Security

Wasted technology spend accounts for 30 percent of all IT spending according to the latest State of Tech Spend report from Flexera.

The average IT spend is 8.2 percent of revenue, but larger businesses (with more than 10,000 employees) this rises to 9.3 percent of revenue. 56 percent of respondents expect to increase their spending

Endpoints are generally the part of any network that is most vulnerable to attack, but as the number and diversity of devices expands, defending the endpoint effectively is a major challenge.

Symantec is aiming to make life easier with the launch of Endpoint Security Complete, offering organizations a single solution for protection, detection and response, as well as new attack surface reduction and breach assessment and prevention capabilities.

New research released by AttackIQ based on a study by the Ponemon Institute reveals some worrying trends on the level of accountability for IT security and a lack of confidence in determining the effectiveness of security technologies.

Ponemon surveyed over 570 IT and IT security practitioners in the US and finds 63 percent of survey respondents say their IT security leadership doesn't report to the board on a regular basis, and 40 percent say they don't report to the board at all.

As mobile and cloud computing use increases it creates security, performance, quality and cost issues for organizations.

Akamai is launching enhancements to its Intelligent Edge Platform which will enable businesses to address security, media delivery, and web performance challenges by utilizing distributed workloads and intelligence closest to the digital touchpoint where the user interacts with data and applications.

Assuming you have Windows 10 1903 (Windows 10 May 2019 Update) installed, you should find that you now have Tamper Protection enabled.

Microsoft has announced that the security feature is now generally available for Microsoft Defender ATP customers, and at the same time it has enabled the feature by default for all Windows 10 users. But just what is Tamper Protection?

Does your laptop have USB-A ports? Gross! Don't you know no one uses them anymore? Everyone uses USB-C now. I am, of course, being facetious -- USB-C, while great, still has a long way to go before dethroning the ubiquitous Type A. With that said, there are computers that are USB-C only, such as Apple's MacBook Pro. Owners of those computers have to get dongles to use their USB-A devices.

Tomorrow, however, Google is making it possible to ditch the dongle when using a Titan security key. You see, the search giant is launching a USB-C variant of the two-factor authentication device. Not only will it be more convenient for those with USB-C laptops, but this new model looks nicer too (it's pretty).

Security leaders have every reason to worry about the evolving threat landscape. As cyber threats proliferate (ranging from HTTP phishing to state-sponsored ransomware), the cyber talent and skills gap only grows wider.

As if this weren’t enough to keep CISOs and CIOs up at night, IT and security teams are less confident than ever in their organizations’ abilities to defend against the latest cyber attacks. Research shows at least 80 percent of IT, security, and other professionals don’t feel adequately prepared to defend their organizations. And at least 68 percent doubt their organizations’ readiness to thwart advanced threats.

Increasing overlap of IT systems with operational technology and industrial control systems poses a range of cybersecurity risks.

Visibility and control specialist Forescout Technologies wants to help organizations uncover and manage these risks with the addition of a new Asset Risk Framework to its its industrial control system security solution SilentDefense.

Phishing attacks have become commonplace to the point where we almost take them for granted. From the cybercriminal's point of view they are popular because they work.

But what are the origins of phishing and how has it developed? Email security specialist Anavan has put together an infographic looking at the history and future of the threat.

Artificial intelligence inspires intrigue, fear and confusion in equal measure. But to thrive in the new era, organizations need to reduce the risks posed by AI and make the most of the opportunities it offers.

This is the conclusion of a new report from the Information Security Forum  aimed at helping business and security leaders to better understand what AI is, identify the information risks posed and how to mitigate them, and explore opportunities around using AI in defense.

The Emotet Botnet has started spreading several new spam campaigns again after a three-month break, according to research from Check Point.

Researchers first reported the notorious botnet taking a break in June 2019, but that the infrastructure had become active again in August. Some of the spam campaigns featured emails which contained a link to download a malicious Word file, and some contained the malicious document itself.

Small businesses are frequently a target for attack because they lack the resources to protect their systems as effectively as larger enterprises.

BullGuard is addressing this problem with the launch of Small Office Security which provides robust endpoint protection for desktops, laptops, tablets and smartphones, making it possible to safely on devices in the office, at home, or while hot desking or traveling.

Due to the potentially crippling effect of security breaches and data loss on both the bottom line and a brand’s reputation it's vital for organizations to protect their users.

Increasingly, identity management has become central to building seamless, secure digital engagement platforms, differentiating products, and winning long-term loyalty. However there can be a trade off between security and performance.

Traditional cyber defenses are designed to protect assets that exist within an organization's network. But with the growth of the cloud, IoT and more, assets now extend far beyond the network perimeter, increasing the risk of exposure or theft.

FireEye is launching a Digital Threat Monitoring tool that automatically collects and analyzes content on the dark and open web, alerting defenders whenever a potential threat is detected.

Pass the Hash (PtH) attacks which use stolen hashed administrator credentials to breach security are a major risk to businesses.

A new report from One Identity, based on a survey of over 1,000 IT professionals carried out by Dimensional Research, finds 95 percent of respondents say that PtH attacks have a direct impact on their organizations.