BetaNews Staff

APIs are the glue that holds together the modern enterprise. As digital transformation projects get the boardroom green light in ever greater numbers, so the infrastructure connecting software, data and experiences has expanded. Yet a potential storm is coming in 2025, as a new wave of agentic AI innovation takes hold in the enterprise. In fact, Gartner predicts over 30 percent of the increase in demand for APIs will come from AI and tools that use Large Language Models (LLMs)by 2026.

Unless organizations can mature their API security posture, next year could be the first time we see an LLM app security breach linked to APIs. And without improved API observability, it won’t be the last.

Continue reading →

Despite decades of technological advancement, email remains the predominant attack vector for cybercriminals, with estimates suggesting that 80-90 percent of cyberattacks originate through email channels. While the cybersecurity industry has made significant strides in other areas, many businesses continue to rely on outdated email security measures that leave them vulnerable to increasingly sophisticated threats. This protection gap demands immediate attention from IT leaders.

Traditional secure email gateways (SEGs) like Mimecast and Proofpoint have served as the backbone of organizational email security for years. Similar to how traditional firewalls operate at network perimeters, these gateways excel at blocking known threats through signature-based detection and basic filtering rules. However, just as modern network security has evolved beyond simple perimeter defenses, email security requires a more sophisticated approach.

Continue reading →

In an era when successful hacks are now an inevitability, too many organizations have a false sense of security when it comes to their data. Unfortunately, cyber criminals are ready and willing to take advantage of this complacency.

Gone are the days when CISOs could simply focus on building up frontline cyber defenses alone. Today’s cyber adversaries are using AI technologies like ChatGPT to augment and elevate the sophistication and effectiveness of their attacks on an industrial scale. Whether that’s automating how they scan for vulnerabilities or initiating highly adaptive attacks that can evade traditional perimeter security measures.

Continue reading →

Thanks to the proliferation of smartphones, QR code usage globally has surged by 57 percent, and by 2025, it is forecast to increase by another 22 percent. And up to eight new QR codes are generated per minute globally.

It is no surprise then why QR codes are everywhere -- on billboards, shopping malls, event brochures, restaurant menus, charity websites, parking spaces, you name it! Of course, the genius of QR codes is their ease of use and convenience. For users, one scan and the job is done, be that registering for an event or purchasing an item.  

Continue reading →

As we approach 2025, the notion of warfare is increasingly shifting from the physical to the digital domain. Cyberwarfare, once considered a supplementary tool for traditional military operations, has now emerged as a primary weapon for nations seeking to assert dominance or inflict damage on their adversaries without the need for physical conflict. Simply put, it is easier, requires fewer resources, and can often cause maximum damage without sustained efforts. The rise of AI-driven cyber weapons, zero-day vulnerabilities, and state-sponsored cyberattacks is creating an unprecedented era of digital warfare.

Nation-states and rogue factions are rapidly integrating cyberattacks into their military arsenals, with cyber operations becoming a first-strike option in geopolitical conflicts. By targeting critical infrastructure -- such as energy grids, communication networks, transportation systems, and supply chains -- these attacks can cripple an entire national infrastructure and create mass chaos without a single physical shot being fired. This shift toward cyber warfare reduces the immediate risk of physical casualties, and in turn allows state actors to engage in asymmetric warfare, where a smaller, technologically advanced nation can punch well above its weight.

Continue reading →

Gartner predicts that public cloud end-user spending will surpass $675 billion by the end of 2024. In 2025, as AI systems proliferate and organizations increasingly store sensitive data in public cloud infrastructure, many stakeholders will begin demanding more robust cloud security measures.

Additionally, cybercriminals are becoming more inventive than ever. They now rely on AI and machine learning (ML) to improve and iterate on their methods, just as we all do. Interestingly, despite advances in cloud security, research suggests that common vulnerabilities like unenforced multi-factor authentication (MFA) and long-lived credentials continue to expose many companies to risk. Patching these known vulnerabilities will be crucial next year.

Continue reading →

Cybersecurity is often frustratingly seen as a boardroom burden -- a compulsory cost to keep threats at bay. This “necessary evil” mindset is holding businesses back and leading to a critical opportunity to leverage security as a driver of success being missed.

It’s time we looked at cybersecurity investments differently. Rather than the board reluctantly seeing the investments solely as a necessity for threat prevention, organizations should see cybersecurity also as a powerful enabler of productivity and growth. As digital transformation accelerates across manufacturing, healthcare, and other critical infrastructure sectors where cyber-physical systems (CPS) underpin operations, security needs to keep up with the pace of innovation, supporting -- and even driving -- new efficiencies, customer trust, and competitive advantages which all come with improving cyber and operational resilience.

Continue reading →

Although the cyber threat landscape rarely stands still, some age-old attack vectors will continue to be revisited by cyber criminals. For example, the cyber security risks of removable media -- which have persisted for years -- are presenting fresh challenges for security teams. 

