Articles about cybersecurity

It’s inevitable that different parts of the enterprise will pull in different directions. This is particularly true when it comes to the IT world where operational teams like the SOC tend to focus on operational resilience while management and the boardroom worry about compliance.

We talked to Kyle Wickert, field chief technology officer of AlgoSec, about how IT pros can balance the compliance demands of the C-suite while maintaining security across sprawling hybrid environments.

Continue reading →

A new survey from OpenText Cybersecurity reveals that MSPs find AI as both a driver of growth and source of new challenges as as demand for scalable, integrated tools continues to rise.

In 2024, 93 percent of MSPs and managed security service providers (MSSPs) said AI interest would drive growth in their business that year. That trend has carried forward to this year, with 92 percent of MSPs now reporting business growth driven by interest in AI, and 96 percent expecting AI to drive business growth this year.

Continue reading →

The latest Radar report from Gcore finds DDoS attacks have reached unprecedented scale and disruption in 2025, and businesses need to act fast to protect themselves from this evolving threat.

Attack volumes increased by 41 percent compared to Q1-Q2 of 2024, evidencing dangerous long term growth trends predicted in prior Radar reports.  The largest attack peaked at 2.2 Tbps in Q1-Q2, surpassing the 2 Tbps peak recorded in late 2024.

Continue reading →

Vibe coding is currently all the rage, with more than 97 percent of respondents to a survey earlier this year reporting having used AI coding tools at work.

The adoption of these tools only continues to grow but it comes with a catch, attackers are also employing the same techniques. We spoke to Pieter Danhieux, co-founder and CEO of Secure Code Warrior, to discuss how vibe coding is redefining the software development landscape, how malicious actors are also leveraging this technology and the need for organizations to implement secure by design strategies from the outset.

Continue reading →

A new report from Fortinet reveals that despite organizations increasing their data security budgets by 72 percent last year, insider-driven data incidents continue to surge, with 77 percent of companies experiencing at least one breach in the past 18 months.

The study, conducted with Cybersecurity Insiders, exposes a critical disconnect, while security leaders are adopting smarter strategies and securing stronger funding, traditional data loss prevention (DLP) tools are failing to protect against today's sophisticated threats in cloud-heavy, distributed work environments.

Continue reading →

A new report from AI-powered managed extended detection and response company Ontinue shows a sharp rise in MFA-bypassing identity attacks in the first half of the year.

These attacks are using token replay abuse with roughly 20 percent of live incidents involving adversaries reusing stolen refresh tokens to bypass MFA, even after password resets.

Continue reading →

There’s been an 88 percent increase in hardware vulnerabilities amid a proliferation of IoT devices, and 81 percent of security researchers have encountered new hardware vulnerabilities in the past 12 months.

New attack vectors and often forgotten targets like APIs and hardware are vulnerable and should be a key focus for CISOs today according to a new report from crowdsourced security company Bugcrowd, which shows organizations face growing challenges as applications go through multiple development cycles under pressure to release features quickly, often aided by AI-assisted coding.

Continue reading →

Phishing has overtaken all other vectors as the leading entry point for ransomware, cited by 35 percent of affected organizations, up sharply from 25 percent in 2024.

This is one of the findings of a new report from SpyCloud which also shows that 85 percent of organizations were affected by ransomware at least once in the past year, with nearly a third (31 percent) reporting six to 10 ransomware events in the last year.

Continue reading →

Enterprises face a growing volume and complexity of cyber threats which means security teams struggle with alert fatigue and managing a spread of tools.

Sumo Logic is launching a new agent-powered security operations tool to help automate routine tasks, streamline investigations, and give enterprise security teams the freedom and ability to focus on analyzing the biggest security issues facing their organization.

Continue reading →

The proliferation of different cybersecurity tools has created an operational crisis for organizations, with companies struggling to manage an increasing array of defensive technologies.

Organizations today are forced to juggle multiple tools, each with unique UI, costs, and maintenance headaches. They’re also often not able to buy the tools they need, because they are either too expensive or don't exist in the specific capacity they need.

Continue reading →

A new survey from cybersecurity incident response management (CIRM) specialist Cytactic finds 70 percent of cybersecurity leaders say internal misalignment following a cyberattack caused them more chaos than the threat actor itself, leaving many organizations paralyzed by breakdowns in authority, coordination, and clarity.

The report also finds that while 73 percent of leaders describe their response plans as ‘technically comprehensive,’ many admit those plans collapse under real-world pressure. In addition, 86 percent say ‘translation time’ between legal, communications, and technical teams causes costly delays, underlining that breaches are often derailed more by internal breakdowns than by attackers.

Continue reading →

A new survey of over 1,000 IT and security teams suggests that the more tools organizations deploy to solve problems, the more problems they create.

The study from Kandji finds that too many overlapping tools is an issue for 49 percent, gaps or breakdowns between tools is cited by 46 percent, and security risks due to poor integration by 41 percent. Siloed ownership or communication is a problem for 38 percent while the same percentage say that compliance and audits take too much time.

Continue reading →

New research released today by Claroty looks at the impacts of economic and geopolitical uncertainty on organizations' ability to protect their cyber-physical systems (CPS) environments.

Cyber-physical systems are those that overlap the cyber world -- things like industrial control and medical devices -- and may therefore slip below the radar of traditional cybersecurity approaches. The survey, of 1,100 infosecurity, OT engineering, clinical and biomedical engineering, and facilities management and plant operations professionals, shows concerns that economic policies and geopolitical tensions are adding to risk.

Continue reading →

The retail industry continues to be a top target for cyber criminals, retailers rely heavily on digital infrastructure to manage consumer data and operations so they remain an attractive target for attackers seeking financial or operational disruption.

The cyberattacks earlier this year hitting UK retail (Marks & Spencer, Co-op, Harrods) are the latest reminder that identity is still one of the weakest links.

Continue reading →

A new study finds 26 percent of surveyed organizations in the UK and US have fallen victim to AI data poisoning in the past year. This is where hackers corrupt the data that trains AI systems by planting hidden backdoors, sabotaging performance, or manipulating outcomes to their advantage.

The research from information security platform IO (formerly ISMS.online) surveyed over 3,000 cybersecurity and information security managers in the UK and US, and finds that that 20 percent of organizations have also reported experiencing deepfake or cloning incidents in the last year.

Continue reading →