Articles about cybersecurity

According to the FIDO (Fast Identity Online) Alliance, passwords are the root cause of more than 80 percent of data breaches. And yet, many organizations -- both big and small -- continue to use this antiquated approach to authentication. In fact, recent research from Yubico, which surveyed more than 16,000 employees across eight countries, found 59 percent of respondents still rely on usernames and passwords as their primary method of authentication.

Why do we continue to see the same old same old, especially when the authentication industry has made such significant strides in not only passwordless but also phishing-resistant authentication? We spoke with Axiad founder and co-CEO Bassam Al-Khalidi to get an answer to this question and find out how companies can make the move to a passwordless, phishing-resistant future. Read on to hear what he had to say.

Continue reading →

Organizations are struggling to keep up with vulnerabilities amid software supply chain complexity, with more than 40 percent still in reactive mode according to a new report from Slim.AI.

The 2023 Container Report, based on a survey conducted with Enterprise Strategy Group, shows few organizations know exactly how to address security in the upstream dependencies of the applications and the containers they run in production.

Continue reading →

The uncertain economic climate has led to many smaller businesses cutting their budgets over the last year. But where cybersecurity spend is concerned this can be a risky move.

We spoke to Geoff Bibby, senior vice president at OpenText Cybersecurity to discuss how SMBs and managed security providers (MSPs) can adapt their security plans while still remaining protected.

Continue reading →

With ever increasing numbers of smart devices in our homes and workplaces, the Internet of Things has become an established facet of everyday life.

But like the rest of the technology industry the IoT isn't standing still. Here are some expert views on the opportunities and risks it's likely to present in 2024.

Continue reading →

Enterprises are major users of technology and it impacts on most areas of their operation. The big challenges in recent years have come from the switch to remote and hybrid working, and new technologies like generative AI.

So what can we expect enterprise IT to face in 2024? Here are some expert views.

Continue reading →

As 2024 fast approaches, organizations are looking back on the past year to try and gain some insight into what the next 12 months could hold. This past year has been particularly interesting in the world of cyber security, with ransomware and data breaches dominating the headlines, the rise to prominence of AI strengthening cybercrime’s arsenal, and the shift of focus to cyber resilience causing businesses to question what comes next for the industry.

For security professionals across organizations of all sizes we anticipate the following issues will be a key focus for the year ahead:

Continue reading →

One of the biggest issues when dealing with security risks is the time that it takes to address problems when they come to light.

We spoke to Yoran Sirkis, CEO of remediation operations specialist Seemplicity, to discuss why there's an issue and how workflow problems around responding to risks can be improved.

Continue reading →

It’s been another busy year for cybersecurity regulations. We saw a new National Cybersecurity Strategy by the White House in March, and throughout the year, we’ve seen the National Cybersecurity Center (NCSC) launch several new initiatives to increase cyber resilience.

As mentioned by Joseph Carson, Chief Security Scientist & Advisory CISO at Delinea, the landscape of cybersecurity compliance is expected to "evolve significantly, driven by emerging technologies, evolving threat landscapes, and changing regulatory frameworks."

Continue reading →

In security, we are very used to talking about features and functions in the tools we use. When it comes to measuring the positive impact of what we spend on cyber, in terms of both people and equipment costs, we tend to be equally abstract -- for years, 'mean time to detection' and 'mean time to resolution' have probably been the two most widely-used metrics for cybersecurity progress, and measuring the number of security incidents handled is still probably how the CISO tracks his team’s contribution to the organization.

But no longer. Today we need to start thinking about measuring cyber’s impact in completely new ways -- or to be more accurate, concepts new to us in IT security but already very familiar to our colleagues in HR; with terms that seem very far from threat intelligence, such as wellbeing, inclusion and creating psychologically safe spaces.

Continue reading →

Despite moves towards other means of authentication passwords are still widely used, making protecting digital identities a problem.

But identity affects other areas too, such as being able to verify content and devices, things which are likely to come more more into focus as we approach significant elections in the US and UK. Here are some expert views on the identity landscape for 2024.

Continue reading →

Today’s complicated threat landscape leaves security teams grappling with new challenges on a scale never seen. Threat actors are more organized and efficient, leveraging a vast ecosystem of tools and services that cater to experts and beginners alike. In early March, the Cybersecurity and Infrastructure Security Agency (CISA) released an advisory warning of the resurgence of Royal ransomware with new compromise and encryption tactics used to target specific industries, including critical infrastructure, healthcare and education.

Cyberattacks are only increasing and growing more destructive, targeting supply chains, third-party software, and operational technology (OT). Gartner predicts that by 2025, threat actors will weaponize OT environments successfully to cause human casualties. This is happening at a time of increased technology adoption led by accelerated digital transformation efforts, hybrid work and the Industrial Internet of Things (IoT) boom, leaving security teams to manage an evolving and growing attack surface and multiplying vulnerabilities.

Continue reading →

Whether it's due to high-profile attacks or new defensive technologies, the world of cybersecurity is never far from the news.

Here is what some industry experts think the cybersecurity trends will be in the coming year.

Continue reading →

The external attack surface -- those assets which face the internet -- is attracting a lot of attention at the moment, with Gartner naming it as a top security risk.

To find out more about external attack surface management (EASM) and why organizations need to take it seriously, we spoke to Rickard Carlsson, CEO of Detectify.

Continue reading →

Although quantum computing is still some way from commercial reality for most people and organizations, the technology is developing.

Many of the concerns surrounding it are about what a world of post-quantum computing might mean for cybersecurity. We asked industry experts what they think is in store for quantum in 2024.

Continue reading →

AI, particularly widely available tools like ChatGPT, has made big waves in 2023. Is this set to continue into next year or will we see a different approach to using the technology?

Here are the views of some industry experts.

Continue reading →