Security

A report out today shows that 85 percent of enterprises have increased their budget investment in security operations during the pandemic, while 72 percent have increased their staffing and 79 percent have increased their adoption of advanced security technologies.

The study from the CyberRes arm of Micro Focus also reveals that security operations centers (SOCs) have increased their adoption of the cloud, with 95 percent now deploying their solutions in hybrid-cloud environments.

As a big chunk of the world suddenly started to work from home during the pandemic, many companies turned to VPNs as a means of securing remote access.

However, as more systems are now in the cloud and secured using zero trust network access (ZTNA) is the age of the VPN over? We spoke to Robert Byrne, field strategist at One Identity to find out.

Security is one of the most important components to every company’s computer network. That’s why the Security Fundamentals MTA Certification is so highly sought after. Filling IT positions is a top problem in today’s businesses, so this certification could be your first step toward a stable and lucrative IT career.

Security Fundamentals is your guide to developing a strong foundational understanding of Windows security, so you can take your IT career to the next level and feel confident going into the certification exam.

Analysis by CybSafe of incidents reported to the UK's Information Commissioner's Office (ICO) shows that ransomware attacks made up 22 percent of all reported cyber security incidents in the first half of 2021. This is up from 11 percent in the first half of 2020

Phishing still leads, accounting for 40 percent of all cybersecurity cases reported to the ICO, slightly down from 44 percent the year before, but ransomware has now edged into second place.

A report released today finds that while adoption of container architectures and microservices continues at an impressive pace, maintaining automated and proactive security and compliance is a major challenge.

The study, from container security specialist NeuVector, polled over 1,200 DevOps professionals attending KubeCon EU 2021 and shows over 89 percent have container deployments active, and 88 percent are planning additional deployments in the next six to 12 months.

Data is the lifeblood of businesses, but managing it effectively and keeping it secure presents some significant challenges.

How do you ensure that you have the latest information for example? And how can you be certain your compliance procedures are up to date?

Industrial control system (ICS) vulnerability disclosures are increasing as recent high-profile cyberattacks on critical infrastructure and industrial enterprises have made ICS security a mainstream issue.

The latest biannual ICS Risk & Vulnerability Report released today by Claroty shows a 41 percent increase in ICS vulnerabilities disclosed in the first half of 2021 compared to the previous six months, which is particularly significant given that in all of 2020 they increased by 25 percent from 2019 and 33 percent from 2018.

"Cybersecurity doesn’t apply to me because my business is too small to matter", and "Cybercriminals would never bother hacking us because we don’t have valuable data or many financial assets."

If these comments sound familiar, that’s because it is unfortunately the view held by a large majority of the SMB community. Small to medium sized businesses are slowly jumping on the cybersecurity bandwagon, but must first leave this 'it would never happen to me' mentality behind.

Today’s work environment is radically different from that of just 16 months ago. COVID-19 has created a permanent state of hybrid or fully remote work, which, yes, brings a number of benefits, but it also increases employee stress, reduces their attention span, and creates a chasm between them and their internal security team.

We’re living in the new world order, which compounds and amplifies the threats from what have historically been the three most common security incident reasons -- people getting hacked, people making mistakes, and people breaking rules. Not being proactive about potential insider threats almost guarantees an organization that hasn’t been hacked will be doomed to join the many big-name brands that have found themselves having to pay ransom for access to their systems. 

Canonical is announcing today that Ubuntu is set to drive high security and regulated workloads thanks to gaining a new FIPS (Federal Information Processing Standards) certification.

Now the world's most popular operating system across private and public clouds, Ubuntu has received the FIPS 140-2, Level 1 certification for its cryptographic modules in Ubuntu 20.04 LTS, including OpenSSL 1.1.1.

The expansion of cloud use and remote working have made protecting business systems much more complicated, with simple perimeter controls no longer enough.

ExtraHop is launching updates to its Reveal(x) 360 cyber defense platform that provide deep forensic insight into hybrid cloud networks to allow for advanced threat response.

A new study from HP Wolf Security shows that 72 percent of IT decision makers worry that nation state tools and techniques could filter through to the dark net and be used to attack their businesses.

The survey, of 1,100 decision makers around the world, also finds 58 percent are worried their business could become a direct target of a nation state attack. A further 70 percent believe they could end up being 'collateral damage' in a cyber war.

There has been a 22 percent increase in phishing volume in the first half of 2021 compared to the same period last year. Though there was a dip in June following record highs in May.

A report from digital risk protection company PhishLabs shows that the cryptocurrency sector saw a 10 times increase in attacks in the last quarter compared to the previous one.

As threats continue to evolve security vendors must keep up. This means having up to date information and being able to act on it quickly.

The key to this is effective threat intelligence. We spoke to Anuj Goel, co-founder and CEO of Cyware to find out more about threat intelligence and why sharing is key to making the most of it.

Microsoft's Windows 365 Cloud PC may only be a few weeks old, but a security flaw has already been found that can be exploited to extract Microsoft Azure credentials.

The credential extraction is made possible by the open-source tool Mimikatz, created by security researcher Benjamin Delpy (one of the names associated with exposing the PrintNightmare vulnerabilities). Admin privileges are required to execute the exploit it is concerning nonetheless.