A new report finds that 50 percent of enterprises and 75 percent of mid-sized organizations have exposed public SaaS assets.

The report from security platform DoControl shows that large and medium companies have an average of 5.5 million and 1.5 million assets stored in SaaS applications respectively, illustrating the challenge IT and SecOps teams face daily in securing the intellectual property those assets contain.

Known vulnerabilities for which patches have already been made available are the primary vehicle for cyberattacks, according to a report released today by Tenable.

The Tenable Research team analyzed cybersecurity events, vulnerabilities and trends throughout 2022, including 1,335 data breach incidents publicly disclosed between November 2021 and October 2022.

A new survey of 300 CIOs, CISOs, and security executives from enterprises across Europe and the USA shows that 88 percent of organizations admit to being compromised by a cyber incident over the past two years.

The study from Pentera reveals that this is despite organizations having an average of almost 44 security solutions in place.

Cybercrime actors are shifting away from ransomware to new, innovative techniques, according to the latest CrowdStrike Global Threat Report released today.

The report shows 71 percent of attacks detected in the last year were malware-free (up from 62 percent in 2021) and interactive intrusions (hands on keyboard activity) increased 50 percent in 2022. This shows how sophisticated human adversaries are increasingly looking to evade antivirus protection and outsmart machine-only defenses.

Even as we've seen a shift towards remote working, networks remain the part of an organization that are most at risk from cyber attacks.

In a new infographic LiveAction looks at evolving network security challenges and how the right Network Detection and Response (NDR) solution can be used to tackle them.

A new report on the antivirus market from Security.org reveals that almost three-quarters of Americans still strongly believe computers need antivirus to protect their devices and 61 percent are relying on free options like Microsoft Defender.

The number relying on free solutions has held steady, down only one point since 2021. Interestingly, only eight percent of free antivirus users have experienced a breakthrough virus in the past year, compared to 10 percent of paid users.

Ransomware attacks continue to plague organizations and can have an effect beyond the financial, damaging reputations and customer trust.

Now though WithSecure has developed a new technology called Activity Monitor that can essentially undo the damage malware can cause.

A new study from extended detection and response platform Cynet finds 94 percent of CISOs in small to mid-sized companies report being stressed at work.

What's more 65 percent admit work-related stress issues are compromising their ability to protect their organization. Among the CISOs surveyed, 100 percent say they need additional resources to adequately cope with current IT security challenges.

Defenders have become more successful at detecting and preventing ransomware, but even so its share of incidents declined only four percentage points from 2021 to 2022.

The latest X-Force Threat Intelligence Index from IBM Security also finds that attackers continue to innovate, with the average time to complete a ransomware attack dropping from two months down to less than four days.

As developers come under increasing pressure to deliver projects quickly, there's a rising level of conflict between development and security teams. And attackers are taking advantage of this conflict in order to target software supply chains.

So, what kind of threats do enterprises face and what can they do to protect themselves? We spoke to Pete Morgan, co-founder and CSO of supply chain security company Phylum to find out.

A new report shows that 91 percent of organizations in the financial services, technology, telecoms, and aviation sectors worldwide intend to increase their spending on identity verification solutions in the next one to three years.

The report from Regula says 17 percent of businesses intend is to dedicate 11-20 percent of their IT budget annually to IDV solutions, with 15 percent of businesses opting for 21-30 percent.

According to a new report, 98.6 percent of organizations have concerning misconfigurations in their cloud environments that can cause critical risks to their data and infrastructure.

The research from Zscaler finds cloud misconfiguration errors related to public access to storage buckets, account permissions, password storage and management, and more, have led to the exposure of billions of records.

A new report finds that even as internet users spend around a third of their lives online, most feel risks are increasing, and cybersecurity is too complex.

The report from F-Secure finds three out of four internet users worry about their safety online, while almost seven out of ten (69 percent) of those surveyed said they don't know who to trust online.

The past twelve months have been tough for a lot of organizations. From inflationary pressures to fears of a global recession, many economists have made pessimistic predictions about the year ahead. As a result, controlling and reducing costs is likely to be the focus for many companies in 2023. 

Yet despite these economic stresses, IT spending has continued to rise. Gartner has estimated businesses spent around $4.5 trillion in 2022, up 3 percent year-on-year. While part of this spend is driven by digital transformation and the adoption of new technologies, a good part comes from unexpected expenses - especially when it comes to cloud where businesses can easily incur heavy costs without realizing it. Research finds that 80 percent of organizations lack awareness of how best to manage cloud computing, leading to overspending of between 20-50 percent. 

Another year on the calendar, another guarantee that the technology on which we are so reliant will demonstrate new and largely unanticipated consequences. Perhaps nowhere is this clearer than in the world of cybersecurity. Let's take a brief look at three themes of cybersecurity predictions for 2023.

A is for Autonomy. The automobile industry is the very first thing we think of when we hear "autonomy," and there is no denying the promise of fully automated smart vehicles and how they can improve logistics, personal transport, and last-mile delivery. Through a darker looking glass, while we've seen proofs-of-concept in the past demonstrating unauthorized control of a moving vehicle, look for exploits relating to vehicular data: deliberate obfuscation of real-time geolocation coordinates and tampering of previously recorded data will surface as new areas of mischief for researchers and criminals alike.