continue reading →

In this new era of generative artificial intelligence, one of the biggest security risks involves business email compromise attacks. Countless malicious phishing emails are already being cloned, refined, and delivered by smart AI bots around the world.

A business email compromise (BEC) is a sophisticated cybercrime that uses emails to trick the receiver into giving up funds, credentials, or proprietary information through social engineering and computer intrusion techniques. Many BEC attacks combine multi-channel elements to make the frauds seem more convincing, such as incorporating fake text messages, web links, or call center numbers into the mix with email payloads. For example, the attackers might spoof a legitimate business phone number to confirm fraudulent banking details with a victim.

Continue reading →

The cybersecurity landscape is experiencing an unprecedented surge in vulnerabilities. In 2022 alone, a staggering 25,096 new vulnerabilities were added to the National Vulnerability Database (NVD). This number represents the highest count of vulnerabilities ever recorded within a single year and reflects a 25 percent increase compared to the 20,196 new vulnerabilities reported in 2021.

This escalating trend indicates that cybersecurity threats are not only on the rise but are also accelerating at an alarming pace. The reasons behind this surge in vulnerabilities are multifaceted, stemming from factors such as the increasing complexity of software and technology systems, the rapid pace of digital transformation, and the growing sophistication of cyber attackers.

Continue reading →

One of the core principles of DevOps is to build a supportive culture, one based on collaboration and empathy. This is often overlooked in the rush to build, deploy and continuously run applications.

Empathic, collaborative environments equip DevOps teams to better understand the unique challenges they face as individuals, enhancing their ability to resolve issues together in a way that promotes a culture of blamelessness. This can help pave the route to a greater sense of psychological safety (the belief that you’re safe to take interpersonal risks, such as sharing ideas or soliciting feedback).

Continue reading →

IT security breaches are becoming more frequent and costly. According to IBM Security’s Cost of a Data Breach Report 2023 UK organizations shell out an average of £3.4m for data breach incidents. There isn't a CISO around that doesn't wish they had that kind of budget to spend on IT security. The tools to help security teams do their job more effectively are out there, but getting them approved in the annual budget is not guaranteed and investment can sometimes be too late.

So what can UK IT leaders do to make sure they continue to improve their IT security without blowing their budget? Here are eight ways to bolster cybersecurity resources: 

Continue reading →