Articles about Security

Nearly half (49 percent) of US employees create their own tricks and shortcuts for managing logins, leaving business systems open to attack.

A new report from password manager company Dashlane, created in conjunction with Datalands and based on a survey of 1,000 people, identifies four different employee personas, and the potential barriers these employees may cause to security culture.

Continue reading →

As more systems move to the cloud the threat landscape becomes more complex and detecting events that require urgent attention is more difficult.

Many businesses are turning to AI to help and threat detection specialist Vectra AI has released a new report focusing on the top 10 threat detections seen across Microsoft Azure AD and Office 365 environments.

Continue reading →

New research from Akamai Technologies reveals that financial services firms suffered 3.4 billion credential stuffing attacks in 2020, a 45 percent year-on-year increase.

The report also observed nearly 6.3 billion web application attacks in 2020, with more than 736 million targeting financial services -- an increase of 62 percent from 2019. Over the past three years (2018-2020), DDoS attacks against the financial services sector grew by 93 percent.

Continue reading →

Over the last 12 months, you certainly have heard about an increasingly complex and sophisticated barrage of cyber threats. However, if your business has a limited number of IT staff and resources, you may be questioning whether having comprehensive data protection is even possible. As we have seen, cyber-attacks are not only impacting larger enterprise organizations. They affect companies of all sizes, many of which can’t afford to build and manage a Security Operations Center (SOC) with technology and skilled security staff needed to detect and contain these attacks 24 hours a day.

It may feel daunting as a smaller organization, cybercriminals might have an inherent advantage. However, many small to midsize organizations are still relying solely on basic protection like anti-virus and firewalls. Just having these baseline protections is simply not enough, and you do not have the luxury of just ignoring the situation.

Continue reading →

Being able to find web vulnerabilities as soon as they emerge, before attackers can exploit them, is critical for organizations wanting to stay on top of web application security.

Saas security specialist Detectify is launching a new stand-alone application security tool that's specifically tailored for ethical hackers, making it easier for them to share their latest findings.

Continue reading →

Identity solutions provider GlobalSign today celebrates the significant milestone of 25 years as a Certificate Authority (CA).

The company has grown from just a few employees in 1996 to become one of the world's top CAs -- as well as the longest operating -- with over than 550 employees in more than a dozen countries.

Continue reading →

It's only a week since Microsoft stopped supporting some older versions of Windows 10 -- specifically the Home and Pro editions of Windows 10 versions 1803, 1809 and 1909 -- but it won't be long before the effects are felt.

While Windows 10 version 1809 reaching "end of servicing" means there will be no more official patches and updates from Microsoft, the operating system will not be left completely unsupported. For anyone unwilling or unable to upgrade to a more recent build of Windows 10, micro-patch service 0patch has stepped up to the plate to lend a hand.

Continue reading →

A new technology agnostic and fully customizable security operating system that consolidates an organization's entire technology stack into a single pane of glass is being launched by managed security services company Nuspire.

Called myNuspire, it will give CISOs and security analysts a clear picture into the security program and posture of their organizations in real-time, together with on-demand threat intelligence capabilities.

Continue reading →

A survey of 300 security leaders in the US by Scale Venture Partners shows 94 percent say that C-level executives have a better understanding of cybersecurity risks than a year ago.

This is probably due to the twin impacts of the pandemic and the SolarWinds attack. Half say they will increase security budgets to address the impact of SolarWinds, while 40 percent have increased their cyber headcount during the pandemic.

Continue reading →

The death of the password has been predicted for a long time, yet it remains the most common way of logging into systems.

Identity management company Beyond Identity is looking to solve what is one of the biggest challenges in IT security and aims to re-establish trust in authentication chains by finally eliminating passwords as the weakest link.

Continue reading →

The core of the Internet is getting weaker as we connect ever more of our lives -- phones, tablets, cars, refrigerators -- to it. Meanwhile, the attacks are getting stronger.

Cybercrime is a global pandemic. Cybersecurity is mainstream today because we’ve seen the repercussions personally, professionally and financially from not keeping our corporate and customer data secure.

Continue reading →

There are many things to consider when it comes to making systems secure, but one thing that is often overlooked is the human angle.

George Finney, CISO, CEO and founder of Well Aware Security believes that cybersecurity is a people problem first and foremost -- people are the ones who write and employ processes and people are the ones who create and use technology. No surprise then that people are behind some 95 percent of cybersecurity incidents.

Continue reading →

A new study shows that 81 percent of development teams have knowingly pushed vulnerable code live, with 20 percent of senior managers even admitting to doing so often.

The report from Immersive Labs based on work by Osterman Research shows low confidence in application security in general, with only half of CISOs believing secure applications could be developed and just 44 percent of all security teams believing their company could withstand a SolarWinds style attack on their build environment.

Continue reading →

The transition to agile development, the rise of microservices, and an increased reliance on cloud services for business operations due to the pandemic have all contributed to an explosion in software development and a dramatic reduction in software delivery time.

But as the speed and complexity of application development skyrockets, application security professionals increasingly find themselves unable to keep up. Silicon Valley startup ArmorCode has produced a next-generation application security solution that consolidates three key AppSec needs into a single intelligent platform and it's raised $3 million in seed financing to develop it further.

Continue reading →

One of the problems the finance and banking sector has had during the pandemic has been reduced branch access and the inability to hold face-to-face meetings.

Identity specialist OneSpan has introduced a technology called Virtual Room. Using this, financial institutions and their customers can digitally review and sign documents together without having to combine multiple tools and apps.

Continue reading →