BetaNews Staff

Cybersecurity threats are growing at an alarming rate across the globe while at the same time, cybercriminals are becoming even more sophisticated in their methods of attacks. Meanwhile, the shortage of cybersecurity talent is making it difficult for organizations and industries to meet these constantly shifting security demands.

As such, the cybersecurity landscape has become increasingly challenging. In fact, cybercrime is expected to cost the world $10.5 trillion annually by 2025 but organizations are struggling to build the specialized skills required to manage these growing threats. According to ISACA’s latest State of Cybersecurity Report, 63 percent of enterprises have unfilled cybersecurity positions while labor shortages in the UK have become particularly acute. In fact, while there are currently about 339,000 cyber professionals in the UK (up 13 percent year-on-year), there is still a shortfall of 56,811 workers (up 70 percent year-on-year).

Continue reading →

Our threat researchers at Lares encounter a broad range of security flaws and vulnerabilities when we conduct Purple Team exercises on behalf of our clients. Over time, the same unforced errors seem to come up so often that we warn security teams to develop standardized practices to defend against them.

The Lares Adversarial Collaboration Unit assists clients with defensive collaboration engagements and Purple Team assessments, which combine offensive and defensive techniques to strengthen security protections. Red Teams emulate external or insider attackers, while Blue Teams serve as internal security defenders. Purple Teams assist both sides by aligning the defensive tactics of the Blue Team with the threats attempted by the Red Team.

Continue reading →

It's like in the movie "Groundhog Day". Every 31st March the music plays and on World Backup Day we are reminded of the promise: "I solemnly swear to back up my important documents and applications". A noble goal that every company and every user immediately agrees to.

But in the weeks surrounding World Backup Day, we hear from the media that companies have been hacked and their data hijacked by ransomware. The big promise to restore the data from the backup and thus be resistant to any attempt at blackmail is then broken again.

Continue reading →

Implementing your security approach will depend on how you can translate your approach from strategy into reality. As part of this, you will have to make decisions on what tools you use based on the functions that they cover, how they help you create and use data, and how they work. This latter part is important as all security professionals have their own preferences. One of the big debates here is whether you use agent-based or agentless tools.

Using security tools that rely on agents can be an issue for some security professionals, while others will swear by their agent-based tool of choice, and you would have to pry it from their hands. The challenge here is when you have a combination of complex environments to consider, faster software development goals to support, real-time security pressures to contend with, and more data than you know what to do with. So what approach should you choose?

Continue reading →

It is no secret that the web browser is becoming an increasingly popular target for cybercriminals looking to compromise an endpoint to gain entry to a network. The increased business use of the browser (remote work) on networks that lack the perimeter security infrastructure of traditional campus networks has made them easier to exploit. In recent months, we have seen an increase in cyberattacks and data leaks caused by browser-related security incidents, including a data breach caused by a phishing attack on Dropbox that gained the hacker access to over 100 of the company’s code repositories in November, and December’s CircleCi breach resulting from an infection of information-stealing malware.

Highly Evasive Adaptive Threats, or HEAT attacks, are a new spin on existing browser exploit techniques that make them much more dangerous. These attacks exploit browsers by leveraging features and tools to bypass traditional security controls and then attack from within, including compromising credentials or deploying ransomware. Comprised of known tactics such as phishing messages, HTML smuggling and dynamic drive-by downloads, these attacks frequently target SaaS applications and other web-based tools that are critical to productivity.

Continue reading →

Artificial intelligence continues to hog the headlines, as more people discover the power of tools like OpenAI’s DALL-E 2 and especially ChatGPT. These futuristic-seeming tools work by taking a human’s query or prompt and returning an intelligent textual or visual response.

From an enterprise perspective, AI adoption is growing rapidly. According to Forrester, spending on AI software is set to accelerate from $33 billion in 2021 to $64 billion in 2025 -- growing twice as fast as the overall software market. But while tools like ChatGPT may seem like magic, it’s important to understand these solutions aren’t perfect.

Continue reading →

As technology continues to evolve, the networking industry is experiencing significant changes that will have a profound impact on businesses worldwide. The key areas where we expect to see developments include innovation driven by the major cloud providers, accelerated connectivity, and the need for transparency into the network. 

These trends represent key factors that can enable businesses to drive innovation and competitiveness, even in the face of an increasingly challenging economic environment.