This is because, thanks to its convenience and cost, removable media remains a cornerstone of the operations of critical national infrastructure (CNI) sectors. Devices such as USB drives are used by CNI operators and their third-party service partners to handle sensitive data, perform physical data transfer, and carry out vital operational tasks such as firmware updates in air-gapped networks. 

Continue reading →

As a small business owner reading endless news stories about cyberattacks against well-known enterprise names, it can be easy to think it won’t happen to you. In reality, hackers don’t discriminate: businesses of all sizes can, and do, find themselves on the receiving end of data breaches, and the financial and reputational consequences that often accompany them.

According to the Cyber Security Breaches Survey 2024, half of all UK businesses, including many small and medium-sized businesses (SMBs), reported experiencing a cyberattack within the last year. Despite these high attack rates, only 22 percent of businesses have a formal incident response plan in place, leaving many SMBs vulnerable to serious financial, operational, and reputational damage. This cyber complacency can have serious repercussions if not urgently addressed.

Continue reading →

AI’s steady impact on the academic and research community is measurable through citation metrics, essentially showing how many times a study has directly influenced subsequent research. A recent analysis of AI-related citations showed beyond doubt the impact of AI. It also revealed another noteworthy statistic: Google’s DeepMind made up just under half of all AI-related citations from 2020-2024. 

The company’s dominance is undoubtedly a testament to the importance of its work -- but it also serves as a starting point from which to probe further into the research landscape in Europe and how it’s been impacted by AI. Concentrated influences in academia and research can have long-lasting effects on funding distributions, channels of collaboration, and ultimately the potential for innovation. Add to this the powerful and relatively new tool of AI, and suddenly the future trajectory of scientific research on the continent looks a lot less clear. 

Continue reading →

Phishing is on the rise. Egress' latest Phishing Threat Trends Report shows a 28 percent surge in attacks in the second quarter of 2024 alone. But what’s behind the increase? There are a few factors in play. Like any other form of threat, phishing is becoming more sophisticated with hackers now having access to a variety of new AI-powered tools to generate email messages, payloads, and even deepfakes.

Further, these technologies and the cyberattacks they can create are now easier to access than ever. Especially as more hackers tap into the professional services on offer from a mature and diverse Crime as a Service (CaaS) ecosystem of providers selling everything from the mechanisms to create attacks to pre-packaged phishing toolkits that promise to evade native defenses and secure email gateways (SEGs).

Continue reading →

Parceling up software applications into ‘containers’ is commonplace these days, having grown rapidly over the last decade. Aiming to simplify the development, testing, and delivery process, to encourage agility, it’s a way of working that continues to have wide appeal.

For the uninitiated, a container is akin to putting everything needed to run an application into a portable box. The box holds all the elements ready-made for different systems and hardware, including software, configurations, and files. As a result, applications run consistently regardless of whether they are on virtual machines, cloud platforms, or on-premise servers. 

Continue reading →

Data Recovery is the key to achieving an effective cyber resilience strategy in the event of a cyber-attack to resume business operational resiliency. It empowers businesses to quickly recover their critical data, minimize downtime, and prevent against potential threats. Data recovery planning is crucial for business continuity, allowing organizations to seamlessly recover data and minimize the impact of an incident.

Organizations typically prioritize prevention and protection as key components of their cybersecurity approach. While essential, these measures alone are no longer enough in an evolving threat landscape. Relying solely on prevention leaves gaps, as IT teams face growing challenges in securing diverse systems. To build a comprehensive cyber resilience strategy, it is vital for businesses to recognize the importance of integrating data recovery solutions alongside preventive efforts. The rise of cybercrime, such as ransomware or malware, can devastate a company's digital infrastructure and leave the organization's data vulnerable. According to Verizon’s 2024, Data Breach Investigations Report, ransomware remains a top threat for 92 percent of all industries. This is where data recovery solutions and reactive risk controls can help when prevention fails.

Continue reading →

The last few years have seen digital transformation dramatically increase the sprawl and complexity of enterprise IT environments. Today, the average employee will likely access a dozen applications before lunchtime, both in the cloud and on-prem. This increased complexity has simultaneously created greater interdependences between applications, while also making visibility much trickier for IT teams. 

The upshot of this is a world where there are more applications in use, which are less able to be monitored, and causing greater frustration when they experience issues. This is not a recipe for success.

Continue reading →

When it comes to adopting new technologies, the legal sector has traditionally been more cautious than other industries. However, AI’s potential to transform legal workflows and unlock new levels of productivity is difficult to ignore. In fact, the industry is moving at speed: a recent study shows almost three quarters (73 percent) of legal practitioners plan to utilize AI in their legal work within the next year.

On a practical level, AI is evolving so quickly that across many practices, employees have varying levels of knowledge and understanding of how AI works, what tasks they should be using it for and the legal implications of using it. At the same time, if firms introduce AI solutions that require deep technical knowledge to use, skills gaps could become increasingly problematic.

Continue reading →