Articles about Q&A

Detecting threats today isn't just about deciding which methods to use, but also which data. Endpoint server and workstation logs are a start, but major blind spots still exist unless threat detection visibility extends to network and cloud as well.

In order to be effective, security teams need to look at what data to use, what the science says can be done with the data, and what to expect. We spoke to Andrew Hollister, CISO at LogRhythm to find out more.

Continue reading →

Spending on cloud services is showing no sign of slowing down, but IT and security leaders are realizing that applications need to have high availability and strong performance in order to be effective.

Application experience management is therefore becoming a key element of enterprise strategy. We spoke to Jason Dover, VP product strategy at Progress, to find out why.

Continue reading →

A record 59.1 million tonnes (53.6 million tons) of e-waste was generated by homes and businesses in 2019, but only 17.4 percent of it was correctly recycled, the rest ending up in landfill or other disposal routes.

With the amount of e-waste expected to grow further, it's still the case that many people simply don't know where or how to properly recycle their obsolete devices.

Continue reading →

According to a recent IBM report the average cost of a data breach is now $4.35 million. If enterprises don't take steps to protect personal data effectively they risk losing not just money but also the trust of their customers.

We spoke to Saswata Basu, founder and CEO of 0Chain, to discuss how decentralized storage can help to address the problem.

Continue reading →

Application security is becoming mainstream, and that's a good thing as it means that security testing is becoming an embedded aspect of the software development life cycle (SDLC). It also means that automated security testing tools are becoming faster, more sophisticated, and better integrated, so they're less likely to slow down developers or burden them with too many trivial findings or false positives.

But as good and necessary as AppSec testing tools are, it's not nearly enough simply to buy them and run them -- you need to buy the right ones and configure them correctly so that they help build security into your SDLC without bogging it down. It's important to implement a security strategy and a plan. It’s also important to employ developers with the skills to build trust into your software -- a concept known as 'holistic AppSec'.

Continue reading →

Major cyberattacks still have the power to make headline news, yet reporting and indeed conviction rates for cybercrime remain low. It's perhaps not surprising then that rising numbers of young people are getting involved in these illegal activities.

We spoke to Simon Newman, International Cyber Expo Advisory Council member and CEO of the Cyber Resilience Centre for London, to get his views on what needs to be done to improve reporting and change the mindset of 'script kiddies' for the better.

Continue reading →

The shift to working remotely has led to businesses relying increasingly on collaboration tools like Slack and Teams. But while these undoubtedly increase productivity they also introduce some extra risks.

We spoke to Brian Mannion, chief legal and data privacy officer at Aware, to find out about these risks and how enterprises can address them.

Continue reading →

Nowadays there are apps for almost everything. As users they clutter up our phones and tablets, but they present problems for businesses too, in particular the storing and analysis of the data they create.

Data is often tied to a specific app and each app needs its own copy, so enterprises can end up with lots of copies of the same information leading to issues with control, compliance and more.

Continue reading →

The IT infrastructure of a modern enterprise is made up of a complex architecture of dynamic networks, cloud deployments, software applications, and endpoint devices.

Each of these has its own set of security controls, which form a critical part of the technology ecosystem, but managing these systems can hinder efficient threat detection and response, which in turn compromises visibility, allowing vulnerabilities and gaps to flourish.

Continue reading →

Kubernetes is one of the most widely used platforms for running containerized applications. Many businesses though still run their databases in a more traditional environment.

Of course there's no reason why you can't run a database in Kubernetes and there are many advantages to doing so. We spoke to Karthik Ranganathan, founder and CTO of cloud-native database specialist Yugabyte, to discuss the pros and cons.

Continue reading →

Governments are keen for enterprises to improve their cyber resilience, but research from Skurio finds just under half of private and public sector organisations surveyed say that lack of resources and in-house expertise prevent their organisation from keeping up with and protecting against new cyber threats.

We talked to Jeremy Hendy, CEO of Skurio, about the barriers to businesses becoming more cyber resilient and the calls to action for C-suite, info-security departments, and the industry

Continue reading →

The Log4j vulnerability first hit the headlines in December last year. Since then we've heard less about it, but it hasn't gone away, like most vulnerabilities it has a long tail.

A recent report from the Cybersecurity Safety Review Board takes a comprehensive look at the vulnerability and what can be learned from it.

Continue reading →

Governments, utilities and other key industries are prime targets for attack including from nation state actors and cybercriminals seeking to extract a ransom.

But David Anteliz, technical director at Skybox, believes that given the increase in tensions across the world threat actors will evolve their tactics with the use of a 'three-headed dragon approach' that goes beyond the probing we have seen so far.

Continue reading →

Securing endpoints used to be a simple matter of installing a firewall and antivirus solution and then keeping them updated.

But as threats have become more sophisticated, networks more complex and working patterns have shifted away from the office, securing and managing endpoints has become a much greater problem for enterprises.

Continue reading →

With more businesses looking to outsource their support thanks to factors like skills shortages, there's clearly a demand for providing services like automation and remote monitoring and management tools.

But what does it take to set up an IT support business? And how does the idea live up to reality? We spoke to Dale Dawson, director of product at MSP platform Syncro to find out.

Continue reading →