Articles about Shadow IT

New research from HP Wolf Security finds that 80 percent of IT leaders are concerned about their capacity to respond to firmware attacks.

The study shows that 67 percent of IT leaders say protecting against, detecting, and recovering from firmware attacks has become more difficult and time-consuming due to the increase in home working, with 64 percent saying the same of analyzing the security of firmware configuration.

Continue reading →

Shadow IT applications acquired without the knowledge of the IT department present problems for businesses as they can create security holes or may not be compliant with industry standards.

The problem isn't going to go away. Gartner reports that shadow IT spending represents 30 percent to 40 percent of the overall IT outlay in large enterprises.

Continue reading →

New phishing sites are launched on a regular basis, even back in 2017 1.4 million were launching every month according to Webroot, and most of them exist for less than 24 hours.

This makes it hard for security teams to pre-empt attacks, but email and brand protection company Red Sift has come up with an answer in the launch of a new platform that proactively uncovers impersonation domains and takes them down before they can be exploited.

Continue reading →

A new study shows that 69 percent of tech executives believe shadow IT is a top security concern related to SaaS adoption.

The report from automated SaaS management platform Torii reveals 41 percent of executives say challenges with SaaS spend visibility and optimization have impacted the way their organization operates.

Continue reading →

A new report from HP Wolf Security looks at how hybrid work is changing user behavior and creating a 'perfect storm' of cybersecurity challenges for IT departments.

The research shows that a growing number of users are buying and connecting unsanctioned devices without the IT team's approval. It also highlights that threat levels are rising, with attackers increasingly successful at bypassing defenses and tricking users into initiating attacks through phishing.

Continue reading →

Digital risk protection platform CybelAngel has updated its offering to include asset discovery and monitoring in order to help businesses identify hidden risks.

It can uncover hidden, rogue or obscure devices and services existing outside of the security team's awareness and control. These shadow assets include file servers, cloud databases, connected industrial systems and IoT devices.

Continue reading →

"May you live in interesting times!" This is one of the expressions that has received a lot of airtime in recent months. Clearly as a society we weren’t prepared for a pandemic and all the collateral impact that has resulted. But spare a thought for the IT and security teams that have recently dealt with perhaps the "most interesting" times. Everything they knew and trusted about their environment changed overnight. Think: remote workers, new insider threats and challenges associated with shadow IT.

To be fair, shadow IT was already a problem before the pandemic; our research shows the typical organization is aware of less than 50 percent of the digital assets that exist in their environment. However, in their race to ensure access to data and systems needed while sheltering in place, many end-users (inadvertently perhaps?) added significantly to the shadow IT problem. All of this is occurring as attacks have escalated with adversaries trying to take advantage of the chaos. So, what’s a security team to do about it?

Continue reading →