Ian Barker

The past year has created an unprecedented shift, with businesses scrabbling to implement technologies to allow large numbers of staff to work remotely.

It seems likely that as we emerge from the pandemic a large proportion of this shift will become permanent. So, what can companies do to adapt their IT to this 'new normal' and ensure access to essential systems while maintaining security and compliance standards?

Continue reading →

Data breaches have almost become a fact of everyday life, but there are still some that have greater impact than others.

Software company Intact has carried out an analysis of publicly available data to see which companies have suffered the most large-scale data breaches (involving more than 30,000 records or more) over the last 16 years.

Continue reading →

Cloud misconfigurations are one of the major causes of data breaches and the problem has become worse thanks to the dash for remote working.

While cloud is undoubtedly the right choice for businesses looking to expand their infrastructure to keep pace with DevOps demands and embrace support for remote working, many enterprises are falling short of providing adequate Cloud Security Posture Management (CSPM).

Continue reading →

CISOs are facing a battle to secure their organizations against an increasing volume of attacks by well-armed criminals and are facing a rising ‘security debt’ in doing so.

But a new report from cyber security provider F-Secure in conjunction with Omnisperience finds security teams are turning away increasing volume of attacks and preventing more of them from becoming breaches or compromises.

Continue reading →

Non-profit organization the Linux Foundation today announces Linux Foundation Research, a new division that will broaden the understanding of open source projects, ecosystem dynamics, and impact.

Through a series of research projects and related content, Linux Foundation Research will make use of the Foundation's vast repository of data, tools, and communities and apply quantitative and qualitative techniques to create an unprecedented knowledge network to benefit the global open source community, academia, and industry.

Continue reading →

Human-operated cyberattacks use effective techniques to gain a beachhead within an organization, blending in with normal user behavior to help them go undetected.

Active defense specialist Illusive is launching a new endpoint security offering integrated with Microsoft Defender that provides complete detection coverage and faster ability to contain human-operated attack campaigns.

Continue reading →

Digital transformation is sometimes seen as a panacea, providing visibility into the planning process, aligning software development with the business and delivering better outcomes.

But in a new study from Digital.ai more than half of businesses report issues providing that visibility and alignment, which calls into question long term success of today’s digital transformation initiatives.

Continue reading →

A new report from cloud business management company Sage reveals that 52 percent of companies say they have accelerated digital transformation plans by three years or more due to the demands of lockdown.

The study of more than 1000 finance leaders across US small and mid-size businesses also shows a growing confidence that they will return to pre-pandemic revenue levels by the end of 2021.

Continue reading →

New data from Imperva Research Labs sees the highest percentage of bad bot traffic (25.6 percent) since the company began reporting traffic in 2014.

At the same time traffic from humans fell by 5.7 percent. More than 40 percent of all web traffic requests originated from a bot last year, suggesting the growing scale and widespread impact of bots in daily life.

Continue reading →

While spending on cloud services is high with over half of respondents to a new survey spending $10 million or more, 32 percent say they are doing less than they need to, or nothing at all, to ensure the security of their cloud resources.

The study carried out by Osterman Research for Sonrai Security finds respondents have an average of 7,750 identities with access to sensitive cloud data. Overpriviledged identities are ranked a high risk by 41 percent of respondents, just below bad actors/cybercriminals at 46 percent.

Continue reading →

The latest Mandiant M-Trends report from intelligence-led security company FireEye finds that businesses are getting better at dealing with cyber intrusions.

The median dwell time -- the time between the start of a cyber intrusion and when it’s identified -- has come down from over a year in 2011 to just 24 days in 2020 and has more than halved from 2019's median dwell time of 56 days.

Continue reading →

Every dog has its day as the saying goes and it's increasingly the case that every aspect of information technology has one too -- a day that is, not a dog.

Today is Identity Management Day, created by the The National Cybersecurity Alliance and the Identity Defined Security Alliance. It's the first one so you can forgive the lack of greetings cards and themed balloons in the shops but there is plenty of industry comment.

Continue reading →

As more and more data moves outside the network perimeter into SaaS applications, this can become a blind spot for security teams trying to control access.

To address the issue DoControl is launching a fully automated SaaS data access platform, providing data access monitoring, orchestration, and remediation across major SaaS apps, including Google Drive, Box, Microsoft OneDrive, Salesforce, and others.

Continue reading →

Traditional cybersecurity solutions throw up lots of information, making it hard for businesses to identify the threats that they should be prioritizing.

To help security teams focus on the issues that matter most, Randori is launching a 'Target Temptation Engine' that aims to offer defenders the attacker's perspective.

Continue reading →

In early March, Microsoft disclosed that Chinese hackers had exploited software vulnerabilities in Microsoft Exchange on-premises servers to gain access to the email accounts of thousands of Microsoft customers.

While these companies are now laser-focused on deploying patches and other security measures to remediate the vulnerabilities in their email software, Josh Douglas, VP of product management -- threat intelligence at Mimecast, believes these technical fixes will only go so far.

Continue reading →