Articles about Security

Since the start of the pandemic, the way business is conducted has changed permanently, with many workforces continuing to work remotely as restrictions have eased. As companies relax and rules have eased, life is expected to return to a form of 'new normal.' But, the issues around cybersecurity are here to stay, and the gas pedal must not be eased -- especially with the increased risks associated with continued remote working. 

If anything, security should be more reinforced now than ever before to ensure all aspects of a business are secure. But this isn’t the case.

Continue reading →

Data security company Varonis has released research based on an analysis of four billion files across 50 organisations in the manufacturing industry and finds that there’s a huge problem of overexposure of data in the sector.

Every employee can access, on average, six million files on their first day on the job and four out of every 10 organizations have 1,000+ sensitive files open to every employee.

Continue reading →

Organizations are prioritizing strategic security programs but are missing the capabilities they need to make meaningful changes to their security posture according to a new report.

The study by ReliaQuest, in partnership with Ponemon Research shows that 48 percent of organizations are prioritizing implementing zero trust principles as part of their security strategy.

Continue reading →

Cyberattacks continue to be a problem for businesses and it's no surprise that cyber insurers are tightening up their requirements for policyholders to obtain new cover or to renew their existing cyber policies.

But in the past cybersecurity and cyber insurance have tended to operate in silos with insufficient coordination, leading to a misalignment between the cyber threats faced by an organization and the security measures needed to prevent them.

Continue reading →

Having already given commercial users the option of adopting passwordless sign-in, Microsoft is doing the same for consumers. Starting today, users have the option of removing the password from their Microsoft account and choosing different methods of authentication.

The move means that is now possible to access the likes of OneDrive, Outlook and other Microsoft services without the need to remember or enter a password. But this does not mean having to compromise on security.

Continue reading →

A new report from Cisco's Duo Security arm shows that 79 percent of respondents report having used 2FA in 2021, compared to 53 percent in 2019 and just 28 percent in 2017.

Only 32 percent report using 2FA on all applications where available though, so there's still room for improvement.

Continue reading →

A new survey from Venafi reveals that 94 percent of executives believe there should be clear consequences -- such as fines and greater legal liability for companies proven to be negligent -- for software vendors that fail to protect the integrity of their software build pipelines.

However, most have done little to change the way they evaluate the security of the software they purchase and the assurances they demand from software providers.

Continue reading →

Although COVID-19 has meant a change to remote working, six out of 10 respondents to a new survey by Thales are still relying on traditional security tools and 44 percent are not confident in their ability to scale to remote work.

The study of 2,600 IT decision makers, commissioned by Thales and conducted by 451 Research seeks to better understand the new security risks and challenges caused by the rise of remote working and cloud transformation.

Continue reading →

Almost 60 percent of Americans have smart TVs in their homes, yet almost one in four do nothing to protect their smart devices.

This is according to a new study by NordVPN which highlights a number of risks, including hackers being able to access a smart TV's camera and microphone through malware.

Continue reading →

The latest threat report from Nuspire shows that the second quarter of 2021 saw a massive 55,239 percent increase in ransomware activity during the second and third weeks.

This took place just prior to the Colonial Pipeline ransomware attack conducted by the DarkSide ransomware group. The reason for the increase is not known, however, and it may not be related to the attack.

Continue reading →

More than two million web servers worldwide are still running on outdated and vulnerable versions of Microsoft Internet Information Services (IIS) software according to research from CyberNews.

With 12.4 percent of the market worldwide IIS is the third-most-popular suite of web server software, used to power at least 51.6 million websites and web applications.

Continue reading →

A new report from HP Wolf Security reveals that 76 percent of IT teams admit security has taken a backseat to business continuity during the pandemic, while 91 percent feel pressure to compromise security for business continuity.

It also shows that almost half (48 percent) of younger office workers (18-24 years old) surveyed view security tools as a hindrance, leading to nearly a third (31 percent) trying to bypass corporate security policies to get their work done.

Continue reading →

The Biden administration might have called on high profile figures to improve cybersecurity, but the reality is it's down to all businesses to tighten up their IT security measures.

The recent White House Cyber Summit with high profile leaders of some of the world’s biggest tech, energy, and financial services companies was a sign that the Biden administration is doubling down on its effort to prevent cyber attacks.

Continue reading →

Ransomware has hit the headlines in recent months with attacks on infrastructure and supply chains closing down operations. But ransomware has the potential to be even more devastating if it’s spread via Active Directory, as demonstrated by the SolarWinds attack.

We talked to Derek Melber, chief technology and security strategist of Tenable to find out more about AD attacks and how to combat them.

Continue reading →

We’re a year and a half into the COVID-19 pandemic, and burnout is hitting employees hard. Recently, Okta CEO Todd McKinnon used an all-hands meeting with employees to underline the importance of taking vacation. In April, LinkedIn announced it was giving the entire company a full week off to unplug, recharge and help curb burnout. 

For security teams, burnout isn’t a new phenomenon. Given the need to always be on and ready, cybersecurity professionals already face high levels of stress, and the pandemic has added to increasing and alarming burnout rates. On the heels of the Exchange, Kaseya, and SolarWinds attacks, it’s no surprise that cybersecurity teams are overworked and exceptionally stressed -- we’re under a lot of pressure.

Continue reading →