Ian Barker

Smaller businesses are having to do more with less in terms of security, a situation made worse by the coronavirus pandemic.

The annual SMB IT Security Report from Untangle shows that 38 percent of SMBs are allocating $1,000 or less to their IT security budget, compared to 29 percent in 2019 and 27 percent in 2018.

Continue reading →

The shortcomings of password security are well known. Indeed the death of passwords has been predicted for a long time but they still cling on.

There are a number of alternative authentication methods available, but confusion still reigns about the pros and cons of different approaches. To help cut through the mass of information, identity management company Beyond Identity has put together an infographic looking at alternative authentication methods and the security each provides.

Continue reading →

Concern about deepfakes is on the rise and earlier this week Microsoft announced its own video authentication tool ahead of the US elections.

To help counter the threat from increasingly sophisticated cyber attacks, including the use of deepfakes, biometric authentication company iProov is also launching its own Security Operations Centre (iSOC).

Continue reading →

Cybercriminals in 2019 managed to expose more than 165 million records of confidential data across 1,365 known breaches.

But how do they get in, how long do they stay and what are they there for? The answers to these questions are in the 2020 Compromise Flashcard produced by compromise assessment company Lumu.

Continue reading →

During the pandemic, video conferencing app Zoom found itself at the center of several security and privacy issues. In response it has boosted its security program, including aggregating reports from Bugcrowd.

But what's driving organizations like Zoom choose crowdsourced security approaches? We spoke to Ashish Gupta, CEO of Bugcrowd to find out.

Continue reading →

New research finds that 33 percent of companies within the digital supply chain expose common network services such as data storage, remote access and network administration to the internet.

The study from RiskRecon and the Cyentia Institute also finds that organizations that expose unsafe services to the internet exhibit more critical security findings.

Continue reading →

A new survey from Bitglass reveals that 61 percent of organizations reported at least one insider attack over the last 12 months, with 22 percent reporting at least six separate attacks.

With a whole range of changes happening at the moment securing against insider threats has become increasingly challenging. Most organizations say they can't guarantee that they can detect insider threats from personal devices (82 percent) or the cloud (50 percent), while 81 percent find it difficult to assess the impact of insider attacks.

Continue reading →

Analysis of over 557 million broadband speed tests worldwide has revealed that the UK now sits in 47th place, with an average speed of 37.82Mbps.

The research from Cable.co.uk puts the UK ahead of 174 countries, but behind 46 others, coming in behind 21 Western European countries. This puts the UK among the slowest in the region when it comes to average broadband speed, losing 13 places since the measurements were taken last year.

Continue reading →

As of September 1st, all publicly trusted TLS certificates must have a lifespan of 398 days or less -- roughly half the previous life.

According to security experts from Venafi, a provider of machine identity management, this latest change is an indication that machine identity lifetimes will continue to shrink.

Continue reading →

More than half of respondents to a new survey are either accelerating their cloud adoption timeline or moving forward as planned during the COVID-19 pandemic, and this number goes up to 59 percent among respondents considering VMware Cloud on AWS.

The study from multi-cloud data service provider Faction finds that among those organizations where COVID-19 has paused or canceled cloud adoption, the top factors cited are budget pressures (75 percent) along with staffing shortages and macro-economic uncertainty (each named by 41 percent of respondents).

Continue reading →

In yet another example of cybercriminals exploiting world events, the frequency of phishing threats has risen considerably since the start of the pandemic, with companies experiencing an average of 1,185 attacks every month.

New research from GreatHorn reveals that more than half (53 percent) of over 300 IT professionals surveyed by Cybersecurity Insiders say they had witnessed an increase in phishing activity since the start of the COVID-19 pandemic.

Continue reading →

DevOps has boosted the speed of development, but this very advantage can lead to problems and errors making their way through to production without being spotted.

California-based DeepFactor is launching a new Continuous Pre-Production Monitoring platform that combines security, performance and behavior monitoring into one solution that is completely integrated into the DevOps pipeline.

Continue reading →

Email has become the preferred communication medium for both businesses and individuals. But useful though it is it can be incredibly frustrating as our inboxes are clogged with spam, advertising and other unwanted material.

Step forward Edison Software, the company behind the Edison Mail app, which is launching its new OnMail service in public beta. Designed to help users control their mail, OnMail lets you choose what can enter your inbox, what mail address reflects your identity, and how your mailbox is structured. Anti-tracking technology is built in to stop invasive ad targeting efforts too.

Continue reading →

DevSecOps, the integration of security into DevOps processes, is in increasingly common use. Logging and log management play a critical role in helping to put DevSecOps principles into practice by ensuring that developers, IT operations staff, and security teams have the visibility and communication pipelines they need to prioritize security at all stages of the DevOps delivery cycle.

We spoke to Ryan Staatz, systems architect and head of DevOps at LogDNA to discuss how log management fits in the toolchain of technology and practices that create a successful DevSecOps initiative.

Continue reading →

Account takeover attacks and online fraud of all types have skyrocketed during the pandemic as consumers have shifted almost all of their most important transactions to digital channels.

We spoke to David Vergara, senior director of security product marketing anti-fraud and digital identity solutions company OneSpan, to discover more about the emerging technologies that banks are beginning to use in the fight against fraud, including artificial intelligence, real-time risk analytics and behavioral biometrics.

Continue reading →