Articles about cybersecurity

Enterprises are facing a rapidly changing privacy landscape, in which some laws contradict each other, while struggling to reduce costs and gain visibility into their privacy risks.

Indeed there’s been a recent increase in lawsuits against companies for online privacy violations that is putting significant strain on C-level executives and they're looking to their IT leaders to address all of this risk with technology.

Continue reading →

A new report from dark web intelligence specialist Searchlight Cyber shows a 56 percent increase in the number of active ransomware groups this year compared to the first half of 2023, reflecting a diversification of the ransomware landscape.

LockBit has retained its top position despite the disruption caused by Operation Cronos, though its number of listed victims has fallen compared to H1 2023.

Continue reading →

In 2024, the average cost of a data breach skyrocketed to $4.88 million, up from $4.45 million in 2023, showing a 10 percent spike and the highest increase since the pandemic.

Some industries though have seen even bigger increases. Data from a Stocklytics survey of 604 organizations across 17 industries and in 16 countries between March 2023 and February 2024 shows the industrial sector has seen the biggest data breach cost growth in the past year.

Continue reading →

Published vulnerabilities have increased by 43 percent compared to H1 2023, with 23,668 vulnerabilities reported in H1 2024 according to a new report from Forescout.

The average number of new CVEs per day is 111 or 3,381 per month, and 20 percent of exploited vulnerabilities affected VPN and network infrastructure.

Continue reading →

Third-party browser scripts are the code snippets that organizations put into their websites to run ads, analytics, chatbots, etc -- essentially anything that isn't coded by the organization itself.

Which sounds innocuous enough, but these scripts are increasingly being used as a vector for cyberattacks. We spoke to Simon Wijckmans, CEO of c/side, to understand how these attacks operate and what can be done to defend against them.

Continue reading →

New research from Legit Security shows that widely available GenAI development services risk sensitive information exposure, or leakage of secrets.

Legit's analysis of unprotected vector databases finds that 30 servers investigated contained corporate or private data, including company email conversations, customer PII, product serial numbers, financial records, resumes, and contact information.

Continue reading →

As network boundaries can no longer be relied on to define the limits of cybersecurity, zero trust has become the overarching framework that now guides enterprise security strategies.

However, Zero Trust Network Access (ZTNA) has its limitations, especially in application security, and this can open up risk for organizations heavily reliant on SaaS systems.

Continue reading →

Cybersecurity has become an increasingly important concern in the business world. After all, reports have found that 41 percent of businesses fell victim to a cyberattack in 2023. As the technology cyber attackers use to conduct their nefarious activities becomes more complex, so is the technology that IT professionals use to protect organizations and their data. However, with this also comes a unique new challenge: tool sprawl.

Tool sprawl occurs when a company utilizes an unnecessary number of IT tools, usually because it implements separate solutions for each use case. Although it may seem most efficient to address needs as they arise or present themselves, adopting a comprehensive approach is often more efficient -- particularly in a case where proactivity is vital, such as cybersecurity.

Continue reading →

A new report reveals that 98 percent of organizations attacked by bots in the past year have lost revenue as a result.

The latest State of Bot Mitigation Report from Kasada, based on a survey of over 220 US tech professionals, also shows that despite investing heavily in bot defenses, most solutions are proving to be ineffective. Just one in five say that after initial deployment their bot mitigation solution retained effectiveness for more than 12 months.

Continue reading →

Between January 2023 and January this year, critical infrastructure worldwide saw over 420 million attacks -- equivalent to 13 attacks per second -- marking a 30 percent increase from 2022.

A new report from security awareness specialist KnowBe4 shows cyberattacks targeting critical infrastructure have surged globally, posing significant risks to national security and economic stability.

Continue reading →

A new report from Normalyze shows that 89 percent of organizations expect to see a significant or moderate increase in data security budgets over the next 12 months, driven by the escalating threat landscape and stringent regulatory requirements like GDPR and HIPAA.

The report, based on research by Omdia, finds top security priorities include reducing the opportunity for threats to infiltrate data stores (59 percent), improving data security posture (53 percent), and demonstrating ROI through improved reporting and business communication (42 percent).

Continue reading →

So far this year, vulnerabilities have risen by 11 percent and the availability of publicly known exploits has increased by six percent.

The latest Cyber Threat Intelligence Index from Flashpoint reveals 17,518 newly disclosed vulnerabilities in the first half of the year. Also, over 45 percent of all vulnerabilities disclosed in H1 2024 are rated high to critical in CVSSv3.

Continue reading →

The IT world has always been a fast moving one and that means skills need to be kept up to date if you're not going to fall behind.

We spoke to Brett Shively, CEO of ACI Learning a provider of IT, cybersecurity and audit training for organizations around the world, about the importance of training and how a personalized approach can pay off.

Continue reading →

If you are a cybersecurity professional looking for practical and actionable guidance to strengthen your organization’s security, then this is the book for you. Cybersecurity Strategies and Best Practices is a comprehensive guide that offers pragmatic insights through real-world case studies.

Written by a cybersecurity expert with extensive experience in advising global organizations, this guide will help you align security measures with business objectives while tackling the ever-changing threat landscape.

Continue reading →

Although it dates back to the very early days of the internet, email remains a vital communications channel for businesses. But it also continues to present security challenges.

A new report from Abnormal Security reveals a 350 percent year-on-year growth in file-sharing phishing attacks, while business email compromise attacks (BEC) have grown over 50 percent from the second half of 2023 to the first half of 2024.

Continue reading →