Articles about Security

A third of employees don't understand the importance of cybersecurity

Man shrugging shoulders

One in three employees doesn't understand the importance of cybersecurity at work according to new research from email security company Tessian.

In addition only 39 percent of employees say they're very likely to report a security incident, making investigation and remediation even more challenging and time-consuming for security teams. When asked why, 42 percent of employees say they wouldn't know if they had caused an incident in the first place, and 25 percent say they don't care enough about cybersecurity to mention it.

Continue reading

Addressing the cybersecurity talent shortage [Q&A]

talent

Cyber threats are growing in volume and sophistication, but efforts to combat them are being hampered by a shortage of cybersecurity skills.

One way of meeting that shortage is to look at upskilling and retraining within the current workforce. We spoke to Apratim Purakayastha, chief technology officer at Skillsoft, to find out more about how using innovative learning solutions can deliver the skills businesses need.

Continue reading

Do we need a cyber NATO to address the changing threat landscape? [Q&A]

security guards

The threat landscape facing enterprises is changing constantly. In recent months, major vulnerabilities like Log4j and malware-based threats have demonstrated the need for organizations to move quickly in order to defend themselves.

Is the best way to stay on top of the most pressing threats to harness the power of the global cybersecurity community for defense in a sort of cyber NATO? We talked to SOC Prime CEO Andrii Bezverkhyi to find out.

Continue reading

Microsoft updates Windows 11 to block RDP and other brute force attacks by default

Man using Windows 11 laptop

Microsoft has introduced a change to Windows 11 that makes it much harder to use brute force attacks to crack passwords. Starting with the latest Insider builds, there is a new account lockout policy in place by default.

The policy means that should an incorrect password be entered 10 times, the account will be locked for 10 minutes. While this does not make brute forcing impossible, by any means, it makes it much harder and more time consuming, boosting security in an important area.

Continue reading

Honor among cyber thieves, the professional side of the dark web

Much like the legitimate eCommerce world, trust and reputation have become essential parts of the cybercriminal trade. New research by HP Wolf Security finds 77 percent of cybercriminal marketplaces analyzed require a vendor bond -- a license to sell -- which can cost up to $3,000.

In other evidence of a professional approach, 85 percent of these sites use escrow payments, and 92 percent have a third-party dispute resolution service. Every marketplace provides vendor feedback scores too. Cybercriminals also try to stay a step ahead of law enforcement by transferring reputations between websites -- as the average lifespan of a dark net website is only 55 days.

Continue reading

IT and security leaders lack confidence in their ability to protect the cloud

Cloud data security

A new study from secure access specialist Appgate based on research by the Ponemon Institute finds 60 percent of IT and security leaders are not confident in their organization's ability to ensure secure cloud access.

The survey of nearly 1,500 IT decision makers and security professionals worldwide sets out to examine the pain points experienced in securing cloud environments and how zero trust security methods can enable digital transformation.

Continue reading

Almost half of organizations suffer voice network attacks

A new survey shows that 47 percent of organizations have experienced a vishing (voice phishing) or social engineering attack via their voice networks in the past year.

The study by voice traffic protection specialist Mutare also finds most are unaware of the volume of unwanted phone calls traversing their network, or the significance of threats lurking in unwanted traffic, which includes robocalls, spoof calls, scam calls, spam calls, spam storms, vishing, smishing and social engineering.

Continue reading

Quantum computing and its impact on cybersecurity [Q&A]

quantum computing

Quantum computing with its vastly improved processing capability offers the chance of many positive developments in research and science. But it also represents a potential threat to our current encryption models.

How big is quantum's threat to cybersecurity? And should we be taking action on this now? We talked to Skip Sanzeri, QuSecure co-founder and COO, to find out.

Continue reading

More than half of enterprises worried about supply chain risks

Software supply chain risk has become mainstream, with 52 percent of respondents to a new survey being concerned about it.

The study from cybersecurity company Coalfire also finds 50 percent of boards of directors with software-buying companies are raising concerns, which means that responsibility for software supply chain risk is no longer confined to technical teams.

Continue reading

Research reveals weaknesses in five popular web services

New research from Specops Software finds major cybersecurity weaknesses in popular web services including Shopify, Zendesk, Trello, and Stack Overflow.

The study shows several popular business web applications have failed to implement critical password and authentication requirements to protect customers from cybercrime.

Continue reading

Average cost of a data breach increases by 16 percent

A new report released today by ForgeRock shows the average cost of a breach in the US has increased by 16 percent to $9.5m, making the US the costliest place in the world to recover from a breach.

It also reveals a massive 297 percent surge in breaches caused primarily by security issues associated with supply chain and third-party suppliers and representing almost 25 percent of all breaches.

Continue reading

Why do we continue to rely on the 'weakest link' to protect our organizations' email?

phishing hook

Email security continues to be a top concern of organizations, with 94 percent of all cyber attacks being delivered through email. As the most frequently used communication channel across all industries -- no wonder threat actors love exploiting it!

The conventional approach to email security is failing. Our latest research found that an average of 75 malicious messages per 100 mailboxes slip past traditional email security filters every month. Consequently, organizations put employees through countless hours of security training with hopes they spot and report these threats to security operations centers. The so-called Human Firewall.

Continue reading

Automation in cybersecurity: Overcoming barriers

"Automation" has become a buzzword in cybersecurity circles. That is not surprising in an environment where security specialists are in short supply and under intense pressure to defend the business against a huge variety of threats from innumerable different sources. Using technology to do at least some of the work seems like a no-brainer. Nevertheless, it seems that organizations are finding it hard to get the right approach to cybersecurity automation.

Threat Quotient conducted research last year that found resources, time and a lack of trust in outcomes are preventing companies from realizing the benefits of automation. In a recent webinar, myself, Nabil Adouani, CEO of Strange Bee and co-founder of The Hive Project, and our Global VP of Threat Intelligence Engineering Chris Jacobs discussed the current state of automation, the expectations around what automation can actually achieve, and what this means for implementation in the real world.

Continue reading

Tor Browser 11.5 is here with HTTPS-Only Mode by default and Automatic censorship circumvention

For anyone concerned about privacy and security online, Tor Browser is an extremely important alternative to mainstream browsers. Designed to help keep users anonymous and to bypass restrictions put in place by governments, version 11.5 has landed complete with even more powerful options.

Over the years, it has become easier and easier to use Tor Browser, with complex configuration options being made available to the average user without the need for special knowledge. With the release of version 11.5 of the software, things have been made even easier thanks to the introduction of automatic censorship detection and circumvention with the new Connection Assist feature.

Continue reading

The artificial intelligence tug-of-war in the world of cybersecurity [Q&A]

pixel padlock

It's a rare cybersecurity product these days that doesn't claim to have some form of AI capability. But exactly what benefits does AI deliver? And is there a risk of an arms race as threat actors also turn to the technology?

We spoke to Corey Nachreiner, CSO at WatchGuard Technologies, to find out more about the role of AI in cybersecurity.

Continue reading

© 1998-2022 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.