Articles about cybersecurity

A survey from Defcon 17 back in 2009 revealed that 81 percent of hackers are more likely to be active in winter.

It's easy to understand why this might be, with the holiday period bringing a spike in online trading as well as businesses closing down or operating on skeleton staffs.

Continue reading →

A new study finds that that most organizations anticipate phishing (81 percent), malware and ransomware (76 percent), and accidental data loss (63 percent) will be the top security risks over the next six months, followed by social engineering (55 percent) and third-party risks (52 percent).

The report from Fortra looks at the challenges security professionals have faced over the past year, as well as what they plan to focus on next as they continue to embrace digital transformation, new hybrid infrastructures and a challenging security landscape.

Continue reading →

A new report from IANS Research and recruitment firm Artico Search shows that although 64 percent of CISOs say they are satisfied in their job, 75 percent are open to a change.

More than 660 chief information security officers (CISOs) provided data for the report. Additionally, research team members held conversations with over 100 CISOs to better understand the challenges they face today and the future opportunities.

Continue reading →

The latest Data Protection Trends report from Veeam Software shows 92 percent of organizations will increase their 2024 data protection spend, to achieve cyber resilience amid continued threats of ransomware and cyber-attacks.

However, while companies say they will spend more trying to fend off cyberattacks, the report finds IT leaders are feeling even less protected and more concerned about their ability to recover and restore mission-critical data.

Continue reading →

Over three quarters of cybersecurity professionals in the UK and US don't believe university courses are preparing graduates adequately for the working world, according to new research.

The study of 3,000 IT and cybersecurity professionals in the UK and the US, from cybersecurity upskilling, certification, and talent assessment platform Hack The Box, shows 78 percent of cybersecurity and IT professionals believe a traditional university education in cybersecurity is not doing enough to prepare graduates for the modern workforce.

Continue reading →

A new report from Abnormal Security shows that vendor email compromise (VEC) attacks against financial services organizations increased by 137 percent in 2023.

This is an industry that handles a wide array of sensitive personal and financial information of the type hackers love to get their hands on. This makes organizations within the financial services sector particularly susceptible to cyberattacks, including socially-engineered email attacks.

Continue reading →

As the profile of cybersecurity has increased within enterprises, so has the challenge of finding people to fill senior roles and then hanging on to them.

Recent research suggests that CISOs don't stay in the job for more than three years on average. One answer is to use a virtual CISO (vCISO) to advise on current issues and relieve the strain on the in-house team.

Continue reading →

One of the key recent concerns for security teams has been developing the ability to adapt to advancements in technology and innovations such as AI and quantum computing.

A new partnership between Accenture and SandboxAQ aims to give organizations the ability to scan all of their files, applications and network traffic to ensure that all of their data -- whether on-premise or hosted via major cloud providers -- is secure even if attackers break through firewalls and network endpoints.

Continue reading →

According to a new study, 94 percent of global organizations have experienced email security incidents last year, up two percent from the year before.

The latest Email Security Risk Report from Egress looks at attitudes and approaches to email security, the evolution of risks, and the impact of incidents, based on responses from 500 cybersecurity leaders.

Continue reading →

Cyber awareness and Cyber Awareness Month (CAM) have faced allegations of fearmongering in the past, but this isn’t -- or shouldn’t be -- the case. At times, some vendors or individuals arguably exploit worries about cyber threats to market their products or convince people of their necessity.

But this is a delicate balance to strike. While it is true many security professionals are already struggling under the weight of their responsibilities, Cyber Awareness Month is a time for home truths. The grim reality is that cybercrime is getting worse. According to the Veeam Data Protection Trends Report 2023, 85 percent of organizations suffered at least one cyber-attack in the preceding twelve months, an increase from 76 percent experienced in the prior year. So, in many ways, our current approaches are failing. Does that mean Cyber Awareness Month is failing too? 

Continue reading →

AI is growing in popularity and this trend is only set to continue. This is supported by Gartner which states that approximately 80 percent of enterprises will have used generative artificial intelligence (GenAI) application programming interfaces (APIs) or models by 2026. However, AI is a broad and ubiquitous term, and, in many instances, it covers a range of technologies.

Nevertheless, AI presents breakthroughs in the ability to process logic differently which is attracting attention from businesses and consumers alike who are experimenting with various forms of AI today. At the same time, this technology is attracting similar attention from threat actors who are realising that it could be a weakness in a company’s security while it could also be a tool that helps companies to identify these weaknesses and address them.

Continue reading →

In Cybersecurity First Principles, Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles.

The author convincingly lays out the arguments for the absolute cybersecurity first principle and then discusses the strategies and tactics required to achieve it.

Continue reading →

Some industries make more attractive targets for cybercriminals than others, thanks to the type of data they hold and the services they provide. The telecoms sector is one such. 85 percent of the top telecom companies in the US, UK, France, Italy, Denmark, and Germany experienced a third-party data breach in the past 12 months alone.

Which is why SecurityScorecard is introducing a new set of security ratings developed especially for telecommunications companies, internet service providers, and cloud providers.

Continue reading →

Researchers at Cybernews have uncovered a huge data leak which could potentially put the entire population of Brazil at risk.

They uncovered a publicly accessible Elasticsearch instance which contained more than 223 million records-worth of private data belonging to Brazilian individuals -- the country's current population is only around 217 million.

Continue reading →

According to new research 82 percent of companies report an increase in the gap between the number of vulnerabilities/exposures in their environment and their ability to remediate them.

The 2024 State of Security Posture Survey from XM Cyber is based on a survey of 300 CISOs and security decision-makers from large organizations in the US and UK, and shows 62 percent of security and IT teams actively engage in the remediation of exposures or vulnerabilities, handling an average of 12 per week.

Continue reading →