Articles about Security

The Colonial Pipeline attack in 2021 highlighted how vulnerable industrial control systems, and in particular energy supplies, can be to cyberattacks.

The oil and gas sector is particularly at risk as it often relies on older devices that don't receive timely firmware updates. We spoke to Mark Kerzner, CEO and co-founder of ElephantScale and Scaia AI who has worked with many oil industry leaders, to find out more about the risks and how they can be addressed.

Continue reading →

Over half (55 percent) of organizations see malware and ransomware as an 'extreme' threat and 75 percent believe it will get bigger over the next year.

This is among the findings of the 2021 Malware and Ransomware report from Bitglass (which was recently acquired by Forcepoint). A joint venture with Cybersecurity Insiders, the report is based on a survey of hundreds of cybersecurity professionals across industries to better understand how the growing malware and ransomware problem has changed the way they protect their organization.

Continue reading →

A flaw in the comments feature of Google Docs is allowing attackers to target users with phishing emails.

Security researchers at email security company Avanan have observed what they call, "a new, massive wave of hackers" using the comment feature in Google Docs during December to launch attacks, mainly against Outlook users.

Continue reading →

As organizations adapt to hybrid working models and modernize business practices, so too must cybersecurity programs.

We talked to Rupesh Chokshi, VP at AT&T Cybersecurity, to discuss key challenges and how XDR is becoming an important framework, helping organizations consolidate and improve security operations across the entire network, from endpoints to the cloud and beyond.

Continue reading →

LastPass users around the world were thrown into a state of panic after the company issued email warning about unauthorized use of master passwords.

The password manager company advised users of suspicious login attempts using the master password associated with their account. This led to concerns that the company has been hacked or that  passwords had been leaked, but LastPass says that the warnings were erroneous.

Continue reading →

Over the last 18 months, the world has changed which has impacted everyone personally and in the workplace.  Businesses now have to adopt more flexible, work-from-anywhere strategies. This has increased the potential for security attacks that IT and Operations Teams need to defend against with the majority of employees remotely connecting to critical business systems.

With more companies embracing cloud communications and enabling employees to connect from a myriad of devices using a plethora of business applications, the opportunity for bad actors to compromise critical systems has expanded and security can no longer be an afterthought. It has to be included in the overall company strategy. Here’s what we foresee on the horizon for infrastructure security in 2022.

Continue reading →

Technology has had an impact on most areas of our lives. In the healthcare sector the pandemic has seen a rise in the use of remote consultations and more.

In the next year experts expect this to continue along with trends towards AI, wearables and more.

Continue reading →

Although 5G technology isn't yet available to everyone, the rollout continues and as it does businesses need to recognize the challenges and opportunities that it brings.

Here are some industry expert views on what we can expect from 5G in 2022.

Continue reading →

The transition to remote and hybrid working has led enterprises to radically revise the way they operate. This has thrown up a variety of new challenges in ensuring systems remain secure.

Industry experts give us their views on what security issues businesses will face as we head into 2022.

Continue reading →

Zero trust has been one of the security buzz phrases of the past year and control of identity and credentials is likely to remain a focus for businesses and consumers alike, especially as the work from home trend looks set to continue.

Here's what some of the experts think the identity field holds for us in 2022.

Continue reading →

Cybercrime has increasingly become a feature of the modern world and its perpetrators are getting ever more professional.

But what can we expect to see next year in terms of the types of attack and how they're delivered? Here's what the experts think.

Continue reading →

Even a year after the SolarWinds infiltration in late 2020, software supply chain risk continues to dominate the security conversation. Take the Log4Shell vulnerability that recently came to light and caught everyone off guard. Not only is this flaw insanely easy to exploit but the impacted Log4j library is used in nearly every enterprise Java installation -- and the vulnerability gives attackers ultimate power to download, delete, install, and server-hop as they please. As even massive companies like Google, PayPal, Apple, and Netflix are impacted by this flaw via the software supply chain, it’s another one that makes organizations wonder: are we using that too?

In 2022, IT leaders will intensify their supply chain focus to answer this very question, expanding their scrutiny from their own applications to the components they buy and integrate. Widening the scope of the supply chain is crucial; outside software and components need their checks and balances just as code created internally does. This deepened understanding of supply chain risk will increase demands to test and secure everything, from the most seemingly insignificant open source package to the most extensive APIs and third-party components.

Continue reading →

A new report finds that although 37 percent of respondents would pay a ransom, more than half of this group (57 percent) would reverse that decision if they had to publicly report the payment.

The Ransomware Disclosure Act, a bill currently before the US Senate, would require companies to report ransomware payments within 48 hours and so could have a dampening effect on the crime's profitability.

Continue reading →

In 93 percent of cases, an external attacker can breach an organization's network perimeter and gain access to local network resources.

This is among the findings of a new study of pentesting projects from Positive Technologies, conducted among financial organizations, fuel and energy organizations, government bodies, industrial businesses, IT companies and other sectors.

Continue reading →

Almost a quarter (22 percent) of employees globally are likely to expose their organization to the risk of cyber-attack via a successful phishing attempt according to a new study.

The study, from AI-driven cybersecurity training software company Phished, shows that of employees who open a phishing message 53 percent are likely to click a malicious link contained within it.

Continue reading →