Articles about Security

As cyberattacks become more sophisticated, so traditional security techniques may no longer be up to the task of protecting systems.

What's needed is an approach that can spot the routes an attacker may use and help close them down. We spoke to Todd Carroll, CISO at CybelAngel and with over 20 years previous experience in the FBI's cyber, counter intelligence, and counter terrorism branches, to discuss the need for a pre-emptive attitude to cybersecurity and how such an approach can work.

Continue reading →

Passwords are a problem. They are difficult to remember, often easily guessed or cracked, and generally just a pain. Google is looking to help by adding secure, password-free login to Chrome 108 thanks to newly added passkey support.

The security feature is available to users of Windows 11, macOS and Android, and it follows a short period of beta testing. Backed by the likes of the FIDO Alliance, Microsoft, Apple, and -- of course -- Google, passkeys are a step away from the password managers so many of us have become reliant on.

Continue reading →

This week marks the first anniversary of the Log4j/Log4Shell vulnerability affecting the Java logging library and as we noted recently many organizations are still vulnerable even though patched versions were quickly available.

Sonatype has produced a resource center to show the current state of the vulnerability, along with a tool to help businesses scan their open source code to see if it's affected.

Continue reading →

With the UK government reporting that nearly 40 percent of UK businesses were hit by cyber attacks last year, keeping on top of cyber security has become a mission critical need.

Of those UK businesses and charities that were impacted, 83 percent identified phishing as being the most common attack vector. The government is urging these organizations to strengthen against phishing attacks such as business email compromise as they continue to grow in volume and frequency.

Continue reading →

A new report reveals that 'less sophisticated' fraud -- in which doctored identity documents are readily spotted -- has jumped 37 percent in 2022.

The report from Onfido also shows that while in 2019 fraudsters tended to keep regular office hours, in 2022, fraud levels were consistent across 24 hours, seven days a week. Thanks to technology, fraudsters are more connected across the globe and are able to traverse regions and time zones, and can easily take advantage of businesses’ closed hours when staff are likely offline.

Continue reading →

The classic way of preventing critical systems, such as industrial controls, from attack is to air-gap them. That is to say ensure they don't have a connection to the internet.

But while they may not have a web connection they still often require DNS services in order to resolve a company's internal DNS records. New research from Pentera shows that this can provide a weak point to be exploited by attackers.

Continue reading →

New research from LogRhythm shows 67 percent of respondents say their company had lost a business deal due to the customer's lack of confidence in their security strategy.

The survey of 1,175 security professionals and executives across five continents, conducted by Dimensional Research, finds 91 percent report that their company's security strategy and practices must now align to customers' security policies and standards.

Continue reading →

Cybersecurity resilience is a top priority for companies as they look to defend against a rapidly evolving threat landscape, according to the latest annual Security Outcomes Report from Cisco.

The report reveals that 62 percent of organizations surveyed say they have experienced a security event that impacted business in the past two years. The leading types of incidents are network or data breaches (51.5 percent), network or system outages (51.1 percent), ransomware events (46.7 percent) and distributed denial of service attacks (46.4 percent).

Continue reading →

Ransomware accounts for 23 percent of cyber insurance claims, while while fraudulent funds transfer (FFT) accounts for 28 percent according to insurance specialist Corvus, which has released its latest Risk Insights Index.

The impact and consistency of FFT is growing, accounting for 36 percent of all claims in the last quarter (Q3 2022), an all-time high. Indeed this metric has not dropped below 25 percent for the past six quarters.

Continue reading →

More than half (54 percent) of respondents to a new survey say securing data with appropriate access rights is one of their biggest hurdles. While almost 60 percent believe their organizations should be placing extra emphasis on data security.

The third annual State of Data Engineering Survey from Immuta also finds that that 89 percent of organizations report missing business opportunities because of data access bottlenecks.

Continue reading →

Data is more plentiful, valuable and interconnected than ever before. Unfortunately, this has led to a cyber threat landscape that is increasingly dynamic and costly to business. 

Cybercrime inflicted approximately $6 trillion in damages globally in 2021, an annual figure that is set to reach $10.5 trillion by 2025. This is equivalent to the world’s third-largest GDP after the U.S. and China. It is a threat that requires a comprehensive approach to defending, protecting, and recovering data, avoiding vulnerabilities and maintaining business continuity.

Continue reading →

As organizations move more of their systems to the cloud they face a new range of threats. This combined with a shortage of cybersecurity skills makes securing SaaS systems a challenge.

Galit Lubetzky Sharon, co-founder and CTO of Wing Security, believes that a new more holistic approach, involving employees across the organization, is needed. We spoke to her to learn more.

Continue reading →

More than 90 percent of organizations migrating to the cloud have implemented, are implementing, or are in the process to implement a zero trust architecture.

But a new study from Zscaler shows only 22 percent of global IT decision-makers claim to be 'fully confident' that their organization is leveraging the potential of their cloud infrastructure, presenting an opportunity for zero trust.

Continue reading →

According to research, 50 percent of over 400 IT security decision makers in the US and UK have been prevented from adopting a new cybersecurity solution due to integration issues or challenges with legacy infrastructure.

The study for BlackFog, conducted by Sapio Research, also reveals that 32 percent say a lack of skills within their team to support a new product would also be a factor preventing them from deploying new solutions.

Continue reading →

The widespread use of digital platforms allows businesses to expand, but at the same time a growing internet presence can put organizations at risk in ways they cannot plan for.

We talked to Censys' data scientist, Emily Austin about the company's recent State of the Internet report and about how businesses can proactively fight against unknown domains and risks.

Continue reading →