Articles about Security

In order to provide real-time services to the user, enhance data management and support latency-critical applications, many businesses are moving computing to the edge.

But this brings with it new issues when it comes to securing systems. The latest Cybersecurity Insights Report from AT&T Cybersecurity focuses on the security considerations needed in order to implement edge computing safely.

Continue reading →

The thing about integrated office suites is that inevitably you don't need all of the features they provide, or at least you use some of them less than others.

New research from managed services provider Ensono shows that 83 percent of enterprises say Microsoft 365 is an invaluable part of their business operations. However, almost half aren't using all of the features available.

Continue reading →

Electronic documents are becoming more common in business, but this doesn't eliminate the risk of forgery or tampering.

UK-based Borderless Security is launching a new e-signature solution that makes use of blockchain technology to create a safe, secure and convenient solution for signing paperwork, contracts and legally binding documents.

Continue reading →

Changes to the UK government's Cyber Essentials security certification scheme come into force today. They include things like guidelines on remote working and hybrid approaches, rules for cloud service accounts -- such as deploying multi-factor authentication -- and speeding up critical patch deployments for critical and high severity vulnerabilities

We talked to Karl Alderton, technical account manager at security and compliance specialist Qualys to find out more about how these changes will affect businesses and what they need to do in response.

Continue reading →

A new study from IDG Communications finds that more than half (57 percent) of CIOs surveyed indicate the need for security improvements as a top reason for increasing tech budgets this year.

This is followed by upgrading outdated IT infrastructure (48 percent) and investing in new skills and talent (48 percent). In addition, over three-quarters (76 percent) think their involvement with cybersecurity will increase over the next year, along with their involvement in data privacy and compliance (71 percent).

Continue reading →

Insurance companies exist to offer protection but they're increasingly having to protect themselves against a range of cyberattacks.

A new report from IntSights looks at the threats faced by insurance businesses and why they’ve become a particular problem in recent times.

Continue reading →

Despite the fact that admin credentials represent a major prize for hackers and cybercriminals, a new report reveals that 65 percent of organizations still rely on shared logins and 41 percent use shared SSH keys.

The survey of 600 DevOps professionals from infrastructure access platform strongDM shows that technical staff at 93 percent of organizations have access to sensitive systems.

Continue reading →

A new, rapidly evolving, series of spyware campaigns attacking more than 2,000 industrial enterprises around the world has been uncovered by experts at Kaspersky.

Although the malware used in these attacks belongs to well-known commodity spyware families, they stand out from the mainstream due to the very limited number of targets in each attack -- no more than a few dozen -- and the very short lifetime of each malicious sample.

Continue reading →

New figures released today from cyber exposure company Tenable show that over 40 billion records were exposed in data breach incidents last year, a whopping 78 percent increase over the previous year.

The company's 2021 Threat Landscape Retrospective report is based on analysis of 1,825 incidents publicly disclosed between November 2020 and October 2021. Since many reports didn't include details of the number of records breached the true figure is likely to be far higher.

Continue reading →

Software supply chain attacks grew by more than 300 percent in 2021 compared to 2020 as attackers focused on open source vulnerabilities and poisoning, code integrity issues, and exploiting the software supply chain process and supplier trust to distribute malware or backdoors.

According to Aqua Security's Argon Security arm, 2021 Software Supply Chain Security Review, security across software development environments remains low, and significantly, every company evaluated had vulnerabilities and misconfigurations that could expose them to supply chain attacks.

Continue reading →

New data shows that while total perimeter malware detection volume has decreased, endpoint malware detections had already surpassed the total volume seen in 2020 by the third quarter of 2021.

The latest quarterly report from WatchGuard Technologies also shows a continuing trend for a significant percentage of malware to arrive over encrypted connections, the percentage delivered via TLS jumping from 31.6 percent to 47 percent.

Continue reading →

Financial services companies on the Bugcrowd platform experienced a 185 percent increase in the last 12 months for Priority One (P1) submissions, which relate to the most critical vulnerabilities.

According to activity recorded on the Bugcrowd Security Knowledge Platform, high-level trends include an increase in ransomware and the reimagining of supply chains, leading to more complex attack surfaces during the pandemic.

Continue reading →

Although Secure Access Service Edge (SASE) is widely seen as the answer to balance network performance and security, new research from Cato Networks shows a radical approach is needed in order to reap the full benefits.

The study of over 2,000 IT leaders and nearly 1,000 channel partners doesn't show much difference between those who have and have not adopted SASE. When asked how they react to performance issues with cloud applications, 67 percent of SASE users and 61 percent of non-SASE users claim they would add bandwidth, while 19 percent of SASE users and 21 percent of non-SASE users would look to WAN optimization appliances.

Continue reading →

From a privacy point of view, there is much to love about end-to-end encryption, as employed by the likes of WhatsApp. But while users may delight in the knowledge that their communication is free from surveillance, there are some groups that have a different opinion.

Law enforcement agencies have long-complained that E2E encryption stands in the way of investigations, and serves to complicate evidence gathering. Many governments are of the same mind, and it's not just those that are traditionally regarded as totalitarian by other countries. Governments from ostensibly democratic countries are opposed to E2E encryption, and some are using underhand tactics in negative PR campaigns.

Continue reading →

Historically identity and access management has been built around an on-premises model. But with more systems now residing in the cloud the old way of doing things isn't working.

To find out more about why the cloud needs a new approach to IAM we spoke to Britive CEO, Art Poghosyan, about the challenges it raises and how to address them.

Continue reading →