Articles about cybersecurity

A new survey reveals that 72 percent of organizations report insider attacks have become more frequent (a six percent increase over last year), with 60 percent experiencing at least one attack and 25 percent experiencing more than six.

The study by Gurucul and Cybersecurity Insiders gathered responses from over 320 cybersecurity professionals and finds 75 percent say they feel moderately to extremely vulnerable to insider threats -- an increase of eight percent over the previous year.

Continue reading →

According to a new study, 33 percent of global organizations are not taking the threat of cyberwarfare seriously.

The report, from asset visibility and security company Armis, is based on a survey of over 6,000 IT and security professionals around the world and finds 24 percent feel under prepared to handle cyberwarfare. Indeed, the lowest-ranking security element in the eyes of IT professionals is preventing nation-state attacks (22 percent).

Continue reading →

Introduced by the US military in the 1950s, Moving Target Defense (MTD) is the concept of controlling change across multiple system dimensions in order to increase uncertainty and apparent complexity for attackers, reduce their window of opportunity and increase the costs of their probing and attack efforts.

This technique has been translated to the cybersecurity world in recent years, but while the concept is strong, it's a complex strategy that has many drawbacks if not executed properly. We spoke with Avihay Cohen, CTO and co-founder of Seraphic Security, find out more about how this concept is applied to today's cybersecurity strategies, its pitfalls and how to implement it successfully.

Continue reading →

A barrage of new threats along with increasingly complex IT environments and a shortage of skilled staff make securing the enterprise and ensuring compliance more of a challenge than ever.

In order to help businesses visualize attack surfaces, understand security requirements and prioritize steps to mitigate threats across environments, ThreatModeler is launching a new cybersecurity asset marketplace.

Continue reading →

The role of the CISO has always been a somewhat secondary one in terms of the overall big picture of running a business.

However, a new study from cybersecurity company Coalfire shows that the CISO role is maturing quickly, and gaining more of a voice in the boardroom.

Continue reading →

The advent of quantum computing offers a serious threat to the safety of encrypted information. But current post-quantum cybersecurity (PQC) solutions either can't reach edge devices like laptops and mobile phones or required software installation on these devices which is cumbersome and hard to manage.

Now though QuSecure is launching a new solution for protecting encrypted private data on any website or mobile application with quantum-resilient connections and sessions, all with no end-user installation required.

Continue reading →

As we enter 2023, factors such as an uncertain economy, inflation, the fear of a recession, hiring freezes and layoffs, and supply chain issues continue to take their toll on businesses -- impacting not only daily operations, but budgets for the new year.

When it comes to cybersecurity spending, in particular, Curtis Fechner, engineering fellow, threat management at Optiv, says many executives expect their budgets to be unchanged in 2023, which is a best case scenario as the risk of cuts amid an uncertain economy and business landscape looms large.

Continue reading →

As businesses adopt more complex hybrid IT environments and raise budgets to fend off cyberattacks, as well as keep up with production environments diversifying across various clouds, a new study finds that IT leaders increasingly feel they aren't sufficiently protected.

The latest Data protection Trends Report from data protection specialist Veeam Software shows that a top priority of organizations this year is improving reliability and success of backups, followed by ensuring that Infrastructure as a Service (IaaS) and Software as a Service (SaaS) protection is equal to the protection they rely on for datacenter-centric workloads.

Continue reading →

Last year saw zero day vulnerabilities being actively exploited in the wild across many of the major web browsers.

For businesses that allow their users to choose which browser they use this is a problem due to the frequency of vulnerabilities. We spoke to Ofer Ben-Noon, co-founder and CEO at Talon Cyber Security and former member of the Israeli intelligence community, to find out more about the current threat landscape and how firms can secure their browsers.

Continue reading →

When threat actors evaluate a company's attack surface, they're not thinking in terms of organizational silos. They're probing for the right combination of vulnerabilities, misconfigurations and identity privileges.

It follows that security organizations shouldn't be operating in silos either. Defenders risk playing into the hands of attackers as organizations struggle with reactive and siloed security programs. Having a sprawl of point tools generates heaps of fragmented data but offers few insights.

Continue reading →

New research from cybersecurity company Naoris Protocol finds 48 percent of people surveyed think criminals who break into computer networks with malicious intent should be paid a percentage of the funds they steal and face no prosecution if they return the majority of their spoils.

The survey of over 500 people working in the cybersecurity and web arenas found just 38 percent saying they disagreed with not prosecuting malicious hackers, while 13 percent were unsure.

Continue reading →

Personal employee or customer data accounted for nearly half (45 percent) of all data stolen between July 2021 and June 2022 according to the latest report from Imperva.

Companies' source code and proprietary information accounted for a further 6.7 percent and 5.6 percent respectively. On a more positive note, the research finds that theft of credit card information and password details has dropped by 64 percent compared to 2021.

Continue reading →

We reported last week on how ChatGPT could be used to offer hints on hacking websites. A new report released today by WithSecure highlights another potential use of AI to create harmful content.

Researchers used GPT-3 (Generative Pre-trained Transformer 3) -- language models that use machine learning to generate text -- to produce a variety of content deemed to be harmful.

Continue reading →

A quarter of US organizations were victims of ransomware attacks over the past 12 months, a steep 61 percent decline over the previous year when 64 percent fell victim.

In addition a new report from Delinea finds that the number of targeted companies who paid the ransom declined from 82 percent to 68 percent, which could be a sign that warnings and recommendations from the FBI to not pay ransoms are being heeded.

Continue reading →

The current economic downturn has meant significant budget cuts for many enterprises. But cyberthreats continue to escalate and businesses need to take them seriously.

This means that more than ever CISOs must prove the value of their cybersecurity programs to senior management. But how can they do this effectively? We spoke with Tim Erlin, VP of product innovation at SecurityScorecard to find out.

Continue reading →