Ian Barker

UK businesses are spending £1.59 million and 24 person-years annually on processing data subject access requests in compliance with Article 15 of GDPR, according to a new study commissioned by privacy specialist Guardum.

Data Subject Access Requests (DSARs) require data controllers to provide data subjects with a copy of their personal data within 30 days, or risk a fine of €20 million or four percent of turnover.

Continue reading →

More than half of companies questioned in a new survey are spending 40 percent or more of their IT security budgets on compliance.

The research from Coalfire, a provider of cybersecurity advisory and assessment services, in conjunction with consulting firm Omida, also reveals that nearly 60 percent of companies view compliance as a barrier to enter new markets and prepare news services to meet compliance requirements.

Continue reading →

Distributed cloud service company Volterra is launching a new service to encrypt and share public data without the need for passwords and public keys.

VoltShare is available as downloadable software (or an API and SDK) that operates locally on a PC or mobile device to easily encrypt sensitive data for sharing with target recipients through email or via existing collaboration platforms such as Slack, Teams and Dropbox.

Continue reading →

According to a new survey, 79 percent of organizations have experienced an identity-related breach in the last two years, while 94 percent report having had one at some point.

The study from the The Identity Defined Security Alliance (IDSA), based on a survey of over 500 IT security and identity decision makers conducted by Dimensional Research, finds that 66 percent say phishing is the most common cause of identity-related breaches, while 99 percent believe their breaches were preventable.

Continue reading →

It's not uncommon for enterprises to use a number of different analytics and operations tools as part of their security posture.

Managing these different tools as part of an overall policy, though, can be difficult. Pulse Secure is launching a new suite of secure access solutions for hybrid IT that provides organizations with a simplified, modular and integrated approach to modernize their access productivity, management and control.

Continue reading →

The idea that organizations should have a trusted internal network and an untrusted external one is rapidly giving way to a posture of zero trust across the board.

A new survey of 500 IT security leaders by identity specialist Okta finds a massive 275 percent year-on-year growth in the number of North American organizations that have or plan to have a defined zero trust initiative on the books in the next 12-18 months.

Continue reading →

The first quarter of this year has seen a massive growth in phishing and counterfeit pages, with around a third of them related to COVID-19.

A new report from fraud prevention company Bolster shows that it detected 854,441 confirmed phishing and counterfeit pages and four million suspicious pages, with more than a quarter of a million devoted to COVID-19.

Continue reading →

New research released today from Sepio Systems, a rogue device mitigation firm, reveals a 42 percent jump in the number of devices connected to corporate networks, compared with the pre-COVID-19 period.

Not only has the number of connected devices increased, there are also almost three times the number of different device vendors. This means many unbranded or budget makes of equipment being used that are not commonly found in the enterprise environment.

Continue reading →

We've seen lots of companies making their products available free during the current crisis. AOMEI has already made its backup tool available free for a year.

It's now added to that by making the full version of its cloud management tool MultCloud available free for three months.

Continue reading →

While high profile attacks like phishing scams targeting stimulus payments make the headlines, a new report shows they are actually on the decline.

The annual security report from website security specialist SiteLock finds that quiet attack methods, like backdoor files, are more favored among hackers as they become increasingly sophisticated and turn to methods that can go undetected and deliver the biggest payout.

Continue reading →

If you fancy using your increased time at home to learn some new skills but haven't got around to it yet, you are about to run out of excuses.

This Wednesday, May 13th, sees the launch of Codeacademy's Learn From Home Day a set of interactive classes on a range of different topics, organized in partnership with other enterprises. From 10:45 am to 5:45 pm ET there will be a choice of sessions covering subjects as diverse as coding, drawing, cooking, parenting and more.

Continue reading →

Researchers at email protection company Armorblox have uncovered a targeted email phishing attack designed to get past Microsoft 365 security.

The attack is a variant of 'PerSwaysion', a recent spate of credential phishing attacks that utilize compromised accounts and leverage Microsoft file-sharing services to lull victims into a false sense of security.

Continue reading →

The total number of publicly reported breaches in Q1 2020 has decreased by 58 percent compared to the same period last year according to a new report from Risk Based Security.

Despite the number of breaches being down though, the number of records exposed for this quarter soared to 8.4 billion -- a 273 percent increase compared to Q1 2019, and a record for the same period since at least 2005, when detailed reporting began.

Continue reading →

Social engineering is one of the most common approaches taken by cybercriminals in order to steal data or get users to install malware.

But a new generation of payload-less attacks is now starting to emerge. How can businesses protect themselves from these threats? We spoke to Evan Reiser, CEO and co-founder of email security specialist Abnormal Security to find out.

Continue reading →

Santander, the fifth largest bank in Europe and the 16th largest in the world, has been leaking sensitive company data due to a misconfiguration on one of its websites.

Security analysts at CyberNews discovered that Santander's Belgian branch, Santander Consumer Bank, had a misconfiguration in its blog domain that allowed for its files to be indexed.

Continue reading →