Articles about cybersecurity

Smaller businesses are an attractive target for attackers since they often don't have the same security resources as larger organizations.

A new report from OpenText Security Solutions, based on a survey of over 1,300 security and IT professionals at SMBs, reveals 84 percent are concerned about a ransomware attack impacting their business and 60 percent are not confident they can fend off such an attack.

Continue reading →

Automated threats, ranging from account takeover, credit card fraud, web scraping, API abuses, Grinch bots, and DDoS attacks, are a persistent challenge for the eCommerce industry, according to a new report.

Cybersecurity company Imperva has conducted a 12-month analysis of threats targeting the retail industry. A continued barrage of attacks on retailers’ websites, applications, and APIs throughout the year and during peak holiday shopping times is a continued business risk for the retail industry.

Continue reading →

A new survey of 150 federal cybersecurity leaders finds that 73 percent of respondents feel a lack of foundational data protection efforts puts their agency at risk.

In addition the research, from data protection provider Zettaset, shows 77 percent say that siloed systems that lack visibility make it difficult to properly protect critical assets. It's not surprising then that 57 percent report experiencing multiple data breaches over the past two years.

Continue reading →

The virtual world of the Metaverse is already attracting people to attend virtual events and play games. It also has the potential for businesses to make money -- research from McKinsey suggests it could be a $5 trillion industry by 2030.

However businesses are still wary of the additional challenges, particularly with regard to security. New research carried out by YouGov for app security company F5 shows six out of 10 respondents say the Metaverse has introduced security complexities that their organization may not be equipped to address.

Continue reading →

In what was a far-sighted move back in 2004, the President of the United States and Congress declared October to be Cybersecurity Awareness Month, dedicated to helping individuals protect themselves online as threats to technology and confidential data become more commonplace.

This has now become a regular event on the calendar and the theme of this year's campaign is 'See Yourself in Cyber', aiming to underline the fact that cybersecurity is ultimately about people rather than technology.

Continue reading →

October is Cybersecurity Awareness Month, and this year’s overarching theme is "It’s Easy to Stay Safe Online."

While cybersecurity news often centers around massive data breaches and hacks, it can be overwhelming to citizens and consumers who feel powerless against such threats. However, this year’s theme serves as a reminder that we all have a part to play in making the online world a safer place, whether that be at work, home or school. 

Continue reading →

Resource Public Key Infrastructure -- or RPKI -as it's better known -- is a security framework that is designed to prevent cybercriminals or rogue states from diverting internet traffic.

National research center for Cybersecurity ATHENE says it has found a way to easily bypass this security mechanism, and in a way that means affected network operators are unable to notice.

Continue reading →

The average enterprise uses more than 130 cybersecurity point solutions, creating siloed data that is hard for security teams to apply in meaningful ways.

To address this problem, Tenable is launching a new exposure management platform, aimed at giving customers a unified view into their organization's assets and vulnerabilities across the whole attack surface.

Continue reading →

The amount of DDoS attacks increased by 75.6 percent compared to the second half of 2021, but the average (0.59 Gbps) and maximum (232.0 Gbps) attack sizes each decreased by 56 percent and 66.8 percent, respectively.

New research from Nexusguard shows that single-vector attacks represented 85 percent of all attacks globally in the first half of this year. Of these User Datagram Protocol (UDP) attacks accounted for 39.6 percent, an increase of 77.5 percent from the first half of 2021, the remainder being HTTPS flood attacks.

Continue reading →

Spending more money on cybersecurity tools doesn't necessarily mean you're less likely to suffer from a cyberattack. Until now though it's been hard to tell whether what you do spend is actually delivering a good return on investment.

Safe Security is today launching a new Return on Security Investment (ROSI) calculator that enables CISOs and CFOs to quantify the reduction in risk for each dollar invested in cybersecurity.

Continue reading →

Imagine a future in which every person, object, and service is connected to the internet. Your car knows your destination before you do, your fridge restocks itself, and your doctor can remotely monitor your health. Now imagine that one day, all of those interconnected devices get hacked at once. Your car suddenly careens off the road, your fridge emits a deafening alarm, and your doctor’s office is flooded with false patient data.

This nightmare scenario is becoming increasingly likely, as the world becomes ever more connected and reliant on technology. And it’s not just consumers who are at risk -- businesses are, too. A single cyberattack can cost a company millions of dollars, and the price is only going up as hackers become more sophisticated.

Continue reading →

In late August, the UK government introduced new cybersecurity rules aimed at protecting telecommunication networks against cyber attacks. The rules, which allow the government to boost the security standards of the UK’s mobile and broadband networks, come at a time when attacks on critical infrastructure are becoming more frequent and more dangerous.

Earlier this year, for example, Costa Rica was thrown into crisis after a ransomware attack affected 30 government institutions, including critical ministries and its social security fund. The group behind the attack, known as Conti, threatened to overthrow the government unless the US$10 million ransom was paid. With the help of international partners -- including the United States, Israel, Spain, and Microsoft -- it was able to get all its systems back online, but it took weeks. Montenegro, meanwhile, also saw critical digital infrastructure crippled following a cyber attack blamed on state-sponsored actors. The attack effectively sent some government departments back to the analogue era and was still being wrestled with more than three weeks after it was first detected.    

Continue reading →

Major cyberattacks invariably make the headlines, but it seems that rather than take a proactive approach, many CISOs wait for a new threat to emerge before protecting their business. They simply hope they won't be caught up in the first wave of a new attack.

Dave Mitchell, CTO of cybersecurity investigation specialist HYAS Infosec, believes there is a better approach, one that detects threats by monitoring the communications that form the foundations of internet architecture. We recently talked to him to learn more.

Continue reading →

What is the true cost of creating a robust cybersecurity defense for your organization? As cyberattacks accelerate around the world, organizations will continue to spend more money on security tools and services to shore up defenses. According to Cybersecurity Ventures, global cybersecurity spending overall will exceed $1.75 trillion from 2021-2025, anticipating a 15 percent year-over-year growth.

With the steady increase of budgets and IT spend, there is no denying the importance of investing in the people who run security operations. Enterprises often have an eclectic group of different vendor solutions added over time, sometimes with overlapping functionality and often with time-consuming onboarding and training requirements. Each cybersecurity product brings its own console, segmenting visibility, and threat correlation. The result is dangerous blind spots that leave enterprises vulnerable to damaging exploits. With the interminable shortage of qualified cybersecurity professionals, we need to investigate ways to more efficiently leverage the talent that we already have. The vast workload is burning them out. At best, this leads to a loss of productivity. At worst, they leave for greener pastures, which translates into turnover costs.

Continue reading →

Despite increased spending on cybersecurity, a new report reveals that 90 percent of organizations were affected by ransomware in some way over the past 12 months, up from last year's 72.5 percent.

The study from SpyCloud shows that security efforts are being stepped up, the number of organizations that have implemented or plan to implement multi-factor authentication jumped 71 percent, from 56 percent the previous year to 96 percent. Monitoring for compromised employee credentials also increased from 44 percent to 73 percent.

Continue reading →