The classic way of preventing critical systems, such as industrial controls, from attack is to air-gap them. That is to say ensure they don't have a connection to the internet.

But while they may not have a web connection they still often require DNS services in order to resolve a company's internal DNS records. New research from Pentera shows that this can provide a weak point to be exploited by attackers.

New research from LogRhythm shows 67 percent of respondents say their company had lost a business deal due to the customer's lack of confidence in their security strategy.

The survey of 1,175 security professionals and executives across five continents, conducted by Dimensional Research, finds 91 percent report that their company's security strategy and practices must now align to customers' security policies and standards.

Cybersecurity resilience is a top priority for companies as they look to defend against a rapidly evolving threat landscape, according to the latest annual Security Outcomes Report from Cisco.

The report reveals that 62 percent of organizations surveyed say they have experienced a security event that impacted business in the past two years. The leading types of incidents are network or data breaches (51.5 percent), network or system outages (51.1 percent), ransomware events (46.7 percent) and distributed denial of service attacks (46.4 percent).

Ransomware accounts for 23 percent of cyber insurance claims, while while fraudulent funds transfer (FFT) accounts for 28 percent according to insurance specialist Corvus, which has released its latest Risk Insights Index.

The impact and consistency of FFT is growing, accounting for 36 percent of all claims in the last quarter (Q3 2022), an all-time high. Indeed this metric has not dropped below 25 percent for the past six quarters.

As organizations move more of their systems to the cloud they face a new range of threats. This combined with a shortage of cybersecurity skills makes securing SaaS systems a challenge.

Galit Lubetzky Sharon, co-founder and CTO of Wing Security, believes that a new more holistic approach, involving employees across the organization, is needed. We spoke to her to learn more.

More than 90 percent of organizations migrating to the cloud have implemented, are implementing, or are in the process to implement a zero trust architecture.

But a new study from Zscaler shows only 22 percent of global IT decision-makers claim to be 'fully confident' that their organization is leveraging the potential of their cloud infrastructure, presenting an opportunity for zero trust.

According to research, 50 percent of over 400 IT security decision makers in the US and UK have been prevented from adopting a new cybersecurity solution due to integration issues or challenges with legacy infrastructure.

The study for BlackFog, conducted by Sapio Research, also reveals that 32 percent say a lack of skills within their team to support a new product would also be a factor preventing them from deploying new solutions.

The Log4j or Log4Shell vulnerability first hit the news in December 2021 sending ripples through the cybersecurity world. So you might be forgiven for thinking that it's safe to assume it's no longer a threat. However, one year on it seems that this is a vulnerability that keeps on being, well… vulnerable.

New research from Tenable, based on data collected from over 500 million tests, shows that 72 percent of organizations remain vulnerable to Log4Shell as of October this year.

New research from cloud platform Fastly shows that while enterprises are increasing their cybersecurity spending they're not making the most of their investments.

While 73 percent of organizations worldwide are increasing their cybersecurity spending to protect themselves against future risks, IT leaders are investing poorly with only 61 percent of their cybersecurity tools fully active or deployed.

A new survey reveals that while CISOs are still experiencing challenges around visibility, intelligence and control, nearly half (47 percent) are proactively focused on digital transformation and cloud migration.

The study of 600 UK CISOs from BlueFort Security finds most have moved beyond the challenges of a widespread shift to remote working and are now focused on digital transformation and migration to the cloud, despite an uncertain world picture and bleak economic environment.

Regardless of how much money is spent on cybersecurity, the likelihood of getting hacked, is steadily increasing. The threat landscape is constantly evolving with new ransomware and extortion attacks being reported daily, in addition to adversarial nation states stealing personal information and intellectual property for nefarious purposes.

The reasons are manifold and complex. IT infrastructures are becoming increasingly more complicated, with new software development programs that introduce new vulnerabilities. Cyber criminals are becoming more sophisticated and better organized, with new advanced persistent threats (APTs) continually being discovered. Compounded by state-sponsored cyber espionage seeking anything that can be used for economic or political advantage.

With Black Friday and the holiday shopping season this is always the peak time of year for scammers to try to fleece the unwary. But this year there's also the FIFA World Cup in Qatar to add to the mix.

Leaving aside the debate over whether the tournament should have been held in the Gulf state in the first place, researchers at Kaspersky have been looking at the scams aimed at stealing football (soccer for Americans) fans' identity and banking details.

Cybercriminals are always keen to jump on current trends and events in order to promote their wares, so it's no surprise that as we approach one of the busiest online shopping periods there's inevitably a jump in related spam activity.

Researchers at Bitdefender Antispam Lab have been looking at the latest scams seeking to target consumers in the run up to Black Friday. Numbers have been ramping up in recent weeks, of all Black Friday-related correspondence during the Oct 26-Nov 9 timeline, 26 percent appeared on November 9.

Cybersecurity issues are increasingly complex and that means that they are unlikely to be addressed by just a single vendor. And when an attack does happen it needs to be stopped fast, which needs close collaboration.

A new Data Security Alliance announced today by Cohesity aims to combine best-in-class solutions from industry leading cybersecurity and services companies with exceptional data security and management expertise.

A survey of over 1,200 cybersecurity decision-makers from small and medium-sized businesses in Europe and North America shows 74 percent believe that they are more vulnerable to cyberattacks than enterprises.

The study from ESET also reveals that 70 percent of businesses surveyed admit that their investment in cybersecurity hasn't kept pace with recent changes to their operational models such as hybrid working.