Articles about Security

In the last three months ransomware attacks have grown by a global average of 50 percent compared to the first half of 2020.

The figures look even bleaker for individual countries, with attacks up by by 98 percent in the US, 80 percent in the UK, 145 percent in Germany, 36 percent in France and 160 percent in Spain.

Continue reading →

A new study finds that 56 percent of IT and operational technology security professionals at industrial enterprises have seen an increase in cybersecurity threats since the start of the COVID-19 pandemic in March.

In addition, the research from Claroty, based on a global, independent survey of 1,100 full-time IT and OT security professionals, shows that 70 percent have seen cyber criminals using new tactics to target their organizations in this time frame.

Continue reading →

Data is among an enterprise's most valuable assets, no matter where or how it's stored, having visibility and unified access control is essential.

Mohit Tiwari, CEO at Data Store and Object Security (DSOS) company Symmetry Systems, left a professorship at the University of Texas in Austin to start the business and develop a new approach to data security in the form of Symmetry DataGuard which maintains authority over data even when all else fails. We spoke to him to find out more.

Continue reading →

For organizations across the globe, the journey to effectively manage, and extract value from, sensitive data in the cloud isn’t a new one. IT and security professionals have long struggled with challenges to the easy adoption of cloud technologies, and the question of how to ensure that data, including personal identifiable information (PII) or sensitive data, stays safe and compliant with regulatory requirements, without sacrificing data utility, remains a top challenge.

In 2020, the ongoing global pandemic increases this obstacle as remote work drives businesses to move more activity to the cloud quickly. A cloud usage survey released in May found organizations had already surpassed their 2020 cloud spend budget by 23 percent -- highlighting the question of how well data is being protected during this shift to home offices.

Continue reading →

The rise of remote working and the growing complexity of securely managing multiple types of end user devices has seen 77 percent of businesses intending to increase spending on identity and access management solutions.

A study by ESG Research, sponsored by directory platform JumpCloud, finds an additional 20 percent plan to keep their IAM spending at existing levels, and 49 percent of respondents say they plan to consolidate IAM controls, using fewer security vendors.

Continue reading →

BullGuard has announced its new 2021 security suite, featuring Dynamic Machine Learning, which continuously monitors all processes on a user's device, enabling real-time detection and blocking of potentially malicious behavior before it can do damage.

The new suite also offers Multi-Layered Protection which uses six layers -- Safe Browsing, Dynamic Machine Learning, Sentry Protection for Zero-Day Malware, an On-Access AV Engine, a Firewall and a Vulnerability Scanner -- to defend the user’s devices from malware, without the need for user interaction.

Continue reading →

The Information Security Forum (ISF) is releasing Becoming a Next Generation CISO, a digest which sets out the range of disciplines a next-generation Chief Information Security Officer can be expected to master.

CISOs are coming under pressure to secure organizations as they embark on ambitious digital transformation programs in an increasingly hostile and turbulent world. CISOs need to adapt to this evolving environment, master new skills and advance the discipline of information security.

Continue reading →

Surveyed during the lockdown period, 67 percent of security professionals report that they have caught employees engaging in unsafe or unproductive activity on the web.

The study of 300 cyber security professionals from cloud security company Censornet finds the most common bad behaviour is employees using streaming services at work such as Netflix or Amazon Prime (35 percent).

Continue reading →

Attempted account takeovers grew by 282 percent over the last year, while ATO rates for physical eCommerce businesses -- those that sell physical goods online -- have jumped 378 percent since the start of the COVID-19 pandemic.

The Q3 2020 Digital Trust and Safety Index released today by Sift finds that between Q2 2019 and Q2 2020, ATO attacks happened in discrete waves about a week apart, indicating that fraudsters are turning to bots and automation in order to overwhelm security.

Continue reading →

In order to meet short deployment cycles, 73 percent of security professionals and developers feel forced to compromise on security according to a new report.

The study into DevSecOps from open source security and license management specialist WhiteSource, based on responses from over 560 developers in the US and Europe, finds that 20 percent of respondents describe their organizations' DevSecOps practices as 'mature', while 62 percent say they are improving, with only 18 percent being classed as 'immature'.

Continue reading →

Cybercriminals have launched a record number attacks on online platforms and services this year, with more than 929,000 DDoS attacks occurring in May, the single largest number of attacks ever seen in a month.

The latest threat intelligence report from NETSCOUT also reveals that 4.83 million DDoS attacks occurred in the first half of 2020, a 15 percent increase, and attack frequency jumped 25 percent during the peak pandemic lockdown months of March through June.

Continue reading →

Between March and July 2020, almost half of companies experienced a data breach or security incident according to a new report, and half of these were caused by phishing attacks.

The study from Tessian also reveals that 82 percent of IT leaders think their company is at greater risk of phishing attacks when employees are working away from the office.

Continue reading →

It is just days since the CISA (Cybersecurity and Infrastructure Security Agency) issued an emergency warning about a critical Windows vulnerability. Now Microsoft has issued a warning that the vulnerability is being actively exploited and the company is "actively tracking threat actor activity".

The Netlogon EoP vulnerability (CVE-2020-1472) is concerning not just because of its severity, but because of the fact that it can be exploited in a matter of seconds. The security issue affects Windows Server 2008 and above, and enables an attacker to gain admin control of a domain.

Continue reading →

A large majority of enterprises are now using the cloud, but moving to cloud-based solutions inevitably presents challenges, not least in security.

We spoke to Sam Humphries, Security Strategist at SIEM (Security Information and Event Management) specialist Exabeam to get her views.

Continue reading →

A new survey of 1,000 US employees has found that boring security awareness training doesn't make them want to be secure.

The study conducted by Osterman Research for MediaPRO shows that employees get far more benefit out of interesting and engaging training, which shouldn't really surprise anybody.

Continue reading →