Articles about cybersecurity

IT leaders are optimistic about the value AI can deliver, but readiness is low. Many organizations still lack the security, governance and alignment needed to deploy AI responsibly.

A new study by the Ponemon Institute for OpenText finds 57 percent of CIOs, CISOs, and other IT leaders rate AI adoption as a top priority, and 54 percent are confident they can demonstrate ROI from AI initiatives. However, 53 percent say it is ‘very difficult’ or ‘extremely difficult’ to reduce AI security and legal risks.

Continue reading →

As students head back to university and college and engage with more digital platforms than ever, new research shows today’s tech-savvy demographic is sounding the alarm on digital identity protection as AI-generated scams surge.

The 2025 Online Identity Study from Jumio shows students globally are both early adopters of generative AI, with 70 percent using AI to create or modify images, but also the group most exposed to its risks.

Continue reading →

New research from NETSCOUT looking at the DDoS attack landscape shows that this method has evolved into a precision-guided weapon of geopolitical influence capable of destabilizing critical infrastructure.

Based on monitoring of more than eight million DDoS attacks globally in the first half of 2025, the study shows hacktivist groups like NoName057(16) have orchestrated hundreds of coordinated strikes each month, targeting the communications, transportation, energy, and defence sectors.

Continue reading →

An ongoing phishing campaign is targeting organizations across multiple industries, using
sophisticated social engineering tactics to convincingly impersonate well-known
videoconferencing platforms and deploy ConnectWise ScreenConnect for unauthorized remote
access.

The research from Abnormal Intelligence reveals that unlike traditional credential-harvesting attacks that steal login information, this campaign deceives targets into downloading legitimate remote monitoring and management (RMM) software, granting cybercriminals complete control over end-user devices.

Continue reading →

New research shows institutions in the financial sector experience up to 300 times more cyberattacks than other sectors, with large banks reporting 45 percent of their employees susceptible to phishing attacks.

The study from KnowBe4 reveals almost all (97 percent) of major US banks experienced third-party breaches in 2024, while targeted intrusions against financial institutions increased by 109 percent year-on-year.

Continue reading →

Today's security operations center has to deal with a relentless flood of telemetry from IaaS, SaaS, identity providers, endpoints, and email providers. While AI can help many existing solution focus only on a small portion of SOC challenges.

Exaforce is launching its agentic security operations (SOC) platform, combining AI-native capabilities for the entire SOC lifecycle alongside a fully managed MDR service. It aims to employ agentic AI across the entire security operations lifecycle, spanning threat detection, alert triage, investigation, threat hunting, and response.

Continue reading →

As cyber threats become more frequent and complex, CISOs are increasingly concerned about their organization’s ability to withstand a material attack. 76 percent feel at risk of experiencing a material cyberattack in the next 12 months, yet 58 percent say they are unprepared to respond.

The latest Voice of the CISO report from Proofpoint surveyed 1,600 global CISOs across 16 countries and finds human behavior remains a critical vulnerability, with 92 percent attributing at least some data loss to departing employees.

Continue reading →

The UK’s Online Safety Act has already led to controversy in a number of areas, but it seems that, on a positive note, it may have helped drive a growing level of privacy awareness among internet users.

New research from AstrillVPN shows a surge in searches related to privacy tools. Data breach checker ‘Have I Been Pwned’ has topped the list of the UK’s most searched online privacy tools, receiving an average of 67,542 monthly searches.

Continue reading →

New research from Fortinet’s FortiGuard Labs highlights a recently identified phishing campaign that uses carefully crafted emails to deliver malicious URLs linked to convincing phishing pages.

These pages are designed to entice recipients into downloading JavaScript files that act as droppers for UpCrypter, malware that ultimately deploys various remote access tools (RATs).

Continue reading →

A new State of the Security Profession survey from The Chartered Institute of Information Security (CIISec) shows that 91 percent of the profession believe ultimate responsibility for cybersecurity lies with the board and not security managers or CISOs (just 31 percent).

The survey focused on regulation in the light of a wave of major regulations either recently passed or coming into force -- including the EU AI Act, DORA, NIS2 and the UK’s Data (Use and Access) Bill.

Continue reading →

Artificial intelligence is making insider threats more effective according to a new report which also shows that 53 percent of respondents have seen a measurable increase in insider incidents in the past year.

The survey, of over 1,000 cybersecurity professionals, from Exabeam finds 64 percent of respondents now view insiders, whether malicious or compromised, as a greater risk than external actors. Generative AI is a major driver of this, making attacks faster, stealthier, and more difficult to detect.

Continue reading →

A new survey from Gurucul in collaboration with Cybersecurity Insiders finds that 87 percent of respondents are deploying, piloting or evaluating AI-powered SOC tools, but only 31 percent are using them across core detection and response workflows.

The study, based on responses from over 700 cybersecurity leaders around the world, finds human and identity risks are still a major concern. 78 percent of security leaders identify social engineering and phishing as their top threat, followed closely by identity-based attacks (73 percent). However, 67 percent say they still lack visibility into access behavior and lateral movement.

Continue reading →

Cybersecurity professionals are sounding the alarm, not about increasingly sophisticated cyber threats, but about something far more human --  distraction.

New research from KnowBe4 shows distraction (43 percent) and lack of security awareness training (41 percent) are identified as the primary reasons employees fall victim to cyberattacks, rather than sophistication of the attacks themselves.

Continue reading →

Artificial intelligence is being used to streamline many business tasks, but at the same time it opens up new attack vectors and risks.

Secure AI specialist WitnessAI is announcing two new products aimed at securing enterprise LLMs and AI applications through automated red-teaming and behavioral runtime protection.

Continue reading →

On average, enterprises spend 11 hours of employee time investigating and remediating a single critical identity-related security alert.

A new study from Enterprise Strategy Group, of 370 IT and cybersecurity decision makers, shows this affects the capacity of security teams to manage alert volume, and this is only made worse in the age of AI.

Continue reading →