As the network as we know it has changed and adversaries are finding success with new attack routes that exploit gaps in defenses.

As enterprise security undergoes a major shift we need to change the way we think about this complex 'atomized network'. We spoke to Martin Roesch, CEO of Netography, to find out about the challenges this presents and how to address them.

A new Third-Party Risk Report from secure enterprise browser tech company Talon Cyber Security focuses on the ways in which third-party workers increase security risks and organizations vulnerable to data breaches.

Talon surveyed 258 third-party workers, including contractors and freelancers, and finds 89 percent work from personal, un-managed devices, which organizations lack visibility into and therefore cannot enforce the enterprise’s security posture on.

Quantum computing holds the promise of much faster processing speeds but is still widely viewed as still being some way in the future as a commercial proposition. It could boost machine learning and AI, and unlock the power of unstructured data.

Of course quantum also comes with security challenges thanks to its potential to crack passwords and break encryption. Here's what industry experts expect to see happening in the quantum world in 2023.

You'll often hear cybersecurity discussed in military terms, as a war, or a battle, or a conflict. So should enterprises be taking a defensive approach that draws on military thinking?

Tom Gorup is VP of security operations at Fortra's Alert Logic, a managed detection and response specialist. He's also a veteran of six years in the US Army with tours of Iraq and Afghanistan. We spoke to him to discover how lessons learned on the battlefield can be applied to cybersecurity.

The Christmas holiday period is a peak time for phisherfolk. Research from Check Point shows 17 percent of all malicious files distributed by email in November were related to orders and shipping around the Black Friday period.

This is expected to be worse still this month as attackers seek to take advantage of shipping and package notifications and more.

Research from Salt Labs has highlighted two API security vulnerabilities discovered within BrickLink, a digital resale platform owned by The LEGO Group.

BrickLink is the world's largest online marketplace to buy and sell second-hand LEGO. The API security flaws could have allowed for both large-scale account takeover (ATO) attacks on customers' accounts and server compromise to allow bad actors to take control of accounts and steal personal details.

A new report finds that 78 percent of Americans indulge in risky online behaviors that open them up to cyber threats, such as reusing or sharing passwords, skipping software updates and more -- a 14 percent increase from just two years ago.

The Xfinity Cyber Health Report from Comcast combines data from a new consumer survey of 1,000 US adults, conducted by Wakefield Research, with national threat data collected by Xfinity's xFi Advanced Security platform.

A new study from Splunk, in collaboration with Foundry, finds that 49 percent of public sector agencies struggle to leverage data to detect and prevent cybersecurity threats.

The report shows 50 percent of the sector has issues leveraging data to inform cybersecurity decisions, and 56 percent of public sector agencies have difficulties leveraging data to mitigate and recover from cybersecurity incidents.

Cybercriminals know that backups are the last line of defense against ransomware, so it’s essential that they are properly protected.

In an ideal world they would be air-gapped but in the current era of hyperconnectivity that can prove somewhat impractical. We talked to Bret Piatt, CEO of CyberFortress, to discuss the need to protect backups and the strategies for doing so.

In a year of international events that has been dubbed a 'permacrisis', 46 percent of tech industry workers say that distractions from world events make it hard to care about their jobs.

More worrying is that 36 percent of tech industry workers say they only do the bare minimum when it comes to security at work -- compared to 11 percent of employees in other industries.

While 97 percent of business leaders and security professionals say their organization is as prepared or more prepared to defend against cybersecurity attacks than they were a year ago, one in five wouldn't bet a chocolate bar that they could prevent a damaging breach.

Ivanti surveyed 6,500 executive leaders, cybersecurity professionals, and office workers to understand their perception of today's cybersecurity threats and find out how companies are preparing for future threats.

As cyber threats intensify and the human and financial resources available to deal with them remain limited, there is a growing need for automation in cybersecurity.

The intelligent automation of key cybersecurity processes can significantly improve an organization's posture and at the same time support under-pressure employees by reducing reliance on manual processes. But in what is a relatively new approach, how far have organizations progressed along the cybersecurity automation maturity curve and is everyone on the same journey?

As cyberattacks become more sophisticated, so traditional security techniques may no longer be up to the task of protecting systems.

What's needed is an approach that can spot the routes an attacker may use and help close them down. We spoke to Todd Carroll, CISO at CybelAngel and with over 20 years previous experience in the FBI's cyber, counter intelligence, and counter terrorism branches, to discuss the need for a pre-emptive attitude to cybersecurity and how such an approach can work.

This week marks the first anniversary of the Log4j/Log4Shell vulnerability affecting the Java logging library and as we noted recently many organizations are still vulnerable even though patched versions were quickly available.

Sonatype has produced a resource center to show the current state of the vulnerability, along with a tool to help businesses scan their open source code to see if it's affected.

A new report reveals that 'less sophisticated' fraud -- in which doctored identity documents are readily spotted -- has jumped 37 percent in 2022.

The report from Onfido also shows that while in 2019 fraudsters tended to keep regular office hours, in 2022, fraud levels were consistent across 24 hours, seven days a week. Thanks to technology, fraudsters are more connected across the globe and are able to traverse regions and time zones, and can easily take advantage of businesses’ closed hours when staff are likely offline.