Articles about Security

Win10Privacy 5.0 gives you complete control over your privacy in Windows 10 and Windows 11

When it was first released, Windows 10 famously spied on users and shared all sorts of information with Microsoft. Over the years, the software giant has reigned in this behavior and introduced a wealth of privacy controls to let you manage what you share.

That said, these controls are scattered throughout the OS and finding them isn’t always easy. This is where Win10Privacy can help.

Continue reading

Get 'Cybersecurity All-in-One For Dummies' (worth $30) for FREE


Cybersecurity All-in-One For Dummies covers a lot of ground in the world of keeping computer systems safe from those who want to break in.

This book offers a one-stop resource on cybersecurity basics, personal security, business security, cloud security, security testing, and security awareness. Filled with content to help with both personal and business cybersecurity needs, this book shows you how to lock down your computers, devices, and systems -- and explains why doing so is more important now than ever.

Continue reading

Will Quantum Computing change the way we use encryption?

Today, encryption is a cornerstone of our cybersecurity practices. It protects everything from cell phones and SMS messages to financial transactions and intellectual property.

However, a new challenge in the complex landscape of encryption has recently emerged, thanks to the advancement of quantum computing. What challenges lay ahead? Here is the breakdown:

Continue reading

The CISO view: Navigating the promise and pitfalls of cybersecurity automation

security meter

Cybersecurity automation has steadily gained traction as organizations seek to improve efficiency, address talent gaps, and keep up with escalating threats. However, our latest State of Cybersecurity Automation research shows that while more businesses are utilizing automation, they continue to grapple with obstacles that prevent them from fully capitalizing on its benefits.

In our recent study surveying over 700 cybersecurity professionals, we uncovered several persistent pain points in implementing automation. The research found that a lack of trust in automated outcomes, insufficient expertise among users, and poor communication between teams have hampered automation success. As a result, organizations are struggling to build confidence in automation and maximize its effectiveness.

Continue reading

Why good cyber hygiene is a strategic imperative for UK SMEs

Cyber Hygiene

No company is immune from a cyber-attack, with large and small being targeted. As technologies advance and cybercriminals hone their skills, evolve their tactics, and find new vulnerabilities to exploit, companies can no longer ask the question of if a cyber attack will occur but when and how it will happen.

While the number of data breaches is cause for concern, the cost associated with them is equally alarming. According to Cybersecurity Ventures, the global average cost of a cyberattack has ballooned to $4.45 million, increasing by 15 percent over the past three years. Even more sobering is that it shows no signs of easing, as global cybercrime costs are projected to reach $10.5 trillion annually by 2025.

Continue reading

Microsoft launches Defender Bounty Program to find bugs in its security software

Wanted poster

Microsoft has added yet another bug bounty program to its growing portfolio. With the launch of the Microsoft Defender Bounty Program, the company is offering financial rewards to researchers who "uncover significant vulnerabilities" in its range of security products and services.

The program is focused solely on vulnerabilities of Critical or Important severity, and Microsoft is putting up rewards of between $500 to $20,000 for eligible submissions. Starting off somewhat limited in focus, the aim is to open up the program to have a wider scope further down the line.

Continue reading

The human element -- cybersecurity's greatest challenge

web threats

The stark reality of cybersecurity today isn't merely a question of advanced software or strategic counterattacks. It's about people.

The financial impact is undeniable with cybercrime costs projected to reach an astonishing $10.5 trillion annually by 2025. Yet, beneath these figures lies a more pressing issue: the exploitation of human psychology.

Continue reading

Get 'Python for Security and Networking -- Third Edition' (worth $39.99) for FREE

Python’s latest updates add numerous libraries that can be used to perform critical security-related missions, including detecting vulnerabilities in web applications, taking care of attacks, and helping to build secure and robust networks that are resilient to them.

This fully updated third edition of Python for Security and Networking will show you how to make the most of them and improve your security posture.

