Articles about Security

IT security teams have faced a range of challenges in the last year thanks to dramatically expanded work-from-home programs, increased BYOD use, and rising internal and third-party risks arising from the COVID-19 pandemic.

The latest Cyberthreat Defense Report from CyberEdge shows 86 percent of organizations experienced a successful attack, up from 81 percent the previous year, the largest year-on-year increase in six years.

Continue reading →

Since the idea of Zero Trust was first proposed back in 2010 it's sparked interest from organizations of all sizes.

But why is Zero Trust seen as a game changer when it comes to protecting organizations and data? We spoke to Jason Clark, chief security and strategy officer at Netskope to find out.

Continue reading →

A side effect of the COVID-19 pandemic has been a rise in QR code usage as the need for touchless transactions has increased.

A new study from automation platform Ivanti reveals that 83 percent of respondents say that they used a QR code to make a payment (or complete a financial transaction) for the first time ever since March 2020, with 54 percent doing so past three months alone.

Continue reading →

The latest State of Email Security report from Mimecast, based on a study of over 1,200 IT and cybersecurity leaders, shows businesses faced unprecedented cybersecurity risks in 2020.

Ransomware impacted 61 percent, a 20 percent increase over last year's report, while 79 percent say their companies experienced a business disruption, financial loss or other setback in 2020 due to a lack of cyber preparedness.

Continue reading →

Data breaches have almost become a fact of everyday life, but there are still some that have greater impact than others.

Software company Intact has carried out an analysis of publicly available data to see which companies have suffered the most large-scale data breaches (involving more than 30,000 records or more) over the last 16 years.

Continue reading →

Cloud misconfigurations are one of the major causes of data breaches and the problem has become worse thanks to the dash for remote working.

While cloud is undoubtedly the right choice for businesses looking to expand their infrastructure to keep pace with DevOps demands and embrace support for remote working, many enterprises are falling short of providing adequate Cloud Security Posture Management (CSPM).

Continue reading →

Although most web browsers now automatically switch you to the secure HTTPS (Hyper Text Transfer Protocol Secure) version of a website if you try to go to a non-secure HTTP address, the EFF (Electronic Frontier Foundation) offers another option.

Its HTTPS Everywhere add-on has been protecting users for over a decade now, and automatically sends your browser to the secure version of a site if it exists. Thanks to a new partnership with privacy-focused search engine DuckDuckGo, the tool is about to get even better at redirecting users.

Continue reading →

Avast Antivirus 2021 has just received its April update, and it's an important one. In addition to the usual array of bug fixes and improvements, there are also some serious changes and additions to enjoy. Chief among these are big improvements to scanning, helping to boost the overall performance of the software.

There have also been changes to the way notifications work in the app. While you, of course, want to be made aware of things that need your attention, an overload of notifications can be annoying. And it is with this in mind that the latest version of the app will no longer show you pop-up messages when you have the antivirus tool open. But it does not end there.

Continue reading →

CISOs are facing a battle to secure their organizations against an increasing volume of attacks by well-armed criminals and are facing a rising ‘security debt’ in doing so.

But a new report from cyber security provider F-Secure in conjunction with Omnisperience finds security teams are turning away increasing volume of attacks and preventing more of them from becoming breaches or compromises.

Continue reading →

Human-operated cyberattacks use effective techniques to gain a beachhead within an organization, blending in with normal user behavior to help them go undetected.

Active defense specialist Illusive is launching a new endpoint security offering integrated with Microsoft Defender that provides complete detection coverage and faster ability to contain human-operated attack campaigns.

Continue reading →

New data from Imperva Research Labs sees the highest percentage of bad bot traffic (25.6 percent) since the company began reporting traffic in 2014.

At the same time traffic from humans fell by 5.7 percent. More than 40 percent of all web traffic requests originated from a bot last year, suggesting the growing scale and widespread impact of bots in daily life.

Continue reading →

While spending on cloud services is high with over half of respondents to a new survey spending $10 million or more, 32 percent say they are doing less than they need to, or nothing at all, to ensure the security of their cloud resources.

The study carried out by Osterman Research for Sonrai Security finds respondents have an average of 7,750 identities with access to sensitive cloud data. Overpriviledged identities are ranked a high risk by 41 percent of respondents, just below bad actors/cybercriminals at 46 percent.

Continue reading →

The latest Mandiant M-Trends report from intelligence-led security company FireEye finds that businesses are getting better at dealing with cyber intrusions.

The median dwell time -- the time between the start of a cyber intrusion and when it’s identified -- has come down from over a year in 2011 to just 24 days in 2020 and has more than halved from 2019's median dwell time of 56 days.

Continue reading →

Every dog has its day as the saying goes and it's increasingly the case that every aspect of information technology has one too -- a day that is, not a dog.

Today is Identity Management Day, created by the The National Cybersecurity Alliance and the Identity Defined Security Alliance. It's the first one so you can forgive the lack of greetings cards and themed balloons in the shops but there is plenty of industry comment.

Continue reading →

As more and more data moves outside the network perimeter into SaaS applications, this can become a blind spot for security teams trying to control access.

To address the issue DoControl is launching a fully automated SaaS data access platform, providing data access monitoring, orchestration, and remediation across major SaaS apps, including Google Drive, Box, Microsoft OneDrive, Salesforce, and others.

Continue reading →