Articles about cybersecurity

A new report, based on a global survey of 250 decision makers at large financial services organizations of over 5,000 employees, shows that 82 percent have suffered a data breach via cyberattack, or a data leak, an unintentional exposure of sensitive data, in the past year.

The report from Blancco Technology Group finds 43 percent of breaches or leaks were attributed to stolen devices and drives.

Continue reading →

New research from Sophos into ransomware in the retail industry shows that among organizations that had data encrypted, 58 percent paid the ransom to get their data back -- the second highest payment rate in five years.

The survey, of 361 retail IT and cybersecurity leaders across 16 countries, also finds that 46 percent of attacks began with an unknown security gap, while 30 percent exploited known vulnerabilities. 58 percent of victims with encrypted data paid, however, only 48 percent of attacks resulted in encryption. The median ransom demand doubled to $2 million from 2024 and average payment increased five percent to $1 million.

Continue reading →

New research from Forescout Vedere Labs reveals that 65 percent of devices across organizations are no longer traditional IT. Of these 11 percent are network equipment, while 24 percent are part of the extended IoT, such as IoT, OT and IoMT.

Financial services (54 percent), healthcare (45 percent) and oil, gas and mining (40 percent) are the sectors that have the highest percentages of non-IT devices.

Continue reading →

It’s known as an ‘ohno-second’ that moment in time when you realize you’ve clicked send on something you shouldn’t have. But it’s no laughing matter, a new survey of more than 300 security and IT professionals from Abnormal AI highlights the growing threat and business impact of legitimate email messages sent to the wrong recipient.

These misdirected emails can result in data breaches, regulatory violations, remediation costs, and reputational damage. The research shows 98 percent percent of security leaders consider misdirected email as a significant risk when compared to other data loss risks like malware and insider threats.

Continue reading →

APIs were once treated as behind-the-scenes connectors. Today, they are the enterprise nervous system, linking cloud workloads, data platforms, SaaS tools, and increasingly, autonomous AI agents. This centrality makes them irresistible targets.

According to multiple industry reports, API-related vulnerabilities are among the fastest-growing classes of security incidents. The problem isn’t just exposure; it’s amplification. A single unprotected API can open the door to everything it touches, from sensitive customer records to critical operational systems.

Continue reading →

Cloud-native platforms are built for speed with ephemeral workloads, rapid deployments, and plenty of third-party app dependencies.

This poses a real challenge to the deployment of runtime security tools. We talked to Bob Tinker, founder and CEO of BlueRock.io, to discuss how organizations can protect their cloud systems effectively.

Continue reading →

A new report finds that while 73 percent of employees are encouraged to use AI 33 percent don’t always follow AI policies.

The study from 1Password, based on data from 5,200 desk-based knowledge workers across the US, Canada, the UK, Germany, France, and Singapore, also finds 52 percent of employees have downloaded apps without IT approval.

Continue reading →

Date breaches affecting businesses and online services are ever more frequent and can affect anyone who is unfortunate enough to be a customer or supplier.

Finding out the facts about a breach can be tricky, however, as information is heavily reliant on self-disclosure. Proton is launching its Data Breach Observatory, which delivers a truer picture of the risks by monitoring and reporting cyberattacks and data breaches based on data sourced directly from the dark web.

Continue reading →

Employees receive large numbers of emails every day and it’s estimated that 25 to 35 percent of these will be from people they haven’t communicated with before. Knowing whether or not a message has come from a legitimate new sender is almost impossible.

Until now that is. Email security specialist StrongestLayer is launching AI Advisor, a security assistant designed specifically to verify first-time senders and unknown contacts in real-time.

Continue reading →

The average household now contains 22 connected home devices and is subjected to nearly 29 attacks each day, almost triple the rate recorded last year.

This the key finding of a new joint report from Bitdefender and NETGEAR which highlights how the expanding Internet of Things ecosystem, spanning everything from smart TVs and streaming boxes to routers and cameras, has dramatically increased consumer exposure to automated cyberattacks and large-scale exploitation.

Continue reading →

A new report from digital trust provider DigiCert highlights an unprecedented surge in distributed denial-of-service (DDoS) attacks that reached ‘internet tsunami’ scale, with two events peaking at 2.4 Tbps (terabits per second) and 3.7 Tbps respectively.

Attack traffic increasingly originates from regions where digital infrastructure is outpacing regulation, with Vietnam, Russia, Colombia, and China ranking among the top five sources.

Continue reading →

A new report shows that organizations taking longer than nine hours to address an email security breach have a 79 percent chance of also being a victim of ransomware.

The study from Barracuda, based on a survey of 2,000 IT decision makers carried out by Vanson Bourne, also finds that most of the organizations surveyed (78 percent) experienced an email breach in the previous 12 months, with the average cost to recover reaching $217,068.

Continue reading →

New research from business risk specialist Panaseer shows that major breaches are being caused by toxic combinations -- overlapping risks that compound and amplify each other, until they form a critical vulnerability.

The company analyzed 20 major breaches that have occurred over the past five years. In 14 of the 20 cases, it found clear evidence of compounding risks forming toxic combinations that magnified the overall impact.

Continue reading →

A new study from OpenText of nearly 1,800 global IT and security leaders shows a false sense of confidence in ransomware readiness.

The report shows that 95 percent of respondents say they’re confident in their ransomware recovery -- yet only 15 percent of those attacked have fully recovered their data.

Continue reading →

Security leaders estimate that, on average, cyber incidents cost their organization $3.7 million, with 46 percent suffering from an outage or disruption to their services as a consequence of attacks.

A new survey from Red Canary of 550 security leaders, from the US, UK, New Zealand, Australia, and the Nordic countries, finds that SOC teams continue to struggle with the challenges of securing cloud environments, identities, and AI technologies amid evolving threats.

Continue reading →