First held in 2021, Identity Management Day seeks to inform about the dangers of casually or improperly managing and securing digital identities by raising awareness and sharing best practices across the industry.

Today's second celebration of all things identity management -- you may have noticed the Identity Management Day eggs and bunnies in the shops (oh, they're for something else?) -- has sparked comment from many industry figures and we round up some of their thoughts below.

Continue reading →

The ongoing struggle between good and bad actors in the cyber world has often been compared to a battle or warfare. More recently the threat of nation state attacks on critical infrastructure has led to more actual military interest in the cyber arena, as we've seen in Ukraine.

The Israel Defense Force's 8200 unit is often referred to the SEALs or SAS of cyber military units and its veterans are driving many of Israel's tech start ups.

Continue reading →

Microsoft is putting the squeeze on anyone who is hanging doggedly on to an old version of Windows.

The company is ending support for Windows 10 version 20H2 in just a few short weeks, meaning that anyone who fails to upgrade will no longer receive security updates. Microsoft would, of course, like users to upgrade to Windows 11, but this is not the only option.

Continue reading →

A new study from Netwrix reveals that 70 percent of organizations use a vulnerability assessment tool, but not always for the reasons you might think.

Rather than to ensure compliance, 70 percent say the primary reason for purchasing the tool is the need for proactive security measures. In addition 76 percent of those who don't yet own a vulnerability assessment tool and plan to acquire one in the near future for the same reason.

Continue reading →

At its Windows Powers the Future of Hybrid Work event earlier this week, Microsoft revealed various new features that are coming to Windows 11. As well as additions such as tabs in File Explorer and folders in the Start menu, the company revealed a lot of upcoming security features.

One of the security highlights is Smart App Control, which works like an enhanced version of the SmartScreen filter already found in Windows. It will help to block malicious apps, but there is a serious downside that will put off a lot of people.

Continue reading →

In today’s business environment, data is one of the most valuable assets any organization owns. Consequently, a great deal of time and money is spent trying to ensure that the most effective data security measures are in place to protect it. But with so many options available, knowing which approach to take is becoming increasingly difficult.

Escalating cybercrime, the adoption of cloud computing, an explosion in mobile device usage, and varying technology and applications means there’s so much to consider. No matter the industry, a data security breach is now an increasingly likely scenario that all businesses could face. Security teams should therefore consider a strategy that is focused on protecting actual data throughout its entire lifecycle, rather than just focusing on the infrastructure around it. 

Continue reading →

New research from Vectra AI shows 94 percent of IT security leaders have felt increased pressure to keep their company safe from cyberattacks in the past year, while half say they feel burned out and ready to quit.

The survey of 200 UK IT security decision-makers finds 51 percent of respondents have experienced negative emotions such as depression, anger, or anxiety due to feeling overwhelmed by work.

Continue reading →

Whether it's down to the Great Resignation or a lack of the correct skills, security and development teams are struggling to find and retain enough skilled staff.

A new study released today by cybersecurity company Cobalt finds that 45 percent of security respondents say their department is currently experiencing a shortage of employees.

Continue reading →

The latest research from Cado Security reveals the first publicly known malware that is specifically designed to execute in the AWS Lambda serverless environment.

Named Denonia, the malware downloads and runs crypto mining software, and demonstrates how attackers are exploiting newer cloud computing use cases to take advantage of their ephemeral nature to evade detection.

Continue reading →

Launched last year, Avast One aimed to offer a comprehensive protection suite with both free and paid for editions.

The company has now announced significant enhancements to the product, with new features designed to protect people from online scams, fraud, and other personal privacy threats.

Continue reading →

Over half (56 percent) of IT security leaders say that their non-technical staff are only 'somewhat' or 'not at all' prepared, for a cyberattack.

A new survey by Egress of 600 IT security leaders also shows that 77 percent of respondents have seen an increase in security compromises since going remote twp years ago, and there's a continued significant risk to organizations.

Continue reading →

A new study into financial fraud from Feedzai finds that fraud attempts globally are up by 233 percent over the last two years.

Over the same period there has also been a whopping 794 percent increase in fraud on digital entertainment transactions. The effects of the pandemic are evident too with a 65 percent increase in online transactions and a 75 percent drop in US cash withdrawals.

Continue reading →

A new study from Israel-based XM Cyber, based on findings from nearly two million endpoints, files, folders and cloud resources throughout 2021, shows 94 percent of critical assets can be compromised within just four steps of the initial breach point.

The research team analyzed the methods, attack paths and impacts of attack techniques that imperil critical assets across on-premise, multi-cloud and hybrid environments, and developed tips for thwarting them.

Continue reading →

A new multi-vector endpoint detection and response (EDR) solution from Qualys aims to reduce the risk of compromise with vulnerability management and patching all from a single agent.

Traditional EDR solutions still focus solely on endpoint activity to detect attacks and incorporate only MITRE ATT&CK techniques -- not tactics. This means security teams are forced to rely on additional tools to strengthen their risk management.

Continue reading →

A record 71 percent of organizations were impacted by successful ransomware attacks last year, according to the 2022 Cyberthreat Defense Report (CDR) from CyberEdge Group, up from 55 percent in 2017.

Of those that fell victim, almost two-thirds (63 percent) paid the requested ransom, up from 39 percent in 2017.

Continue reading →