Continue reading →

In 2022, the education sector experienced a 44 percent increase in cyberattacks. In the UK alone, six in ten higher education institutes reported experiencing ​​​at least ​weekly ​​​attacks or breaches​​​. This increasing number of threats to the sector is causing major disruptions to teaching and even forcing schools and universities to shut down. 

When it comes to prioritizing security and adopting latest technology, the education sector has always lagged behind other major industries. This lack of urgency is party the reason why education is such a vulnerable target. Many schools are still using outdated and unprotected technology that is easy to infiltrate. Despite not being a cash-rich target, these facilities hold a wealth of personal and financial data, which can be used in future attacks or sold on the dark web. 

Continue reading →

In the early days of computing, authentication was simple, but the approach grew in sophistication over time. For example, modern password-based authentication systems like Kerberos don’t actually transmit passwords anymore; they generate an authentication token that is submitted instead.

But even with these enhancements, a username-and-password based approach to authentication still has a key weakness: if someone learns another user’s password, they are indistinguishable from the true user. And although Bill Gates predicted the death of the password nearly 20 years ago, they remain the default method of authentication for a range of services at work and home.

Continue reading →

Ignore the hype: Artificial intelligence (AI) can improve your security posture now.

We’ve been waiting for AI to deliver benefits to cybersecurity for a long time. ChatGPT aside, AI has been a hot-and-cold topic for decades, with periods of overhyped promises interspersed with periods of cynical rejection after failure to deliver on all of those promises. No wonder plenty of security leaders are wary. Yet, despite the wariness, AI is helping to improve cybersecurity today and will increasingly provide substantial security benefits -- and challenges.

Continue reading →

According to the CBI, UK job vacancies are reaching record highs, currently at 147 percent of the February 2020 average. In those three years, an estimated half a million people of working age have left the UK labor market, and more than three-quarters of UK businesses say that access to labor is threatening UK competitiveness.

As well as the shrinking recruitment pool, there is also a shortage of people with the right skillset. In particular, the digital skills gap has been a long-standing problem for UK businesses. A survey conducted in Q4 2022 underscored that impact, with 81 percent of UK managing directors saying a lack of digital skills is negatively affecting their company.

Continue reading →

Digital money, digital currency, most popularly known as cryptocurrency, has seen its rise to fame over recent years. Despite its popularity, many remain skeptical of cryptocurrency and its impact on society.

According to the World Economic Forum, cryptocurrency helps continue, stabilize, and substitute existing money. However, cryptocurrencies operate totally differently than legal tender, and the authorities are concerned about a non-existent monetary policy for this digital money. This article will discuss digital money, its impact, and all the legal implications of cryptocurrency transactions.

Continue reading →

UI/UX design refers to the process of creating interfaces that users can interact with on digital platforms. The UI (User Interface) is the graphical layout of an application while the UX (User Experience) refers to the overall experience a user has when interacting with a digital product or service. UI/UX design encompasses several elements such as visual design, interaction design, information architecture, and user research.

Measuring the impact of UI/UX design on business is essential as it helps companies to understand the effectiveness of their designs in achieving their business goals. A well-designed user interface can lead to increased user satisfaction, retention, and revenue. Therefore, businesses need to have a clear understanding of how UI/UX design impacts their business to make informed decisions about design investments.

Continue reading →

A company’s chief information officer (CIO) is responsible for overseeing the people, processes and technologies that comprise its IT environment to support business objectives. In today’s information-focused business landscape, the performance of an organization’s CIO is often critical to its overall success.

The CIO’s role and the specific responsibilities of the position have undergone significant evolution and now demands a more enlightened and holistic approach to the issues that affect the way IT impacts the current and future goals of the business.

Continue reading →

Given the ever-changing trends in cloud computing, security, and more, it can be difficult to plan for the road ahead. However, anticipating new developments, both within your organization and the wider industry, is vital if you want to stay prepared and maximize ROI. 

Data is one of a business’ greatest assets, and its role, size and value is only going to increase in 2023 and beyond. Cybersecurity Ventures suggests total global data storage is expected to exceed 200 zettabytes by 2025, with a ransomware attack precited to impact a business, consumer or device every two seconds by 2031, properly securing your data is paramount.

Continue reading →