Enterprise

With high profile cyber attacks and data breaches continuing to make the news, security is at the top of the priority list for businesses.

But how do you know that the resources you put into cybersecurity are providing a good return on the investment? We spoke with Oliver Rochford, security evangelist at Securonix to find out.

Thanks to organizational changes brought about by digital transformation, enterprise use of Public Key Infrastructure (PKI) and digital certificates has never been higher, but the related skills to manage PKI are in historically short supply.

A new report from trusted identity company Entrust, based on research from the Ponemon Institute, finds cloud-based services remain the highest driver of PKI use at 51 percent, the Internet of Things (IoT) remains the second highest growing trend cited by 46 percent of respondents, and consumer mobile comes in third at 39 percent.

As digital transformation projects roll out, APIs are more critical than ever to build modern applications. But as we reported last week they also create security headaches.

Security testing specialist Veracode is addressing this with the launch of a new scanning tool that enables organizations to find and fix vulnerabilities in APIs.

Cloud adoption is still rising across all industries but managing costs and regulatory requirements remain top concerns for organizations worldwide.

A new report from O'Reilly finds that 30 percent of all respondents in almost every industry cite managing cost as the most important initiative their company is undertaking related to public cloud adoption.

We recently reported on a study showing that IT leaders are willing to pay more for systems and providers that have a commitment to sustainability. And with the COP26 climate conference in full swing there's increased focus on reducing our impact on the planet.

But how can enterprises properly vet their supply chain to ensure the businesses they’re dealing with are adhering to the appropriate standards? We spoke with Martin Thompson, founder of the ITAM Forum -- a body that promotes the IT asset management industry -- to find out.

Information is now a critical asset for businesses, but it's only of real value if you can manage and access it efficiently.

More and more data now is in an unstructured form too, so has the way we manage information changed, and what do businesses need to do to make the most of it to inform their day-to-day decisions? We spoke to Antti Nivala, founder and CEO of M-Files to find out.

Microsoft's Active Directory is used by many businesses as a way of managing identity services and controlling access.

But if it's not configured correctly it can lead to security risks. But how dangerous is this and what can enterprises do to keep themselves safe? We spoke to Andy Robbins, technical product architect at SpecterOps to find out.

The cat’s out of the bag. Windows 11 is here, more than six years after the release of its predecessor, Windows 10.

Microsoft has promised Windows 11 will be "the most secure Windows operating system yet" which, if true, will come as a relief for those plagued by ransomware and malware attacks.

The launch of Red Hat Enterprise Linux (RHEL) 9 Beta today marks a bit of a change from previous releases. While it has many improvements and enhancements that customers have asked for, there are fewer changes that require admins and IT Ops to learn new ways of doing things.

This means anyone already familiar with RHEL 8 should feel at home. Among new features are enhanced web console performance metrics, kernel live patching via the web console, and streamlined image building.

Over the last year at least 44 percent of respondents to a new survey faced substantial issues concerning privacy, data leakage, and object property exposure with internal or external-facing APIs.

The study for Cloudentity, based on research carried out by PulseQA, shows that as a result of these issues, 97 percent of enterprises have experienced delays in releases of new applications and service enhancements due to identity and authorization issues with APIs and services.

Despite the significant shift and adoption of new technologies over the past few years, many businesses still rely on legacy infrastructure. Legacy servers are often still in operation because they are far too critical, complex, and expensive to replace. Famous examples include Oracle databases running on Solaris servers, applications using Linux RHEL4, or other industry-specific legacy technology. 

Although critical to the business, these legacy systems can increase a company's risk -- gaining access to just one unpatched legacy device can be relatively simple for cybercriminals. Once inside, said criminals will move laterally to gain a deeper foothold inside the network and deploy more significant attacks.

A new survey of over 4,000 global IT workers, carried out by Kaspersky shows that 54 percent of employees have reported an increased workload since switching to remote working.

While 37 percent of respondents didn't notice a change in volume, a lucky nine percent note a decrease in work due to new working conditions.

It's easy to pigeonhole cybersecurity as something for the IT or security team to look after. But a major cyberattack can have a devastating impact on the business as a whole.

It's important, therefore, that security be looked at in the context of the entire enterprise. This also means considering approaches like 'assumed breach' where you accept that sooner or later attackers will succeed in getting into your network.

A new survey finds that 83 percent of companies would suffer business damage during the first 24 hours of an outage and its aftermath.

The study from Dimensional Research on behalf of Netenrich also uncovers a number of contradictions in enterprises' attitude to scaling their security operations.

The latest cloud security study from Thales shows that 83 percent of businesses are still failing to encrypt half of the sensitive data they store in the cloud.

This is despite the fact that 40 percent of organizations have experienced a cloud-based data breach in the past 12 months.