BetaNews Staff

In 2023, Chief Information Security Officer (CISO) continues to be an important role with a broad reach for securing every aspect of a business, their people and systems. The security team reporting to the CISO is responsible for protecting thousands of IT devices and systems dispersed across broad geographic areas from attackers who also may be anywhere on the planet. Additionally, modern infrastructures are dependent on sophisticated security technologies to monitor traffic and distinguish between normal, everyday activities and potentially malicious activity due to the ongoing threat of attacks.

The security information and event management (SIEM) tool is one of the security team’s most crucial. With a large market of SIEM vendors, the type of SIEM that CISOs decide to deploy is highly flexible and must be aligned to the business that the CISO protects. It’s important for CISOs to fully evaluate the business and their unique goals to develop the criteria they need in a SIEM.

Continue reading →

A wave of credential stuffing, with no attempt to use the accounts. A pause. The accounts are accessed but not leveraged. A pause. Then, a flood of transaction fraud, using either the taken-over accounts or new ones set up with similar personal information.

The catch: The stages of this process may occur days or weeks apart. And they may not all take place on the same websites. What’s happening, and how does bot detection and analysis help clarify and prevent fraud? 

Continue reading →

IT is experiencing a skills gap crisis. According to McKinsey, nearly 90 percent of companies are already experiencing one or will within the next few years.

The previous generation of IT workers has or is aging out of the workforce, taking their expertise with them. As all of their historical knowledge leaves the workforce, demand for talent -- particularly in areas like DevOps, automation, cloud, and cybersecurity -- is heightened. However, the number of tech jobs available continues to outpace the number of hires. One study found nearly 90 percent of leaders feel unprepared to fill that gap.  

Continue reading →

IT operations (ITOps) teams are finding it increasingly difficult to keep up with the complexity of their technology environments as they continue to grow. Today, the average large enterprise’s tech stack comprises of no less than 187 different applications. As organizations have become more reliant on these applications to support customer experiences and keep revenue flowing, ITOps teams face growing pressure to keep them running smoothly. They need to respond instantly to possible security incidents or service outages before they impact the business, support internal users effectively, and -- where time permits -- support development teams in their efforts to deliver innovation projects. Given the sheer breadth of responsibilities ITOps teams face, it’s no surprise that burnout has become commonplace.

To overcome these challenges and alleviate some of the pressure on ITOps teams, organizations are turning to artificial intelligence (AI) and automation. These capabilities can help by reducing manual workloads and increasing operational efficiency, which in turn boost job satisfaction and often leads to better customer experiences. Organizations have turned to many approaches and tools to drive this automation over the years, but in recent weeks it is ChatGPT, a sophisticated large language model, which has been capturing their attention. Cutting through all the hype, it’s possible to identify clear, practical upsides for businesses that implement ChatGPT in their IT operations.

Continue reading →

Businesses of all sizes have had to accelerate digitization across the entire business in recent years, as the adoption of hybrid working practices forces them to make changes to ensure operational continuity. By digitizing processes and embracing the cloud, businesses have delivered faster, more flexible, and more resilient services for employees and customers.

The rate of cloud adoption shows no signs of relenting. Gartner forecasts worldwide public cloud end-user spending to reach nearly $600 billion in 2023. This growth presents a multitude of opportunities, but the compounded cyber risk that comes with a widening digital footprint presents IT and security teams with an immense challenge.

Continue reading →

Modern IT environments continue to become more and more distributed, driving the growth of endpoints across the enterprise. Some research estimates that enterprises now manage more than 135,000 endpoints and Enterprise Strategy Group estimates that more than 70 percent of employees use more than four devices daily for work. That’s a lot of endpoints. And when you combine this endpoint growth with the fact that 560,000 new pieces of malware are detected every day, how can you not wonder if your organizations is the next target for a ransomware or phishing attack.

Security pros are overwhelmed by endpoints and struggle to find the right mix of solutions and strategies that can effectively secure their organizations. The more diverse they are, the more difficult they are to manage and secure (especially with mobile and IoT device proliferation). Just look at recent attacks against Twitter, Slack, Taco Bell, and more. For many organizations, endpoint security is really hard. This is why their security teams need to constantly assess and adjust their endpoint security strategies.

Continue reading →

The introduction of advanced technologies has opened a world of possibilities for global corporate growth. The problem is that IT department budgets continue to be constrained, limiting the scope of technology investments at large.

