Conventional encryption methods rely on the exchange of keys. This can leave them vulnerable, particularly when they're used on public cloud services.

One way around this is to use homomorphic encryption, this permits third party service providers to perform some types of operations on a user's data without needing to decrypt it.

Continue reading →

Aging infrastructure, legacy tools and outdated strategy. Businesses today that have one or more of these issues are quickly realizing that they're not set up for success.

As we start to see signs that the pandemic is getting under control in some places, many companies are finding themselves faced with the reality that they were ill prepared to handle the tumultuous nature of the past 12 months. Those who've struggled to make it this far are realizing it's time for more than just a refresh of their old systems. A new approach is needed.

Continue reading →

There are many things to consider when it comes to making systems secure, but one thing that is often overlooked is the human angle.

George Finney, CISO, CEO and founder of Well Aware Security believes that cybersecurity is a people problem first and foremost -- people are the ones who write and employ processes and people are the ones who create and use technology. No surprise then that people are behind some 95 percent of cybersecurity incidents.

Continue reading →

Is society becoming too accepting of data breaches? Do we claim to want more privacy but then continue to treat our own data in a cavalier fashion?

A recently leaked internal memo from Facebook revealed the company's plans to normalize data scraping leaks and change the way the public views these incidents.

Continue reading →

Although there has been a surge of interest in electric vehicles brought about by governments legislating to phase out internal combustion power, many people are put off by the difficulties of charging, made more of a challenge by the number of different networks each needing its own app, card or token.

A new company EVPassport wants to build an open charging network, allowing EV drivers to use an API-based system integrated into an app like Google Maps, or simply scan a QR code on the charger. We spoke to its CEO and co-founder, Aaron Fisher to find out more.

Continue reading →

Recent high-profile supply chain attacks such as SolarWinds have highlighted how vulnerable the software development pipeline can be.

To find out more about why the CI/CD pipeline is particularly vulnerable to attacks and what can be done to prevent them, we spoke to Vickie Li, developer evangelist at ShiftLeft, which has just launched a new product, ShiftLeft CORE, aimed at reducing risk to the software code base.

Continue reading →

In recent years the use of microservices has helped to streamline development processes. But there's still an issue with managing communication between services.

Service mesh is a technology that adds uniform networking capabilities right across the program stack but is decoupled from the application code itself.

Continue reading →

The last year has seen all businesses facing a major shift as employees have been forced to work from home.

Government agencies have been no exception to this, but they have specific issues relating to handling sensitive data. Last month the US Department of Agriculture (USDA) announced a plan to expand remote work options and other agencies are expected to follow suit.

Continue reading →

Researchers at digital risk protection company CybelAngel recently tracked bad actors targeting French hospitals by analyzing conversations on the dark web.

It discovered how cybercriminals plan healthcare-related fraud, ransomware and other attacks by obtaining stolen credentials, leaked database files and other materials from specialized sources in the cybercrime underground.

Continue reading →

Since the idea of Zero Trust was first proposed back in 2010 it's sparked interest from organizations of all sizes.

But why is Zero Trust seen as a game changer when it comes to protecting organizations and data? We spoke to Jason Clark, chief security and strategy officer at Netskope to find out.

Continue reading →

The past year has created an unprecedented shift, with businesses scrabbling to implement technologies to allow large numbers of staff to work remotely.

It seems likely that as we emerge from the pandemic a large proportion of this shift will become permanent. So, what can companies do to adapt their IT to this 'new normal' and ensure access to essential systems while maintaining security and compliance standards?

Continue reading →

Cloud misconfigurations are one of the major causes of data breaches and the problem has become worse thanks to the dash for remote working.

While cloud is undoubtedly the right choice for businesses looking to expand their infrastructure to keep pace with DevOps demands and embrace support for remote working, many enterprises are falling short of providing adequate Cloud Security Posture Management (CSPM).

Continue reading →

In early March, Microsoft disclosed that Chinese hackers had exploited software vulnerabilities in Microsoft Exchange on-premises servers to gain access to the email accounts of thousands of Microsoft customers.

While these companies are now laser-focused on deploying patches and other security measures to remediate the vulnerabilities in their email software, Josh Douglas, VP of product management -- threat intelligence at Mimecast, believes these technical fixes will only go so far.

Continue reading →

Businesses are gathering more data than ever before, but being able to make effective use of it means being able to find information when you need it.

What challenges does dealing with these ever larger amounts of data present? And how can you be certain that your searches are delivering relevant information and insights to drive your business decisions? We spoke to Stéphane Kirchacker, VP EMEA at search specialist Sinequa to find out.

Continue reading →

Although open source has gained in popularity in recent years, in some circles it's still viewed as being inaccessible to all but tech experts.

But that's starting to change, the PostgreSQL database has earned a strong reputation among businesses for reliability, feature robustness, and performance and has contributed to the growth in open source.

Continue reading →