Personal employee or customer data accounted for nearly half (45 percent) of all data stolen between July 2021 and June 2022 according to the latest report from Imperva.

Companies' source code and proprietary information accounted for a further 6.7 percent and 5.6 percent respectively. On a more positive note, the research finds that theft of credit card information and password details has dropped by 64 percent compared to 2021.

We reported last week on how ChatGPT could be used to offer hints on hacking websites. A new report released today by WithSecure highlights another potential use of AI to create harmful content.

Researchers used GPT-3 (Generative Pre-trained Transformer 3) -- language models that use machine learning to generate text -- to produce a variety of content deemed to be harmful.

A quarter of US organizations were victims of ransomware attacks over the past 12 months, a steep 61 percent decline over the previous year when 64 percent fell victim.

In addition a new report from Delinea finds that the number of targeted companies who paid the ransom declined from 82 percent to 68 percent, which could be a sign that warnings and recommendations from the FBI to not pay ransoms are being heeded.

The current economic downturn has meant significant budget cuts for many enterprises. But cyberthreats continue to escalate and businesses need to take them seriously.

This means that more than ever CISOs must prove the value of their cybersecurity programs to senior management. But how can they do this effectively? We spoke with Tim Erlin, VP of product innovation at SecurityScorecard to find out.

‌We’ve come to the end of another year characterized by heightened cybersecurity risk within an environment defined by rising political, social and economic challenges. As such, it’s time once again to look forward and take stock of the future trends that are expected to shape the cybersecurity landscape in the year ahead so that organizations can ensure they are prepared to respond to future threats and are able to mitigate any risk.

For the most part, this coming year we can expect threat actors to continue to look for ways to exploit already existing vulnerabilities within organizations, as well as those newly introduced, as organizations keep pace with new innovations and applications of technologies in order to stay ahead of the pack in an ever-evolving digital world.

The ChatGPT artificial intelligence bot has been causing a bit of a buzz lately thanks to its ability to answer questions, ask follow ups and learn from its mistakes.

However, the research team at Cybernews has discovered that ChatGPT could be used to provide hackers with step-by-step instructions on how to hack websites.

Cybersecurity -- Attack and Defense Strategies, Third Edition will bring you up to speed with the key aspects of threat assessment and security hygiene, the current threat landscape and its challenges, and how to maintain a strong security posture.

In this carefully revised new edition, you will learn about the Zero Trust approach and the initial Incident Response process. You will gradually become familiar with Red Team tactics, where you will learn basic syntax for commonly used tools to perform the necessary operations.

Although the death of the password has been predicted for many years, older technology still clings on when it comes to verifying identities.

But that's changing, particularly with the massive growth in the numbers of machine IDs. Here is what some industry experts think we'll see from the identity world in 2023.

The cybersecurity world never stands still, with threats and the technology to combat them constantly evolving.

That makes predicting what might happen difficult, but we can still extrapolate current trends to get an indication of where things might be headed. Here are some expert predictions for cybersecurity in 2023.

In the world of cybersecurity, year after year we encounter new threats and challenges, and 2023 is going to be no different. Currently, organizations are dealing with a growing number of unknown cyber threats targeting on-premises systems, cloud infrastructure, and SaaS applications. Added to this, the skills shortage is worsening too, causing analysts to becoming overloaded and burnt-out. Combined, this is creating a perfect storm, leaving organizations more vulnerable to a breach in 2023.

So, what specifically do organizations need to be aware of? Here are four trends that will shake up the cyber landscape next year.

It’s fair to say over the last year cybersecurity has become one of the hottest topics to discuss. We have seen the issue affect every possible area of life from healthcare and energy to multinational corporations, and even conflicts such as the Russia/Ukraine War.

As a result, cybersecurity (in some shape or form) is in the minds of nearly all major stakeholders, board members and leadership teams across the world. Research by IDC highlighted that European IT security spending will surpass $66 billion in 2026.

New research from Deepwatch shows 78 percent of security professionals expect breach and incident reporting requirements to create more work for their teams, and 77 percent expect increased work arising from privacy requirements.

The SecOps pulse survey shows digital transformation initiatives and regulatory requirements are the top two cost drivers expected for next year.

Over the past couple of years enterprise security teams have faced a number of challenges, not least the shift to more remote and hybrid working.

This has driven forward plans to adopt automation and technologies like zero trust. So, what changes can we expect to see as we move forward into 2023?

Compared to many industries, cybersecurity operates in a highly adversarial environment, with organizations investing huge levels of time, money and resources into defeating a range of determined threat actors. If that weren't enough, security teams are pitted against highly motivated, well-organized criminal and nation-state groups who constantly shift tactics to gain the upper hand.

The result is that security teams are frequently inundated with alerts, false positives and negatives, which nevertheless, they are compelled to address rather than being allowed to concentrate on proactively securing their networks.

New research published in November revealed that the severity of inbound cyberthreats increased during holiday months.

The findings, from our Barracuda XDR team' Global Security Operations Center, suggest that cyberattackers may take advantage of IT security professionals being away from the workplace to launch more complex, higher risk attacks -- possibly in the hope that understaffed security departments are less likely to be monitoring the network for threats or equipped to deal with any crisis.