Articles about cybersecurity

New survey findings from Lookout show that 70 percent of IT leaders in the financial services sector report a significant increase in data breaches compared to previous years.

Nearly half of organizations (47 percent) are struggling with the heightened difficulty of detecting and mitigating threats, while about a fifth (18 percent) face a significant lack of control over their applications and data.

Continue reading →

Operational technology and industrial control system devices represent an attractive target for cybercriminals attempting to access networks, and for nation state actors looking to disrupt infrastructure.

Asset visibility and security company Armis is releasing new research identifying the riskiest devices that pose threats to critical infrastructure industries: manufacturing, utilities and transportation.

Continue reading →

Blockchain is best known for its application in securing cryptocurrency. But in recent years it's expanded to drive emerging business in other sectors such as healthcare, real estate, smart contracts, and more.

Because blockchain ensures a tamper-proof ledger of the distributed transactions, it's sometimes used for high-risk transactions and exchanges. But this presents high stakes opportunities for adversaries to steal money and sensitive information.

Continue reading →

Many organizations around the world are opting to pay ransoms to cybercriminals in order to buy back ownership of their data. But this can leave them open to further risk of attack.

Gerasim Hovhannisyan, CEO and co-founder of EasyDMARC, believes it's wrong to pay up and that it's better to establish good defenses. We spoke to him to find out why.

Continue reading →

After a decrease of eight percent in cyber extortion (Cy-X) victims in 2022, the data for the first quarter of this year shows the largest volumes to date.

The latest Cy-Xplorer 2023 report from Orange Cyberdefense shows businesses in 96 different countries were impacted by Cy-X in 2022. Since 2020 Orange Cyberdefense has recorded victims in over 70 percent of all countries worldwide.

Continue reading →

Just 25 percent of IT professionals are following industry best practices for backing up data, according to a new study from hardware-encrypted storage maker Apricorn.

The survey details data backup, encryption and resiliency protocols for over 250 IT professionals in the United States and Canada over the last 12 months. It finds that while 93 percent of respondents say that they factor in data backups as part of their cyber security strategy, only one in four follow the 3-2-1 rule, in which they keep three copies of data, on two different formats, one of which is stored off-site and encrypted.

Continue reading →

Law firms store some of the most sensitive information available regarding material business transactions, intellectual property and personal data.

But a new study from the International Legal Technology Association (ILTA) and Conversant Group, reveals a disconnect between legal firms' IT and best practice cybersecurity.

Continue reading →

A new report uncovers a worrying 25 percent increase in the total number of new vulnerabilities published in 2022.

The latest Vulnerability and Threat Trends Report from the Skybox Security Research Lab shows 25,096 new vulnerabilities published last year, representing the largest year-on-year rise seen since 2017.

Continue reading →

Following on from its adding passkey support to Chrome and Android at the end of last year, Google is continuing to rollout the technology across all its platforms.

The company is now bringing passkeys to Google Workspace. Passkeys offer a convenient and secure passwordless authentication experience across websites and apps, allowing users to sign in with a fingerprint, face recognition, or other screen-lock mechanism across phones, laptops, or desktops.

Continue reading →

New research from asset visibility and security company Armis shows threat intelligence has become a top priority, yet organizations don't have a clear view of their networks.

The study of 400 IT professionals across the UK shows the top challenges they faced in the last six months as: keeping up with threat intelligence, compliance with cybersecurity regulations and frameworks, staffing and recruitment, an ever expanding attack surface, and visibility into all assets connected to the network.

Continue reading →

Last month broke ransomware records -- and not in a good way. The latest report from Blackfog shows 66 publicly disclosed ransomware attacks, the highest recorded since the company began reporting in January 2020.

More concerning still is a significant uptick in the attack success rate, with a 154 percent increase over 2022.

Continue reading →

The Great Resignation and tech layoffs have pushed staff turnover to an all-time high. And with every personnel change, years of institutional knowledge are lost in the transition. That information can be critically important for security executives, like CISOs, who must be the ultimate stewards of organizational security across an ever-changing attack surface.

Organizational environments today are increasingly complex and constantly evolving, making it challenging to understand exactly what is at risk at any given moment. For CISOs joining an organization, it is vital to understand exactly what is on their environment to effectively secure it.

Continue reading →

It seems that every week we hear of another cybersecurity breach. This year, organizations of all shapes and sizes have fallen victim to malicious crimes -- from Apple, T-Mobile and Uber, among many others -- and data breaches are costing U.S. businesses millions of dollars.

The emerging digital ecosystem has made every company a target, and as a result, organizations are investing in a range of cybersecurity measures to mitigate threats and enhance resiliency and recovery. As cybercriminals continue to evolve their tactics, it’s becoming increasingly challenging for organizations to keep up with the latest security measures. This highlights the need for ongoing cybersecurity investment and a proactive approach to threat detection and response. The question is, what are these measures, and is there a one-size-fits-all approach? Let’s explore.

Continue reading →

Modern enterprises hold huge volumes of data and increasingly it's stored in the cloud. This means that protecting the information is a significant challenge and it can even be easy to lose track of where data is.

We spoke to Dan Benjamin, co-founder and CEO of Dig Security, to discuss the risks around cloud data storage and how to address them.

Continue reading →

Cloud incident response company Mitiga has released research on a significant forensic security deficiency in Google Workspace that enables threat actors to exfiltrate data in Google Drive without any trace.

Data theft is one of the most common motives for attack, and with more than six million businesses using Google Workspace -- including Google Drive -- the cloud-based repository has been a prime target for data exfiltration.

Continue reading →