Ian Barker

A new multi-vector endpoint detection and response (EDR) solution from Qualys aims to reduce the risk of compromise with vulnerability management and patching all from a single agent.

Traditional EDR solutions still focus solely on endpoint activity to detect attacks and incorporate only MITRE ATT&CK techniques -- not tactics. This means security teams are forced to rely on additional tools to strengthen their risk management.

Continue reading →

A record 71 percent of organizations were impacted by successful ransomware attacks last year, according to the 2022 Cyberthreat Defense Report (CDR) from CyberEdge Group, up from 55 percent in 2017.

Of those that fell victim, almost two-thirds (63 percent) paid the requested ransom, up from 39 percent in 2017.

Continue reading →

Recent vulnerabilities like Log4j have highlighted how difficult it can be to manage risks and ensure that software patches are kept up to date.

We spoke to Rob Gurzeev, CEO of attack surface management specialist CyCognito, to discuss the challenges involved and how to deal with them.

Continue reading →

It's now over three months since the Log4Shell vulnerability, affecting the Log4j logging framework, first appeared.

But new research from Randori shows that it's still giving headaches to enterprises and identifies the top 10 attackable targets.

Continue reading →

With the COVID-19 pandemic and drive for digital transformation the shift to a new distributed workforce model continues at pace.

But this can also leave businesses vulnerable as attack vectors have become more sophisticated -- resulting in a continued shortage of security experts.

Continue reading →

Chances are if you're reading this you already work in the tech sector. If you don't then a new study suggests you might well want to.

The Great Resignation has been driven by a desire for change across industries and research from telecoms company BT shows that 69 percent of UK employees would consider a career change if given the opportunity, and 18 percent want to switch to tech.

Continue reading →

Canonical has announced the general availability of OpenStack Yoga on Ubuntu 22.04 Long Term Support (LTS) Beta and Ubuntu 20.04 LTS.

What does this mean? Yoga, the latest version of OpenStack, provides a foundation for next-generation, highly performant infrastructure as needed by telco NFV (Network Functions Visualization), media streaming, traffic analysis and high-performance computing (HPC) services.

Continue reading →

Today is World Backup Day, which is a good opportunity to remind you that you only have a couple of days left to get your hands on some free backup software courtesy of our AOMEI giveaway.

It's also an opportunity to look at the continued importance of backups even in the modern world of clouds and SaaS applications. A new report from Crucial highlights the ongoing cost of data breaches which has risen 9.8 percent from 2020 to 2021.

Continue reading →

A new study commissioned by Imperva from Forrester Research finds 58 percent of sensitive data security incidents are caused by insider threats.

And yet 31 percent of firms don't believe insiders are a substantial threat. Indeed only 37 percent of participants report having dedicated insider threat teams, and 70 percent of organizations in the EMEA region don't have a strategy for stopping insider threats.

Continue reading →

Credential phishing continues to be the top threat facing organizations, increasing 10 percentage points since 2020, accounting for 67 percent of all phishing emails now observed.

The latest Annual State of Phishing Report from Cofense also reveals that 52 percent of all credential phishing attempts observed by the Cofense Phishing Defense Center (PDC) were branded as Microsoft.

Continue reading →

Edge devices, including smart meters, smart home assistants, connected vehicles, and other IoT devices, rely primarily on the cloud for computing resource due to their small size and power limitations.

This means they need a constant data link to work effectively and that brings its own problems. Technology company Cognifiber has announced the development of a glass-based 'photonic chip' that has the potential to revolutionize edge computing.

Continue reading →

The latest annual AI Adoption in the Enterprise survey from O'Reilly finds that over the last two years the number of organizations with AI applications in production has remained steady at 26 percent.

However, many enterprises still lack AI governance. Among respondents with AI products in production, the number of those whose organizations have a governance plan in place to oversee how projects are created, measured, and observed (49 percent) is roughly the same as those that don't (51 percent).

Continue reading →

A new study carried out by the Ponemon Institute and sponsored by passwordless authentication platform company Nok Nok Labs, shows the significant costs to businesses that result from authentication failures and weaknesses.

According to the study, which surveyed 1,007 IT staff, IT security leaders, and line of business leaders, the average business losses across all types of authentication weaknesses range from $39 million to $42 million.

Continue reading →

Third-party cookies are already blocked by Firefox and Safari and will also be blocked by Google Chrome by the end of 2023. But new research from Twilio shows 81 percent of companies still rely on them, while 85 percent of consumers want brands to use only first-party data.

The change is likely to bring more issues for brands that rely on such cookies to identify and track visitors to their websites. More than half (55 percent) of companies say they are not fully prepared for a cookieless world, and 42 percent predict that the impending changes will lead to lower returns on their marketing spend.

Continue reading →

In the light of President Biden's new legislation requiring critical infrastructure organizations to disclose cyber incidents to the government within 72 hours, new research from BitSight shows how unprepared many are to meet the strict disclosure requirements.

Based on analysis of more than 12,000 publicly disclosed cyber incidents between 2019 and 2022, the research finds it takes the average organization 105 days to discover and disclose an incident from the date it occurred.

Continue reading →