It has been a little while coming, but WhatsApp is finally rolling out support for two-step verification to its messaging app.

The extra layer of security means that it is now more difficult to gain unauthorized access to an account, and it is a feature that is being made available to iOS, Android and Windows users. With the feature enabled, if you -- or anyone else, for that matter -- tries to verify your phone number on WhatsApp, you -- or they -- will have to provide the 6-digit passcode you create.

2016 was a landmark year in cyber security. The cyber landscape was rocked as Internet of Things (IoT) threats became a reality and unleashed the first 1TB DDoS attacks -- the largest in history.

Security experts had long warned of the potential of IoT attacks, and a number of other predictions also came true; Advanced Persistent Denial of Service (APDoS) attacks became standard, ransom attacks continued to grow and evolve and data protection agreements dominated privacy debates. So what’s coming in 2017?

A new study based on two years of work by IANS Research looks at the work of chief information security officers (CISOs) and their role in enterprises.

The report identifies concrete actions CISOs should consider taking to progress their programs from where they are today to the next level.

Despite other developments in malware, email remains a favourite route for attackers because it's easy for people to fall victim to phishing and other threats.

Network security company SonicWall is launching a new next-generation email security platform to help guard against ransomware, zero-day and advanced threats.

Researchers at Kaspersky Lab have uncovered a series of targeted attacks that use legitimate software to avoid detection.

The attacks employ widely available penetration-testing and administration tools as well as the PowerShell framework for task automation in Windows. They drop no malware files onto the hard drive, but hide in the memory.

Donald Trump’s controversial travel ban might have been overturned for now, but the new administration intends to do what it can to tighten entry into the United States.

One of the plans being considered as part of Trump’s "extreme vetting" policy is to ask visitors what websites they visit, and request their passwords. Should anyone refuse to hand over this information they will be prevented from entering the US.

One of the biggest worries for businesses is the cost of suffering a major cyber attack in terms of both money and business reputation.

San Francisco-based independent security consultancy AsTech is so confident of its track record that it's offering a $1 million warranty against breach-related costs if an organization using its Paragon Security Program suffers unauthorized access to non-public information through a vulnerability that AsTech fails to discover.

The world of cyber security is a constant arms race with attackers and defenders constantly on the lookout for an edge.

Cyber security company NexusGuard has released its latest threat report for the final quarter of 2016, and notes a shift towards blended DDoS attacks combining multiple vulnerabilities with the intent of overloading targeted monitoring, detection and logging systems.

Enterprise users increasingly want access to their data while they're out of the office. This generally requires a VPN or Network Access Control (NAC) solution but these can be time consuming and complex to set up and administer.

To make things faster and simpler, trusted access specialist Duo Security is launching a major commercial implementation of Google's BeyondCorp framework that drastically improves and simplifies management of how employees and devices access critical corporate applications.

The use of threat hunting techniques to combat cyber attacks is increasing according to a new report.

The study by Crowd Research Partners of cybersecurity professionals in the 350,000 member Information Security Community on LinkedIn reveals that threats are rising dramatically and that deployment of sophisticated threat hunting platforms can significantly accelerate the time needed to detect, investigate and fix threats.

Ransomware is a big problem for today's enterprises, the US Department of Justice reports an average of 4,000 ransomware attacks occur in the US every day.

This means detection and fast action is more important than ever. Cloud data protection company Druva is launching an enhanced version of its platform to manage the ransomware threat from detection right through to recovery.

Increasing numbers of companies are coming to accept that it's only a matter of time before they become the victim of some form of data security breach. This means they need to be able to detect and respond to threats more quickly.

Cloud-based security platform Absolute is launching a new Application Persistence product to provide embedded, self-healing capabilities to third-party endpoint controls such as VPN, anti-virus, encryption, systems management and other critical controls that are too easily compromised.

Businesses understand the need to look after sensitive data, but a problem often arises in knowing where that data is. Unstructured information held in folders and documents is just as valuable to hackers as database records and is harder to protect.

Identity management company SailPoint is launching its latest data governance solution, allowing enterprises to guard sensitive files wherever they reside.

Implementing effective security can be time consuming, complex and costly, more so given the adoption of cloud-based systems.

Unified security management (USM) specialist AlienVault is aiming to simplify things with the release of USM Anywhere, an all-in-one Software-as-a-Service (SaaS) security monitoring platform.

Traditional security techniques can be effective in fending off cyber threats, but a new generation of non-malware attacks try to gain control of computers without downloading malicious software. Instead, they use trusted, native operating system tools, such as PowerShell, and exploit running applications, like browsers.

Endpoint security specialist Carbon Black is launching a new tool which can combat both types of threat. Called Streaming Prevention it uses event stream processing to continuously update a risk profile based on a steady stream of activity.