This year, the cyber-security focus is shifting from prevention only, into detection and response territory. This is according to a new Gartner report, which also says cyber-security spending will hit the $90 billion mark this year.

That’s actually a 7.6 percent increase year-on-year. Spending will keep on growing, Gartner says, up to $113 billion in 2020.

Continue reading →

European and US businesses see cyber espionage as the biggest threat to their security, according to a new report by Trend Micro. The report says that organizations in the West are under "increasing pressure" from groups looking to get their hands on some sensitive data.

In relations to the accusations that the Russians have been interfering with US elections, there’s an interesting stat: a large percentage of countries with recent, or upcoming polls, say they had been subjected to cyber espionage attacks in the last 12 months.

Continue reading →

Security researchers can make a lot of money by reporting bugs to software and hardware vendors. Microsoft, for instance, pays up to $15,000 for vulnerabilities in Office Insider, while Intel, through its first bug bounty program, takes things up a notch with a top reward of $30,000.

Intel's first bug bounty program was announced on HackerOne, and targets firmware, software and hardware products. Hardware vulnerabilities have the highest top reward, followed by firmware and then software.

Continue reading →

The cyber security landscape is a constantly evolving one. The organizations best able to cope with it are the ones that can look beyond today's threats to those they'll face in future.

London-based Independent security body the Information Security Forum has released its Threat Horizon 2019 report which is developed for business leaders who need to rapidly grasp emerging information security threats and assess the potential business impacts.

Continue reading →

Microsoft wants to make Office more secure, so it has announced a bug bounty program for Office Insiders to catch vulnerabilities before shipping a public release.

The bug bounty program targets the Windows version of Office on the Slow ring and features rewards of up to $15,000, but for "certain submissions" -- presumably highly-critical security holes -- the software giant says that researchers can expected to be paid more.

Continue reading →

According to a new report, 93 percent of enterprises will use sensitive data in advanced technology environments (such as cloud, SaaS, big data, IoT and container) this year.

But 63 percent of those respondents also believe their organizations are deploying these technologies ahead of having appropriate data security solutions in place. These are the findings of the latest Data Threat Report from Thales e-Security and 451 Research.

Continue reading →

The US Justice Department is charging two Russian spies and two hackers with orchestrating the attack against Yahoo in 2014 that saw 500 million accounts being compromised as part of an effort to collect intelligence.

The Justice Department says that Dmitry Dokuchaev and Igor Sushchin "and other known and unknown" FSB intelligence officers hired hackers Alexsey Beland and Karim Baratov to hack Yahoo accounts belonging to Russian journalists, officials, and employees of a "prominent" security company, as well as US officials and employees of tech companies.

Continue reading →

Women make up only 11 percent of the cyber security workforce according to the latest report from the Center for Cyber Safety and Education -- formerly the (ISC)² Foundation -- and the Executive Women's Forum (EWF).

The survey of more than 19,000 participants around the world finds that women have higher levels of education than men, with 51 percent holding a master’s degree or higher, compared to 45 percent of men.

Continue reading →

Sleeper cell accounts which appear normal and hide among normal users, waiting for long periods of time to age the account before striking, are the latest technique being used by cyber attackers.

These accounts are often used for testing or carrying out the attack in stages, according to fraud and financial crime detection service DataVisor.

Continue reading →

No, we're not talking about the James Bond of the cephalopod world getting his tentacles on your security. Secret Double Octopus is an intriguingly named Israeli company that’s launching a new authenticator app for enterprises.

Authentication systems have traditionally relied on a single layer of protection, such as SMS, tokens, push notifications and biometrics. Secret Double Octopus uses a multi-shield authentication process for users to verify or reject a login attempt, payment or transaction.

Continue reading →

When WikiLeaks' Vault 7 revelations about the spying capabilities and techniques were unleashed, there was concern about a number of popular apps and services that -- the documents suggested -- had been compromised. Included in this list are popular, secure chat apps WhatsApp and Telegram, and Check Point software has just released details of a vulnerability that left millions of user accounts exposed to hackers.

Google was recently criticized for releasing details of a security hole in Windows (and, subsequently another one in Internet Explorer and Microsoft Edge) before Microsoft had patched it. In fact, it was a third party who jumped to the rescue, issuing patches before Microsoft. This time around, however, after notification of the problems from security firm Check Point, WhatsApp and Telegram both patched the security holes within a week.

Continue reading →

Businesses with dispersed and on-the-move employees are struggling to strike a difficult balance between the benefits of remote working and the security risks it creates. Security software designed to protect data at risk is nullified if it can be removed. To achieve their own stringent security aims while satisfying the demands of increasingly tight and punitive regulation, companies need a more persistent security solution.

Many organizations consider it to be only a matter of time before they fall victim to a cyberattack. PwC's 2016 Economic Crime Survey revealed that over half of responding UK organizations consider it likely they’ll suffer from cybercrime in the next two years. The prevalence of cybercrime makes detection and response capabilities critical in business today.

Continue reading →

As a founder and innovator, you can't help but love the cloud. It's easy to use, it lets you get projects started quicker, and helps deploy them faster, too. But, as quickly as you can innovate and go to market with the cloud, you can also fail -- particularly if you don't pay attention to the small details and implement security from the get go.

I can only imagine what happened to the team at CloudPets, who recently suffered a major breach. This breach now has CEOs questioning what would happen if they were in the same boat.

Continue reading →

Banks and other financial institutions spend three times the amount non-financial organizations are spending on cyber security, a new report by Kaspersky Lab has shown.

According to the Financial Institutions Security Risks research from Kaspersky Lab and B2B International, cyber security is a high priority for financial institutions, as they're coming under increased pressure from the government, top management and customers.

Continue reading →

The Industrial Internet of Things (IIoT) is used in many businesses, including critical infrastructure sectors such as energy, utilities, government, healthcare and finance. No surprise then that it's a likely target for attack.

A new survey from security and compliance specialist Tripwire of more than 400 IT security professionals shows that 96 percent expect to see an increase in security attacks on the IIoT in 2017.

Continue reading →