Articles about Security

A new survey of 150 federal cybersecurity leaders finds that 73 percent of respondents feel a lack of foundational data protection efforts puts their agency at risk.

In addition the research, from data protection provider Zettaset, shows 77 percent say that siloed systems that lack visibility make it difficult to properly protect critical assets. It's not surprising then that 57 percent report experiencing multiple data breaches over the past two years.

Continue reading →

Incident investigations in today's environments such as the cloud, containers and serverless environments can be a challenge. In particular collecting volatile data quickly following an incident to help security teams identify root causes and respond faster.

Cado Security is launching a new new volatile artifact collector tool that allows security analysts to collect a snapshot of volatile data, adding critical context to incident investigations.

Continue reading →

Geopolitical tensions are on the rise around the world and global economic structures continue to evolve as a result. Political disruption and unrest can have a far-reaching impact on the rest of the globe. This impact can be seen most clearly in the ripple effects that the current ongoing Ukraine-Russia war has had on the rest of the world in terms of economic volatility, food insecurity, and dramatic price increases.

Businesses are, of course, hyper-focused on ensuring their resilience to geopolitical risk, fragmentation, and uncertainty, which according to McKinsey’s latest Economic Conditions Outlook is at the top of the agenda for CEOs. But, if businesses want to safeguard their resilience during this disruptive time, organizations will need to prioritize their security.

Continue reading →

A new survey of over 300 IT professionals with responsibility for workforce identities and their security in large organizations shows that 87 percent expect passwordless solutions will become the leading approach to secure workforce identities within five years.

The study by Dimensional Research for Secret Double Octopus looks at perceptions and adoption of newer FIDO2-certified enterprise passwordless solutions, and the impact of single sign-on portal and endpoint biometric-based 'passwordless-like' experiences.

Continue reading →

As large-scale incidents like the Colonial Pipeline ransomware attack and CAM4 data breach have been increasing, security professionals need to integrate tools that fight fraud into their cyber protection plans. Anti-fraud systems have been protecting cyber environments from account hijacking, identity theft, and fraudulent transactions for many years. However, few people know that there are different types of products with specific characteristics. 

As its name suggests, a fraud prevention system is meant to detect and prevent fraudulent activities. Financial institutions were the first to use these systems at the beginning of the 2010s, following large-scale attacks that targeted e-banking systems. Later, other sectors, including e-commerce, client loyalty systems, gaming services, contextual ad platforms, and insurance, implemented anti-fraud solutions too. Fraud prevention systems are pivotal whenever online transactions and trade take place.

Continue reading →

Research from GuidePoint Security shows eight new ransomware groups have emerged in the last quarter and that there has been at least one new ransomware group each month since January 2021.

The report, from the GuidePoint Research and Intelligence Team (GRIT), tracked 27 ransomware groups and 568 publicly posted victims in the third quarter of this year and shows a slight slowdown overall of ransomware activity from the previous quarter.

Continue reading →

RSS feeds may not be as popular as they used to be, but for some things they are one of the most efficient and useful means of keeping updated.

Microsoft is aware of this and, having listened to feedback from customers, has launched a new RSS feed to make it easier to keep updated about the latest security notifications from the company. Specifically, there is now an RSS feed for the Security Update Guide (SUG).

Continue reading →

Digital natives aged between 18-39 are the most vulnerable age group for phishing scams, according to new data from security awareness training company SoSafe.

It finds that 18-39 year-olds have an average click rate of 29 percent on phishing emails, which drops to 19 percent among older age groups.

Continue reading →

A ransomware attack can be devastating for businesses. But while in the aftermath of an attack the focus will be on recovery, it's also important to look at how the attack happened and what information can be gleaned to help prevent future incidents.

We spoke to Joseph Carson, chief security scientist at privileged access management specialist Delinea, to talk through the analysis of a typical attack and what lessons can be learned.

Continue reading →

Google has announced today that it's bringing passkey support to both Chrome and Android. Passkeys offer a significantly safer replacement for passwords and other phishable authentication factors and mark another step towards a passwordless future.

If you're unfamiliar with passkeys, they're a joint initiative from Apple, Google, and Microsoft. Unlike a password the key is stored exclusively on your devices and never gets shared with anyone else.

Continue reading →

Information and work overload, insufficient downtime, lack of tool integration, and alert fatigue mean that 71 percent of security operations center professionals say they're likely to quit their job.

A new report from logging and security analytics company Devo Technology shows SOC leaders continue to face a tricky balancing act when it comes to retaining SOC analysts amid major talent shortages and turnover.

Continue reading →

Cyberattacks and other threats aren't limited to large organizations, indeed SMBs are often targeted as they are seen as having fewer resources to devote IT security defenses, particularly related to remote workers.

A new survey from software company Devolutions bears out this view, with only 18 percent of SMBs checking all the requisite IT security boxes and 13 percent not implementing any essential IT security measures at all.

Continue reading →

According to new research from Tessian, 18 percent of UK and US security leaders work over 25 hours extra a week, double the amount of overtime they reported in 2021.

On average, they work 16.5 hours over their contracted weekly hours, up from 11 hours in 2021. Also three-quarters of security leaders say they aren't able to always switch off from work, 16 percent of these say they can rarely or never switch off.

Continue reading →

The virtual world of the Metaverse is already attracting people to attend virtual events and play games. It also has the potential for businesses to make money -- research from McKinsey suggests it could be a $5 trillion industry by 2030.

However businesses are still wary of the additional challenges, particularly with regard to security. New research carried out by YouGov for app security company F5 shows six out of 10 respondents say the Metaverse has introduced security complexities that their organization may not be equipped to address.

Continue reading →

In what was a far-sighted move back in 2004, the President of the United States and Congress declared October to be Cybersecurity Awareness Month, dedicated to helping individuals protect themselves online as threats to technology and confidential data become more commonplace.

This has now become a regular event on the calendar and the theme of this year's campaign is 'See Yourself in Cyber', aiming to underline the fact that cybersecurity is ultimately about people rather than technology.

Continue reading →