BetaNews Staff

In recent years, the Internet of Things (IoT) has become an increasingly important area for businesses as more and more companies look to connect their products and services to the internet to deliver new experiences and unlock new revenue streams and capabilities. In Eseye's Annual State of IoT Adoption survey, over three-quarters (76 percent) of respondents said that IoT is a priority for their business in the next two to three years. 

However, the design of hardware, firmware, and coding connectivity management software into IoT devices are all highly specialist areas. These three core components require significant specialized knowledge and expertise. A considerable skills gap in the industry makes it difficult for businesses to successfully design, develop, and deploy IoT estates. 

Continue reading →

A 'work device' isn’t what it used to be. Employees are no longer restricted to a single, company-issued device. Instead, they move between devices based on task, time of day, and location. One minute, they might be working at a desk on a Mac, while the next they are on the move, staying productive from an iPhone.

Research has shown that employees highly value the ability to choose which device(s) they use. In fact, 87 percent of respondents in an independent global survey, conducted by Vanson Bourne in 2021 said choosing their work device was important to them, and 89 percent said they’d even be willing to sacrifice part of their salary to be empowered to choose their own technology.

Continue reading →

As security professionals assess the cloud security challenges that lie ahead for the coming year, one thing is certain. Threat actors will continue to double down on their efforts, utilizing new techniques and refining pre-existing methods as they extend their ever-growing toolbox.

To help enterprises stay ahead of the game, our security research team has highlighted some of the top trends and attack vectors cloud security teams can expect to encounter in 2023.

Continue reading →

With cyber criminals deploying increasingly sophisticated methods of attack organizations must go the extra mile to protect their data and avoid costly financial and reputational damage. With new threats emerging each day, these risks cannot be taken lightly. This is particularly true for corporate legal teams and law firms who are prime targets for cyber attackers given the amount of sensitive client information that they hold.

According to IBM’s Cost of a Data Breach 2022, the average consolidated total cost of a data breach in the UK is £3.36 million, up from £2.37 million in 2015. Given the financial and reputational damage a data breach can cause, legal teams and law firms cannot treat cyber security as a tick box exercise. However, there is a tendency to fall into a key myth of cyber security: "We are doing fine as long as we pass our annual security audit."

Continue reading →

As the world seems to innovate just about every experience in our lives, from online banking to ordering lunch or submitting an expense report, digital transformation continues to enable new possibilities. Research shows the average enterprise invests $48 million annually on digital transformation projects. These projects include improving the experience of enterprise apps for customers, enabling smoother hybrid work experiences for employees, or providing new and improved technology for staff to to increase their productivity, efficiency, and sense of accomplishment.

Taking the broadest possible perspective, the overall spend on IT by enterprises worldwide in 2022 was $4.4 trillion, per Gartner. This spending is forecast to continue increasing in 2023.

Continue reading →

As many CISOs are discovering, protecting cloud native environments requires a fundamental shift in thinking when it comes to keeping threats at bay. The huge change in the technology stack, the rapid delivery of software updates, and the unfettered use of open source, all present new challenges that old-style security tools cannot resolve.

Rather than using different point solutions that only solve specific security issues and need to be manually stitched together, Gartner recommends adopting a unified and end-to-end full lifecycle solution that starts in development and extends to deliver comprehensive runtime protection. In other words, a cloud-native application protection platform (CNAPP).

Continue reading →

During "romance week" and Valentine's Day, your heart can be stolen in the blink of an eye, and so can your money. The FBI has warned of "romance" scams, centering the bulletin around the celebration of love, which demonstrates that it’s not just a box of chocolates that’s seducing people, it’s scammers and cyber criminals. Staggering new data from the FTC shows that last year, nearly 70,000 people reported a romance scam, and reported losses hit $1.3 billion. The median reported loss was $4,400.

Romance scams are a variation of what’s called "pig butchering," a type of social engineering attack that alludes to the practice of fattening up a hog before slaughtering it. The approach combines some time-tested elements of fraud -- such as gaining trust. It relies on the effectiveness of relationships nurtured on social media and the ease with which currencies can be moved electronically. In simpler terms, scammers are posing as lovers, gaining the trust of their fake beau, and then asking them for money for gifts, procedures, plane tickets, you name it.