Continue reading

People, process, technology: How to shift security testing left successfully

The benefits of shift-left security are clear. It puts security testing in the hands of the engineers who write the code, enabling vulnerability fixes to occur before software hit production. This provides fixers with faster feedback loops on vulnerabilities found, as well as ensuring more efficient time to feature delivery and cohesive teamwork between security and development teams. With all the benefits that come with shifting API and web application security left, it’s no wonder that 57 percent of security team members have either already shifted their security strategy left or are planning to do so this year, according to a GitLab survey.

So, how do organizations implement a shift-left security strategy successfully? The answer lies in the popular three-legged stool analogy: assessing the process, people, and technology behind this major organizational change, and how they all can work together interdependently.

Continue reading

4 best practices in cloud security to strengthen national defense in the automation age

In the era of digital transformation, national security faces complex and multifaceted challenges. To address these challenges, the Department of Defense (DOD) is taking a vigilant approach to fortify the security of cloud infrastructure.

This approach seamlessly aligns with overarching national cybersecurity initiatives, which are focused on countering a multitude of emerging threats in the age of automation. Collaboratively, the DOD and other government agencies are dedicated to strengthening the ever-evolving cloud ecosystem, while navigating an increasingly intricate threat landscape.

Continue reading

The role experience plays in risk mitigation

Risk dial

Without intending to be trite, there is a very important role that experience plays in the mitigation of risk. Experience comes into play when you are tasked with prioritizing risks. If you have zero experience in cybersecurity risk management, two critical vulnerabilities have equal weight and importance. But not all critical vulnerabilities can or will be weaponized and exploited. And not all critical vulnerabilities will result in a breach or security incident. This is the difference between a priori (independent from any experience) vs a posteriori (dependent on empirical evidence) vulnerability management.

To be effective at mitigating risk, we need to find ways to make intelligent use of experience in running infosec programs. We need to use not just our own experience, but also the experience of others. This is a form of collective resilience that is crucial to defending against nation states, organized crime and, like it or not, bored teenagers attacking and breaching companies just for the lulz like LAPSUS$. This piece aims to help identify some ways in which we can better prioritize our efforts.

Continue reading

APIs -- The hidden cause of data breaches

APIs are unseen. They are not typically a technology that end users interact with directly and are somewhat hidden from their day-to-day activities. Therefore, user understanding of API vulnerabilities and the impact an API security incident could have, when it comes to data breaches, is often lacking.

While data breaches are big news, what regularly isn’t reported is the way in which some of these incidents happen. But the reality is that for many data breaches, the weak links, more often than not, are APIs and improper security around those APIs.

Continue reading

Get 'Mastering Microsoft 365 Defender' (worth $39.99) for FREE

Microsoft 365 Defender is an XDR platform that provides security across multi-platform endpoints, hybrid identities, emails, collaboration tools, and cloud apps. Mastering Microsoft 365 Defender will teach you how to get started and use Microsoft’s suite effectively.

You’ll start with a quick overview of cybersecurity risks that modern organizations face, such as ransomware and APT attacks, how Microsoft is making massive investments in security today, and gain an understanding of how to deploy Microsoft Defender for Endpoint by diving deep into configurations and their architecture.

Continue reading

Understanding LLMs, privacy and security -- why a secure gateway approach is needed

AI Safety

Over the past year, we have seen generative AI and large language models (LLMs) go from a niche area of AI research into being one of the fastest growing areas of technology. Across the globe, around $200 billion is due to be invested in this market according to Goldman Sachs, boosting global labor productivity by one percentage point. That might not sound like much, but it would add up to $7 trillion more in the global economy.

However, while these LLM applications might have potential, there are still problems to solve around  privacy and data residency. Currently, employees at organisations can unknowingly share sensitive company data or Personal Identifiable Information (PII) on customers out to services like OpenAI. This opens up new security and data privacy risks.

Continue reading

Embracing the future: How AI is transforming security and networking

Network management and security should go hand in hand. However, making these services work has become more complicated and riskier due to the growth of the public cloud, the use of software applications, and the need to integrate different solutions together.

This complex network security domain requires more skilled cybersecurity professionals. But as this need becomes obvious, so does the glaring skills gap. In the UK, half of all businesses face a fundamental shortfall in cybersecurity skills, and 30 percent grapple with more complex, advanced cybersecurity expertise deficiencies.

Continue reading

© 1998-2023 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.