Articles about Enterprise

The latest State of Pentesting report from Pentera reveals that over 50 percent of enterprise CISOs now report using software-based pentesting to support their in-house testing practices.

Based on research conducted by Global Surveyz, the report notes that 50 percent of CISOs now identify software-based testing as a primary method for uncovering exploitable security gaps within their organizations.

Continue reading →

A new report finds that 76 percent of enterprises admit they've made business decisions without consulting available data because it was too difficult to access, creating a concerning gap between data availability and data-driven decision-making.

The report from Sisense with research firm UserEvidence shows that although 81 percent of organizations believe they have good or full control of their data, 64 percent acknowledge that they can't reliably access it for decision-making.

Continue reading →

Organizations are often using 50 or more different security tools and, even with the help of AI, they need to manually interact with each when investigating cybersecurity incidents.

A new SaaS security Model Context Protocol (MCP) server launched by AppOmni at this week's RSA Conference is designed to let security teams spend less time investigating incidents and more time taking action to fix them.

Continue reading →

Mobile threats are no longer an emerging issue, they're here, rapidly evolving, and targeting the devices organizations depend on every day.

As employees use smartphones, laptops, and tablets to access sensitive data and systems, a new report from Zimperium zLabs shows attackers are increasingly exploiting these endpoints through mobile-first strategies that bypass traditional security defenses.

Continue reading →

In recent years, businesses have stampeded to move systems to the cloud. But in doing so they often unwittingly introduce multiple layers of virtualization which means they can be paying to run the same processes multiple times.

Can optimization techniques help to improve performance and cut cloud costs? We spoke to Dr. Ignacio M Llorente, CEO and founder of OpenNebula Systems to find out more.

Continue reading →

A new survey of 1,000 businesses across the UK, UK, Europe and the Asia-Pacific region reveals a worrying disconnect between organizations' perceived readiness and actual performance in cyber crisis response.

The study for Semperis, with research from Censuswide, finds 90 percent of enterprises surveyed struggle with serious blockers to effective cyber response. Top issues include cross-team communication gaps (48 percent), out-of-date response plans (45 percent) and unclear roles and responsibilities (41 percent).

Continue reading →

Enterprises are grappling with an increasing compliance burden, subject to multiple frameworks and more regulatory mandates that stretch resources and drive-up costs.

Misconfigurations can further complicate things, often leading to non-compliance and regulatory penalties. Plus time-consuming tasks like auditing, reporting, and system remediation are prone to human error.

Continue reading →

New research shows that 71.7 percent of workplace AI tools are high or critical risk, with 39.5 percent inadvertently exposing user interaction/training data and 34.4 percent exposing user data.

The analysis from Cyberhaven draws on the actual AI usage patterns of seven million workers, providing an unprecedented view into the adoption patterns and security implications of AI in the corporate environment.

Continue reading →

Current AI models can perform many tasks such as generating text, but these are 'prompted' -- that is the AI isn't acting by itself. But this is about to change with the arrival of agentic AI.

Gartner estimates that by 2028, 33 percent of enterprise software applications will include agentic AI, up from less than one percent in 2024, enabling 15 percent of day-to-day work decisions to be made autonomously.

Continue reading →

A new report from Zafran Security shows that enterprise risk management is shifting from volume to value, and from patching everything to fixing what matters most.

The study, carried out by Foundry MarketPulse, reveals that only one in 50,000 vulnerabilities actually pose a critical risk -- and the ones getting exploited the most are often old, quiet, and ignored.

Continue reading →

The latest revision to the PCI DSS standard for protecting payment data, PCI DSS 4.0.1, was announced last year and came into force last month.

But what do these new requirements mean for businesses? We spoke to Simon Wijckmans, CEO at web security platform c/side, to find out.

Continue reading →

A new survey of more than 1,000 IT and security professionals carried out for Cayosoft finds that 88 percent of enterprise hybrid Active Directory environments have critical vulnerabilities.

Microsoft Active Directory is a key element of enterprise IT, but the 2025 Active Directory Insights report identifies glaring gaps in resilience, security, and operational efficiency that could leave critical systems exposed to attack.

Continue reading →

As enterprises turn to increasingly sophisticated AI applications and agentic AI workflows, the large cloud footprint required to support such complex systems has become critically difficult to secure.

To address this issue Operant AI is launching AI Gatekeeper, a runtime defense platform designed to block rogue AI agents, LLM poisoning, and data leakage wherever AI apps are deployed, securing live AI applications end-to-end beyond Kubernetes and the edge.

Continue reading →

Analysis of over 17,000 enterprise-used mobile apps by Zimperium zLabs finds that 92 percent of all apps and 56 percent of the top 100 apps use flawed cryptographic methods that could be putting organizations at risk.

Even more concerning, five percent of top 100 apps were found to have high-severity cryptography flaws including hardcoded keys and outdated algorithms.

Continue reading →

Despite being present on virtually every employee's browser, extensions and plug-ins are rarely monitored by security teams or controlled by IT and a new report shows that could be leaving enterprises at risk.

The study from LayerX Security combines statistics from real-life usage data from enterprise users, with data available from public extension stores to reveal how organizations and employees interact with extensions, the associated risks and security blind spots.

Continue reading →