This means that business leaders need to innovate to be prepared for changing business conditions. Advancing their digital transformation roadmaps should take priority as this will likely provide the greatest return on IT investment since the technology choices they make today will have a major impact on future success.

Continue reading →

Like any new innovation, the metaverse is currently at the center of a 'risk versus reward' debate. Unsurprisingly, the 3D virtual world has received a lot of attention, with McKinsey confirming that more than $120 billion was invested in building out metaverse technology and infrastructure in the first five months of 2022.

Promises of extraordinary use cases, from teaching virtualized university lectures to performing surgeries for patients in other countries -- not to mention the potential cost saving and accessibility benefits -- have garnered curiosity. But while it could be some time until we see mass adoption of the metaverse, the security community is already apprehensive of the evolving security risks.

Continue reading →

With the rise in cyberattacks on the healthcare sector, boosting cyber resilience has become critical.

The UK government recently introduced the Cyber Security Strategy to 2030 for health and social care to protect the functions and services citizens depend upon. The policy outlines five pillars to achieve cyber resilience by 2030, which include focusing on more significant risks and harm, defending against threats as a single team, including all people and cultures, building a secure system for the future, and aiming for exemplary response and recovery times. 

Continue reading →

More than eight in 10 data breaches globally can be attributed to human error.

People are the weakest link in cybersecurity. And this weakness comes from a lack of awareness about our cyber risk and the behaviors that influence it. Many people see cybersecurity as an IT concern. In truth, cybersecurity concerns everyone. When our hospitals get infected with ransomware, we can’t receive care. When our organizations experience a cyberattack, we lose our jobs. Still, we tend to underestimate the importance of cybersecurity to our society and economy.

Continue reading →

The legal profession is filled with a number of repeatable tasks that are rife for automation, such as estate planning, bankruptcy filing, IP filings, real estate transactions, and M&A filings. In fact, it’s estimated that nearly a quarter (23 percent) of a lawyer’s daily work could be automated.

The amount of time involved in doing manual tasks can put an immense amount of pressure on legal professionals. In a Gartner survey, 68 percent of corporate lawyers said they struggled to manage their workloads. And over half reported some degree of exhaustion.

Continue reading →

Improving your organization’s cyber security posture is essential to maintain brand trust. The challenge for the C-suite is to look at both the big picture and the finite details, translating your overall strategy for managing risk into actionable processes and priorities that will, over time, lower your risk exposure.

Qualys’ Threat Research Unit (TRU) looked at trillions of anonymized data points gathered from across our customer base to analyze where the biggest risk areas were for businesses. Based on this data, we can see specific areas where you can help your team increase their performance effectiveness, as well as how these changes add up to a significant improvement in security results overall. Building on these details will  improve how you manage risk, reduce your attack surface and maintain trust with your customers.

Continue reading →

When constructing large language models (LLMs), developers require immense amounts of training data, often measured in hundreds of terabytes or even petabytes. The challenge lies in obtaining this data without violating copyright laws or using inaccurate information and avoiding potential lawsuits.

Some AI developers have been discovered collecting pirated ebooks, proprietary code, or personal data from online sources without consent. This stems from a competitive push to develop the largest possible models, increasing the likelihood of using copyrighted training data, causing environmental damage, and producing inaccurate results. A more effective approach would be to develop smart language models (SLMs) with a horizontal knowledge base, using ethically-sourced training data and fine-tuning to address specific business challenges.

Continue reading →

Every year, World Password Day serves as a reminder that passwords are the first line of defense against an ever-changing threat landscape. However, over the past few years, the notion that passwords actually do little to defend against hackers, has continued to snowball.  

This World Password Day, we asked a group of experts within the cyber security and wider technology field to discuss the topics of password hygiene, best practice, and the notion of a password-less future.

Continue reading →

Digital and cloud transformation has unlocked new business opportunities and operational efficiencies for organizations. But migration to the cloud also means our approach to deploying applications and services has radically changed, as enterprises move away from traditional data centers. Likewise, flexible working means users have also moved away from traditional offices and branches.

As a result, organizations that were once heavily dependent on MPLS (multi-protocol label switching) have either moved, or are moving, away and it has lost its dominance. Today, many organizations have either deployed, or are looking to deploy, SD-WAN over the internet. However, the move away from MPLS to an internet-based SD-WAN solution means that some global organizations are now struggling with the performance of their inter-region connectivity. Using the internet between regions – across longer distances and where applications are not locally hosted – can present issues.

Continue reading →