Articles about Security

Public key infrastructure (PKI) and digital certificates are essential to achieving zero trust architecture according to 96 percent of North American enterprises.

However, only 39 percent use PKI as part of their zero trust security strategy today according to a survey from Pulse Research and PKI as-a-Service (PKIaaS) company Keyfactor.

Continue reading →

Technology providers that are transparent and proactive in helping organizations manage their cybersecurity risk are more likely to win business according to a new study from Intel.

The results show 73 percent of respondents say their organization is more likely to purchase technologies and services from technology providers that are proactive about finding, mitigating and communicating security vulnerabilities, while 48 percent say their technology providers don’t offer this capability.

Continue reading →

Developers are under increasing pressure to create real-time products that make the most of a wide range of digital resources.

This means that DevOps teams have to cope with information drawn from all sorts of different sources. But how can they ensure they are getting an accurate picture?

Continue reading →

Linux-based operating systems are generally recognized as being far more secure than the likes of Windows and macOS -- but that's not to say they're without their flaws. Illustrating precisely this is the discovery of no fewer than three vulnerabilities in the Linux kernel that could be exploited to gain root access to a system.

That researchers from cybersecurity firm GRIMM managed to find so many vulnerabilities in the Linux kernel is one thing, the fact that they have lain there undetected for 15 years is quite another.

Continue reading →

One of the frameworks that has received greater attention since the acceleration of digital transformation is Secure Access Services Edge (SASE).

But what does its adoption mean for the security industry and how can enterprises best take advantage of SASE? We spoke to Mary Blackowiak, senior product marketing manager at AT&T Cybersecurity, to discover more.

Continue reading →

In a new report into DNS security, Cisco Umbrella, which processes 620 billion DNS requests daily, finds that from January to December 2020 cryptomining generated the most DNS traffic out of any individual threat category with 69 percent of organizations discovering cryptomining connections.

In addition nearly 90 percent of organizations had at least one user attempt to connect to a phishing site, peaking drastically in the second half of the year.

Continue reading →

As mobile device usage continues to grow within enterprises the security risk increases too. Mobile browsers get patched less often and other threats come from phishing and malicious document downloads.

To combat these problems Menlo Security is extending its cloud-based Secure Web Gateway (SWG) to include web isolation for mobile devices.

Continue reading →

New research from Tenable's Security Response Team finds that third-party attacks accounted for over a quarter of breaches disclosed over the past year.

More worrying is that a breach of a single company linked back to 61 healthcare customers. The research reveals the impact of third-party attacks, how hard the healthcare sector has been hit by cyberattacks and just how rampant ransomware has been during Covid-19.

Continue reading →

A new report from Akamai looks at the technology shifts and usage patterns of 2020 noting a 30 percent jump in internet traffic thanks to COVID-19 lockdowns.

It also highlights criminals taking advantage worldwide, targeting all business sectors and industries, including information technology and security.

Continue reading →

Apple has issued a couple of important security updates for its desktop and mobile operating systems. The company has released iOS 14.4.1 and macOS 11.2.3, both of which are described as being "recommended for all users".

The reason for this is simple -- these are important updates that patch a memory corruption bug that could be exploited by malicious websites. This is in addition to the vulnerabilities that have already been patched in another iOS update last month.

Continue reading →

A new report looking at the long-tail impact data breaches have on a brand's value shows that the world's 100 most valuable brands could lose as much as $223 billion from a data breach.

The study from IT consulting firm Infosys and brand consultancy Interbrand looks at the brand factors most impacted when a company suffers a data breach -- presence, affinity, and trust -- and simulates the resulting brand value at risk in the event of a breach.

Continue reading →

Remote working continues to present a security problem for businesses and an issue that is often overlooked is the delay in patching browsers.

New research from Menlo Security looks at the importance of this issue for both desktop and remote users, focusing particularly on Google Chrome.

Continue reading →

Today's International Women's Day presents an opportunity to look at the role of women in cybersecurity and get the views of some of the leading women in the sector.

As we reported last week women in the cybersecurity industry think that it could take a decade to gain equality.

Continue reading →

In light of the recent explosion of cyber attacks and the changes brought about by the pandemic, there appears to be a compelling need for cybersecurity transformation. Businesses have to update their cyber defenses or risk the possibility of falling prey to persistently sophisticated attacks.

Transforming an organization’s security posture, however, is not as easy as it sounds. It takes time, expertise, and resources. One bad decision or an inadequacy in the technologies employed will render the transformation useless. Things can even become worse than the previous state. To make sure that it yields the expected benefits, organizations need to do it correctly.

Continue reading →

The poor state of diversity in the cybersecurity industry is shown by a new report in which 57 percent of women working in the industry believe it will take at least a decade for them to be treated as equals to men, with 20 percent believing it will never happen.

The study from the UK's Chartered Institute of Information Security (CIISec), released in advance of Monday's International Women’s Day, shows women are struggling to progress both due to the status quo of the industry and also not getting the required support.

Continue reading →