While most endpoint security products are capable of handling public email and web-based threats, many are unable to provide complete protection against targeted attacks, according to a new report.

Security testing firm SE Labs tested a variety of endpoint security products from different vendors in order to gauge their effectiveness.

According to a Cybersecurity Ventures report, 2021 was predicted to have one cyberattack every 11 seconds and the cumulative cost to repair these post cyber incidents will soar to over $6 trillion in 2022.

As the digital business ecosystem expanded and the attack surface grew in tandem, cybersecurity investments have remained products and services driven. However, this approach only allows enterprises to accept or improve their cyber risk posture. Now, as the costs to manage and mitigate cyber risks rise – the average ransom demand increased by 170 percent from 2020-2021 -- businesses are seeking to 'transfer' their cyber risks through insurance. Last year alone, cyber insurance claim frequency increased by 46 percent for IT services, 53 percent for professional services, and 263 for the industrial industry, according to a report by Coalition.

The Colonial Pipeline attack in 2021 highlighted how vulnerable industrial control systems, and in particular energy supplies, can be to cyberattacks.

The oil and gas sector is particularly at risk as it often relies on older devices that don't receive timely firmware updates. We spoke to Mark Kerzner, CEO and co-founder of ElephantScale and Scaia AI who has worked with many oil industry leaders, to find out more about the risks and how they can be addressed.

Over half (55 percent) of organizations see malware and ransomware as an 'extreme' threat and 75 percent believe it will get bigger over the next year.

This is among the findings of the 2021 Malware and Ransomware report from Bitglass (which was recently acquired by Forcepoint). A joint venture with Cybersecurity Insiders, the report is based on a survey of hundreds of cybersecurity professionals across industries to better understand how the growing malware and ransomware problem has changed the way they protect their organization.

A flaw in the comments feature of Google Docs is allowing attackers to target users with phishing emails.

Security researchers at email security company Avanan have observed what they call, "a new, massive wave of hackers" using the comment feature in Google Docs during December to launch attacks, mainly against Outlook users.

As organizations adapt to hybrid working models and modernize business practices, so too must cybersecurity programs.

We talked to Rupesh Chokshi, VP at AT&T Cybersecurity, to discuss key challenges and how XDR is becoming an important framework, helping organizations consolidate and improve security operations across the entire network, from endpoints to the cloud and beyond.

LastPass users around the world were thrown into a state of panic after the company issued email warning about unauthorized use of master passwords.

The password manager company advised users of suspicious login attempts using the master password associated with their account. This led to concerns that the company has been hacked or that  passwords had been leaked, but LastPass says that the warnings were erroneous.

Over the last 18 months, the world has changed which has impacted everyone personally and in the workplace.  Businesses now have to adopt more flexible, work-from-anywhere strategies. This has increased the potential for security attacks that IT and Operations Teams need to defend against with the majority of employees remotely connecting to critical business systems.

With more companies embracing cloud communications and enabling employees to connect from a myriad of devices using a plethora of business applications, the opportunity for bad actors to compromise critical systems has expanded and security can no longer be an afterthought. It has to be included in the overall company strategy. Here’s what we foresee on the horizon for infrastructure security in 2022.

Technology has had an impact on most areas of our lives. In the healthcare sector the pandemic has seen a rise in the use of remote consultations and more.

In the next year experts expect this to continue along with trends towards AI, wearables and more.

Although 5G technology isn't yet available to everyone, the rollout continues and as it does businesses need to recognize the challenges and opportunities that it brings.

Here are some industry expert views on what we can expect from 5G in 2022.

The transition to remote and hybrid working has led enterprises to radically revise the way they operate. This has thrown up a variety of new challenges in ensuring systems remain secure.

Industry experts give us their views on what security issues businesses will face as we head into 2022.

Zero trust has been one of the security buzz phrases of the past year and control of identity and credentials is likely to remain a focus for businesses and consumers alike, especially as the work from home trend looks set to continue.

Here's what some of the experts think the identity field holds for us in 2022.

Cybercrime has increasingly become a feature of the modern world and its perpetrators are getting ever more professional.

But what can we expect to see next year in terms of the types of attack and how they're delivered? Here's what the experts think.

Even a year after the SolarWinds infiltration in late 2020, software supply chain risk continues to dominate the security conversation. Take the Log4Shell vulnerability that recently came to light and caught everyone off guard. Not only is this flaw insanely easy to exploit but the impacted Log4j library is used in nearly every enterprise Java installation -- and the vulnerability gives attackers ultimate power to download, delete, install, and server-hop as they please. As even massive companies like Google, PayPal, Apple, and Netflix are impacted by this flaw via the software supply chain, it’s another one that makes organizations wonder: are we using that too?

In 2022, IT leaders will intensify their supply chain focus to answer this very question, expanding their scrutiny from their own applications to the components they buy and integrate. Widening the scope of the supply chain is crucial; outside software and components need their checks and balances just as code created internally does. This deepened understanding of supply chain risk will increase demands to test and secure everything, from the most seemingly insignificant open source package to the most extensive APIs and third-party components.

A new report finds that although 37 percent of respondents would pay a ransom, more than half of this group (57 percent) would reverse that decision if they had to publicly report the payment.

The Ransomware Disclosure Act, a bill currently before the US Senate, would require companies to report ransomware payments within 48 hours and so could have a dampening effect on the crime's profitability.