Choosing a partner business with a poor security posture makes an organization 360-times more likely to be at risk compared to choosing a top security performer, according to a new study.

The risk surface research from Cyentia Institute and RiskRecon shows that single demographic factors, such as industry, size and region, aren't enough to assess the risk posed by third parties.

Continue reading →

Only 16 percent of respondents to a new survey have a fully mature identity and access management (IAM) strategy in place, yet 56 percent have experienced identity-related incidents in the last three years.

The study carried out by the Ponemon Institute for enterprise identity specialist Saviynt shows that the 84 percent without a mature strategy are currently dealing with inadequate budgets, programs stuck in a planning phase, and a lack of senior-level awareness.

Continue reading →

New research released today from Cyren shows that business email perimeter defenses are often incapable of preventing well-crafted email attacks.

During an average month, there are 75 malicious messages per 100 mailboxes that slip past email security filters like Microsoft 365 Defender. This means that an enterprise with 5,000 mailboxes would need to detect and respond to 3,750 confirmed malicious inbox threats each month.

Continue reading →

Almost all (99 percent) of IT decision makers say they have backup strategies in place, but 26 percent admit they were unable to fully restore all data or documents when recovering from a backup.

These findings come from a survey conducted for encrypted USB drive company Apricorn by Vanson Bourne, which also finds that 27 percent have automated backups to both central and personal repositories.

Continue reading →

It's the time of the month for Microsoft to release updates for Windows, and having done so for Windows 11, the company has also published updates for Windows 10.

There are two security updates to consider here. For users of Windows 10 version 1809, there is the KB5014692 update; for users of Windows 10 versions 20H2, 21H1 and 21H2, there is the KB5014699 update. Both are important security updates that should be installed immediately.

Continue reading →

Organizational cybersecurity has significantly improved over the last year, following positive shifts in influence by CISOs and changing attitudes towards security culture, according to a new report.

The ninth annual Information Security Maturity report, published by ClubCISO in collaboration with Telstra Purple, surveyed more than 100 information security leaders around the world and finds 54 percent report that 'no material incident occurred', in the past year, compared to 27 percent in 2021.

Continue reading →

While 83 percent of respondents to a new survey of small and medium businesses agree that they have seen an increased awareness of cybersecurity in their organization, only 36 percent have adopted new security policies.

The report from Dashlane is based on a survey of more than 600 employees and managers and over 300 IT decision makers (leaders) at SMBs across multiple industries.

Continue reading →

New analysis by CybSafe of data from the UK Information Commissioner's Office shows 80 percent of data breaches reported in 2021 were caused by user error.

A total of 2,692 reports were sent to the ICO last year 80 percent of which could be attributed to actions taken by end-users, though this is down from 90 percent in 2020.

Continue reading →

A new report reveals that 53 percent of organizations have experienced a cyberattack on their cloud infrastructure within the last 12 months.

The 2022 Cloud Security Report from Netwrix shows that was the most common type of attack, experienced by 73 percent of respondents.

Continue reading →

Surfshark is one of the best VPNs on the market for several reasons -- not just its affordable pricing and reliability. The service is cross-platform and available on all major operating systems, including Windows, macOS, iOS, iPadOS, and Android. In fact, there is even a Linux version of Surfshark (with a GUI) for Debian-based distributions and derivatives, such as Ubuntu, Linux Mint, and Pop!_OS.

Recently, Surfshark added an antivirus service at no added cost, making it even more of an incredible value. However, people were understandably hesitant to depend on a brand-new antivirus service to protect their computers and devices. Well, folks, it seems any concerns were unwarranted. You see, today, Surfshark announces it has received the coveted VB100 certification from Virus Bulletin.

Continue reading →

When it comes to fraud, you can never be too careful. Especially when you hear about the brass neck of some criminal gangs that are increasingly adopting the persona of legitimate businesses to peddle stolen credit card details and other financial information.

Fraud-as-a-service (FaaS), as it’s known, has become an industry in itself, with criminals able to provide a one-stop-shop for scammers to rip-off customers and businesses. These organized fraud rings -- often manned by career professionals who know how to bypass rules-based systems -- are becoming increasingly sophisticated.

Continue reading →

As long ago as 2004 no less a figure than Bill Gates was predicting the death of the password. But here we are almost 20 years on and passwords are still the primary authentication method.

So passwords look set to be with us for a while yet, however, 90 percent of internet users are worried about getting their passwords hacked. Cybersecurity company Ping Identity has been looking at passwords and how to use them safely for both businesses and consumers.

Continue reading →

A new survey of cybersecurity professionals attending this week's RSA conference shows that cloud security is their main concern.

The study by Delinea shows 37 percent think cloud security is the main cybersecurity concern of the year, followed by ransomware (19 percent) and remote workers (17 percent).

Continue reading →

Fans of Linux-based operating systems often cite greater security as the basis for the love of their chosen distro. Whether Linux distros have better security track records than the likes of Windows 11 and macOS because they are inherently more secure or because they are simply not targeted as much as very much open to debate, but Linux remains fallible, nonetheless.

Going some way to prove this is the Symbiote malware discovered by security researchers from BlackBerry and Intezer Labs. Symbiote is worrying for a number of reasons including the fact that it is described as "nearly-impossible-to-detect". It is also extremely dangerous piece of malware that "parasitically infects" systems, infecting all running processes and giving threat actors rootkit functionality, remote access and more.

Continue reading →

While most IT and security operations (SecOps) decision-makers believe they should jointly share the responsibility for their organization's data security strategy, many of these teams are not collaborating as effectively as possible to address growing cyber threats.

This is one of the findings of a new report from data management firm Cohesity which also shows that of those respondents who believe collaboration is weak between IT and security, nearly half think their organization is more exposed to cyber threats as a result.

Continue reading →