The cyber extortion threat landscape continues to evolve quickly and the past 12 months have seen the number of victims globally increasing by 46 percent, marking the highest numbers ever recorded.

A new report from Orange Cyberdefense shows large enterprises were the victim in the majority of attacks (40 percent), with those employing more than 10,000 people seeing a steady increase.

Continue reading →

New research from Dig reveals that cloud assets like Amazon S3 buckets and Azure Storage accounts are being left open to ransomware attacks thanks to poor configuration.

It shows that only 31 percent of S3 buckets have versioning enabled, an essential for data recovery, while just two-thirds of sensitive buckets have logging enabled, a prerequisite for detection. In addition 72 percent of remote CMK buckets are not actively monitored.

Continue reading →

Cybersecurity All-in-One For Dummies covers a lot of ground in the world of keeping computer systems safe from those who want to break in.

This book offers a one-stop resource on cybersecurity basics, personal security, business security, cloud security, security testing, and security awareness. Filled with content to help with both personal and business cybersecurity needs, this book shows you how to lock down your computers, devices, and systems -- and explains why doing so is more important now than ever.

Continue reading →

The healthcare sector is particularly attractive to cybercriminals due to the amount of personal data held and the critical nature of many systems.

We spoke to Shankar Somasundaram, CEO of IoT risk management platform Asimily, to discuss healthcare systems and the challenges involved in securing them.

Continue reading →

While 92 percent of IT business leaders believe they've made the right security investments and 88 percent say they meet all compliance requirements, half still worry about their company's security.

New research by Propeller Insights for AppDirect shows top areas of concern include cybersecurity risk (58 percent), information security risk (53 percent) and compliance risk (39 percent).

Continue reading →

Over half of today's office workers are ignoring important cybersecurity alerts and warnings due to information overload from digital communication.

New research from CybSafe, based on a survey of 1,000 office workers, shows 54 percent have ignore warnings, while 47 per cent admitted to feeling the information overload is having an impact on their ability to identify threats such as suspicious emails.

Continue reading →

Corporate information security has traditionally used the 'castle' approach, using a strong boundary to keep everything secure.

But as we've moved to hybrid working and more sharing of information the castle is too restrictive and we've moved towards a 'city' model, allowing open routes to trade with assets widely distributed.

Continue reading →

Building management systems (BMS) are responsible for controlling and monitoring various building services such as HVAC, energy, elevators, escalators, surveillance and access control.

They're crucial for service delivery across industries, including critical infrastructure such as energy, utilities, and healthcare. But they're also a significant of an organization's cyber risk due to their integration with IT networks and the internet.

Continue reading →

Cybersecurity automation has steadily gained traction as organizations seek to improve efficiency, address talent gaps, and keep up with escalating threats. However, our latest State of Cybersecurity Automation research shows that while more businesses are utilizing automation, they continue to grapple with obstacles that prevent them from fully capitalizing on its benefits.

In our recent study surveying over 700 cybersecurity professionals, we uncovered several persistent pain points in implementing automation. The research found that a lack of trust in automated outcomes, insufficient expertise among users, and poor communication between teams have hampered automation success. As a result, organizations are struggling to build confidence in automation and maximize its effectiveness.

Continue reading →

According to a new report, 66 percent of IT decision makers (ITDMs) are worried that data is spiraling out of control in their organization and that this is putting compliance at risk.

The study of 850 ITDMs carried out for Cloudera shows that 63 percent of organizations believe siloed data makes it harder for them to comply with data compliance regulations.

Continue reading →

In the wake of the MOVEit vulnerability, which affected an estimated 40 million people around the world, businesses are stepping up their investment in ransomware protection.

A new study carried out by Censuswide for Veeam Software surveyed 100 directors of UK companies with over 500 employees who had suffered a ransomware attack in the past 18 months and finds 24 percent report they are significantly more anxious about ransomware attacks as a direct result of the MOVEit breach.

Continue reading →

A new survey from detection and response specialist Adarma reveals that organizations believe they are at significant risk of cyberattack due to stressed and exhausted staff.

The study of 500 cybersecurity professionals from UK organizations with over 2000 employees finds 51 percent believe their security operations staff are challenged, stressed, frustrated and/or exhausted, which could be putting businesses at risk.

Continue reading →

A new survey of 500 financial executives in the US shows a 17 percent increase in 'synthetic' identity fraud cases over the past two years, with more than a third of professionals reporting a significant surge of 20 to 50 percent.

The study by Wakefield Research for Deduce finds that despite the industry investing in fraud prevention, 52 percent of experts believe that fraudsters are adapting faster than defenses can keep up.

Continue reading →

A new report from managed security platform Huntress shows that 64 percent of identity-focused incidents at SMBs in the third quarter of 2023 involved malicious forwarding or other malicious inbox rules, a key indicator of business email compromise (BEC).

Another 24 percent of identity-focused incidents involved logons from unusual or suspicious locations. Now favored as an intrusion vector, identity-based attacks are on the rise with threat actors targeting cloud services to steal identifying information or break into business emails.

Continue reading →

The shift towards cloud and hybrid models of IT along with containerization has placed greater emphasis on the need for secure authentication, whether it’s via passwords, certificates or keys.

Managing these 'secrets' effectively is therefore key to keeping systems secure. We spoke to Oded Hareven, co-founder and CEO at Akeyless Security to find out more.

Continue reading →