Articles about cybersecurity

As artificial intelligence (AI) continues to advance, its impact on cybersecurity grows more significant. AI is an incredibly powerful tool in the hands of both cyber attackers and defenders, playing a pivotal role in the evolving landscape of digital threats and security defense mechanisms. The technology has seen use both by attackers to conduct cyber attacks, and defenders to deter and counter threats.

The incorporation of AI into malicious social engineering campaigns creates a new era where cyber threat actors are more convincingly deceptive. With access to a vast amount of data, cyber threat actors can both increase the success and effectiveness of large-scale phishing campaigns, or use this access to huge amounts of data to spread disinformation online.

Continue reading →

The rapid rise of AI across industries has created a critical data blind spot, a lack of insight into the data powering these systems. Training data for AI models can harbor hidden risks, including leaking sensitive information, personal data, and intellectual property.

A new survey of 168 members of the CISO Society carried out by BigID and Lorem Advisory Group looks at the challenges CISOs face in governing, securing, and safeguarding data in today's AI-driven landscape.

Continue reading →

Active Directory (AD) was introduced in the late 90's when corporate networking barely had virtualization and remote work, not to mention cloud services.

AD controls authentication and authorization to most of an organization's on-premises applications and data, and through synchronization and federation with Entra ID, Okta or other cloud identity provider (IDP) provides these same controls to cloud applications and resources.

Continue reading →

New research from Top10VPN has captured and analyzed the network traffic of the 100 most popular free VPNs on Google's Play Store and reviewed their source code.

The findings are rather worrying, showing that 88 percent suffer some kind of data leak (IP, DNS, WebRTC) with 17 percent affected by multiple leaks.

Continue reading →

Ransomware remains an ongoing threat for organizations and is the largest single cause of IT outages and downtime as 41 percent of data is compromised during a cyberattack, according to the latest Veeam 2024 Ransomware Trends Report.

The report, based on 1,200 responses from organizations that have faced a security incident, reveals that only 57 percent of the compromised data is usually recovered, leaving organizations vulnerable to substantial data loss and negative business impacts as a result.

Continue reading →

The work landscape has changed enormously in recent years with hybrid and remote working now becoming the norm. This makes it harder for businesses to secure their systems as there's no longer a clearly defined network perimeter.

1Password now has an Extended Access Management feature that helps organizations to secure every sign-in to every application from every device.

Continue reading →

Automation is a critical capability for a proactive security strategy says a new report from automated endpoint and vulnerability management company Syxsense and Omdia, a global analyst.

The research surveyed over 400 respondents including decision makers from North America and Europe, Middle East, and Africa (EMEA), at small and midsize business (SMB)+ sized companies across a variety of industries.

Continue reading →

The US Cybersecurity and Infrastructure Agency's (CISA) Secure Software Development Attestation Form rules come into force on June 11, 2024.

This requires software producers who work with the US government to adhere to and confirm the deployment of key security practices. But new research from Lineaje reveals that 80 percent of companies are not ready.

Continue reading →

A new report from CyCognito looks at the challenges faced by cybersecurity professionals in protecting web applications, which have become prime targets for cyberattacks.

Organizations maintain dozens, often hundreds, of custom web apps, developed in-house and by third-party partners. What's more over 60 percent update web applications weekly or more often.

Continue reading →

Organizations have prioritized investment in SaaS security, with 70 percent establishing dedicated SaaS security teams, despite economic uncertainty and workforce reductions.

A new report from the Cloud Security Alliance (CSA), commissioned by cloud security specialist Adaptive Shield, also finds 39 percent of organizations are increasing their SaaS cybersecurity budgets compared to last year.

Continue reading →

A new study reveals that 60 percent of security leaders in the UK cite account takeover attacks as one of the top four most concerning cyber threats.

The survey from Abnormal Security shows 75 percent of UK survey participants report that their organization has been impacted by an account takeover attack at least once over the past year.

Continue reading →

A new report from Deep Instinct shows that 97 percent of security professionals are concerned that their organization will suffer an AI-generated security incident.

In addition 75 percent have had to change their cybersecurity strategy in the last year due to the rise in AI-powered cyber threats, with 73 percent expressing a greater focus on prevention capabilities.

Continue reading →

Two-thirds of organizations responding to a new survey list cyber risk concerns as the most important drivers for implementing a zero-trust strategy.

A new report from the Entrust Cybersecurity Institute, based on research by the Ponemon Institute, shows the pattern is even more pronounced in the US, with 50 percent of organizations citing cyber breach risk and 29 percent reporting the expanding attack surface for a combined total of 79 percent.

Continue reading →

Artificial Intelligence is dramatically transforming the business landscape. It streamlines operations, provides critical insights, and empowers businesses to make data-driven decisions efficiently. Through machine learning, predictive analytics, and automation, AI assists in identifying trends, forecasting sales, and streamlining supply chains, leading to increased productivity and improved business outcomes. It isn't, unfortunately, without problems.

We talked to Matt Hillary, Vice President of Security and CISO at Drata, about the issues surrounding AI when it comes to critical security and compliance.

Continue reading →

The C-Suite’s perception of cybersecurity has evolved dramatically over the past decade. It’s gone from being an afterthought for technology departments to worry about, to a cornerstone for business survival and operational strategy. The heightened awareness of cybersecurity stems from a deeper grasp of the legal, reputational and financial implications of data breaches. This, combined with regulatory pressures such as the original NIS directive, has forced leaders to enhance their organizations’ cybersecurity measures.

The result is that 75 percent of organizations now report that cybersecurity is a high priority for their senior management team. While on the surface this should be celebrated, when digging deeper, conversations between CISOs and the wider C-Suite often just revolve around high-profile or user-centric security risks. More technical and advanced threats such as those related to application security are overlooked. The race to embrace AI and increasingly complicated cloud infrastructures have also made communicating cybersecurity priorities even more difficult for CISOs.

Continue reading →