Articles about Security

A new report shows that 86 percent of organizations believe they follow best practices for security hygiene and posture management, though they may not actually be doing so.

The report, created for asset management and governance company JupiterOne by Enterprise Strategy Group (ESG), finds that 73 percent of security professionals admit that they still depend on spreadsheets to manage security hygiene and posture at their organizations.

Continue reading →

Two in five CISOs have missed holidays like Thanksgiving due to work demands and a quarter haven't taken time off work in the past 12 months.

A new report from Tessian based on a study of 300 CISOs also shows that they work, on average, 11 more hours than they're contracted to each week while one in 10 works 20 to 24 hours extra a week.

Continue reading →

Back in 2019, I wrote an article about the talent shortfall in technology and cybersecurity. Unfortunately, since the pandemic and because of Brexit, that gap, particularly here in the UK, has only widened. As of 2021, the global talent shortage already amounts to40 million skilled workers worldwide. By 2030, the global talent shortage is predicted to reach 85.2 million workers.

This means that companies worldwide risk losing $8.4 trillion in revenue because of the lack of skilled talent. This gap is keenly felt in security and again there is currently a shortage of 350,000+ cybersecurity specialists in Europe alone.

Continue reading →

A new survey of more than 200 IT leaders in the US finds that 95 percent of businesses are making multi-cloud a strategic priority in 2022 with security being top of mind.

However, only 54 percent feel highly confident that they have the tools or skills they need to execute the strategy. In fact, when it comes to multi-cloud operations in general, 76 percent of respondents believe it is 'under-invested' at their respective companies.

Continue reading →

New research from cloud services provider Navisite finds that 45 percent of companies do not employ a Chief Information Security Officer (CISO). However, of this group 58 percent think they should have one.

Only 40 percent of respondents say their cybersecurity strategy was developed by a CISO or member of the security team, with 60 percent relying on other parts of their organization, including IT, executive leadership and compliance.

Continue reading →

A lack of preparedness for ransomware attacks on weekends and holidays has a significant impact on victim organizations according to a new report.

The study from Cybereason shows 24 percent of companies have no security plan for holidays and weekends and 43 percent say that attacks at these times take longer to stop.

Continue reading →

Data from 3,900 tests conducted on 2,600 software or systems targets reveals that 97 percent had some form of vulnerability, 30 percent of the targets had high-risk vulnerabilities, and six percent had critical-risk vulnerabilities.

In the research from Synopsys 83 percent of the tested targets were web applications or systems, 12 percent mobile applications, and the remainder either source code or network systems/applications. Industries represented in the tests include software and internet, financial services, business services, manufacturing, media and entertainment, and healthcare.

Continue reading →

New research carried out by ESG for digital forensics platform Cado Security finds that 89 percent of companies have experienced a negative outcome in the time between detection and investigation of a cyber-attack on their cloud environments.

When asked about the challenges involved in dealing with incidents, 74 percent of security professionals say their organizations need additional data and context to conduct forensics investigations in cloud environments.

Continue reading →

We've been told for a long time that passwords are on the way out. Indeed no less a figure than Bill Gates predicted the death of the password at 2004's RSA conference, yet we still rely on them for managing much of our day-to-day access.

But things are starting to change. Patrick McBride, CMO at Beyond Identity, believes that the technology to eliminate passwords and replace them with something more secure is starting to take off. We talked to him to discover more.

Continue reading →

The use of SaaS-based applications and systems has taken off in recent years, but that surge has highlighted a problem in the form of a lack of standardization for software descriptions across all types of systems.

This makes it much harder for IT teams to assess vulnerability levels across all the packages in an enterprise. But what risks does this pose and how can businesses tackle the problem? We spoke with Peter Lund, VP at operational technology cybersecurity company Industrial Defender, to discover more.

Continue reading →

Healthcare organizations and patients are facing greater risk as an increase in connected devices creates an expanded attack surface according to a new report.

The study from asset management and security platform Armis surveyed 2,000 patients and 400 healthcare IT professionals across the US and shows a disconnect between the concerns of the two groups.

Continue reading →

New research from SecureAge Technology finds that 85 percent of US and UK employers have been forced to adopt new cybersecurity measures as a result of the COVID-19 pandemic and the shift to remote work.

Of those that adopted new cybersecurity defenses, both US (41 percent) and UK (38 percent) businesses note that 'technical implementation challenges' are the primary hurdle in getting their new COVID-driven cybersecurity protocols and strategies in place.

Continue reading →

A cultural divide between IT and operational technology (OT) teams is preventing organizations from having a unified strategy to protect both environments.

A report from Dragos and the Ponemon Institute shows only 43 percent of organizations have cybersecurity policies and procedures that are aligned with their ICS and OT security objectives.

Continue reading →

With high profile cyber attacks and data breaches continuing to make the news, security is at the top of the priority list for businesses.

But how do you know that the resources you put into cybersecurity are providing a good return on the investment? We spoke with Oliver Rochford, security evangelist at Securonix to find out.

Continue reading →

Thanks to organizational changes brought about by digital transformation, enterprise use of Public Key Infrastructure (PKI) and digital certificates has never been higher, but the related skills to manage PKI are in historically short supply.

A new report from trusted identity company Entrust, based on research from the Ponemon Institute, finds cloud-based services remain the highest driver of PKI use at 51 percent, the Internet of Things (IoT) remains the second highest growing trend cited by 46 percent of respondents, and consumer mobile comes in third at 39 percent.

Continue reading →