Continue reading →

Security failures happen. Unfortunately, in today’s always-on, highly digitized world, it is inevitable and a question of not if but when. We only need look at the news during the first few of weeks of 2023 to see several high-profile breaches reported, including T-Mobile and Mailchimp. The companies, its customers and its employees must remain on high alert in the coming months for increased phishing attempts from threat actors using credentials from the attack.

So many of these breaches get blamed on employees being socially engineered, highlighting the importance for employees to be more aware of their role in cybersecurity and for companies to have effective, thoughtful security training and intuitive security systems in place. Users are an organization’s biggest vulnerability; a well-known attack vector for data exfiltration that unfortunately cannot be completely closed. Today, organizations have a wide variety of users and any one employee, partner or supplier from any level within the company can present a vector through which a hacker can infiltrate the organization.

Continue reading →

We’ve already had the first major API-related cybersecurity incident for 2023, and the year has barely started. The T-Mobile API breach exposed the personally identifiable information (PII) of 37 million customers. The API attack had been going on since November but was not discovered and disclosed until January 19, illustrating the threat of the "low and slow" approach of API attacks, which are increasing at a steady pace. Following research by Sam Curry that uncovered hundreds of API vulnerabilities in the automotive industry -- from Mercedes-Benz to Nissan to Kia to Ferrari and more -- it’s not surprising that 2023 has been dubbed "The Year of API Security."

Unfortunately, threats do not stop at API security. Today’s organizations -- and the world -- face inordinate security risks. What other threats and trends can we expect to see in the coming year?

Continue reading →

Navigating the business landscape is important for continually delivering the high-quality service your clients expect. Efficiency and resilience are key, especially in the face of change, in which your business’s ability to adapt is vital for its success.

However, it can be difficult to know which changes to embark on to ensure your longevity, but with a high risk of change comes a high reward. Here, we will discuss the top strategies your business can implement to reduce risks while adopting change.

Continue reading →

Artificial Intelligence (AI) has been a hot topic for a long time, but its impact on our society and in the enterprise are just beginning to be realized. AI and other forms of machine learning and deep learning will revolutionize business, automating repetitive tasks and accelerating outcomes -- all based on huge sets of data.

Developing deep learning applications generally follows a three-step process of:

Continue reading →

Trust in corporate networks has never been more important. The rapid adjustment to more distributed workforces -- and an associated explosion of devices -- has dramatically increased cyber threat levels. As a result, Zero Trust has emerged as the de facto cybersecurity framework for operating in the business.

The NCSC (National Cyber Security Center) defines a Zero Trust architecture as "an approach to system design where inherent trust in the network is removed. Instead, the network is assumed hostile and each access request is verified, based on an access policy."

Continue reading →

With cybercrime continuing to pose a major threat around the globe, businesses everywhere are increasing their spending on both information security solutions and regular security testing to find vulnerabilities before criminals can exploit them. However, with the latest research showing over 40 percent of cyberattacks last year were in fact zero-day exploits that took advantage of vulnerabilities missed by traditional pen testing, it’s clear that more still needs to be done.

For this reason, a growing number of organizations are turning to so-called 'ethical hackers' or grey hats, who use their skills to find the vulnerabilities that traditional penetration testing organizations can’t. However, while the services on offer can be incredibly effective, the idea of hacking still tends to carry (mostly) negative connotations, which often leaves businesses unsure about finding an ethical hacking service they can trust. For those that wish to explore the idea of ethical hacking further, below are a number of best practice guidelines for doing so:

Continue reading →

The whiff of a recession is in the air as some of the largest multinational organizations, from Google to Goldman Sachs, enact layoffs at a massive scale in an effort to shore up their finances. In this environment of economic uncertainty, organizations keep one eye glued to the bottom line while the other eye anxiously scans the organization, looking for areas to trim costs.

When it comes to technology, however, these cost-cutting efforts need to be approached carefully; otherwise, organizations risk losing functionality or compromising on application quality -- both of which can impact employee productivity and put the organization in even worse shape to weather any tough times that lie ahead. So, how best to approach this undertaking?

Continue reading →

Spurred on by the dramatic shift in the global economy, the acceleration of digital transformation triggered a rise in new technologies appearing on the market. As a result, businesses have responded fiercely, scaling IoT initiatives rapidly, with mixed results.

With growing interruptions in workflow due to poor connectivity, integration, and supply chain issues, organizations have had to cope with a long list of challenges when deploying IoT to market. This has included the drive to cut costs, adhere to ever-tighter deadlines, and plug the ongoing engineering skills shortage gap.

Continue reading →