Ian Barker

Security analysts in US enterprises spend around a quarter of their time chasing false positives because security alerts or indicators of compromise (IOCs) are erroneous.

This is among the findings of research carried out by Exabeam and the Ponemon Institute which also shows that security teams must evaluate and respond to nearly 4,000 security alerts per week.

Continue reading →

A new study based on aggregated, anonymized data from millions of global users reveals that cloud services now account for 85 percent of all enterprise web traffic.

The report from cloud security company Netskope also reveals that heavy use of cloud services is often driven by multiple instances of cloud service usage across an organization.

Continue reading →

In the modern world it's vital for businesses to know what software they have, and where vulnerabilities lie. Flexera already assists IT and security teams to do this with its Software Vulnerability Manager, and it's now launching new modules to help address threats.

It's produced two new modules for SVM. The first of these is the Vendor Patch Module, which allows organizations to take advantage of insights and mitigate them more quickly, by using comprehensive patch coverage -- with more than 1,000 out-of-the-box patches. Additionally, the Vendor Patch Module delivers details to help companies more easily create over 1,000 additional patches.

Continue reading →

As we have seen in another report today, the financial sector remains a prime target for cybercriminals. Phishing attacks and credential stuffing are the two most common forms of attack used against the industry according to another report from Akamai.

In the six months between December 2018 and May 2019, nearly 200,000 phishing domains were discovered by the research and 50 percent of all unique organizations impacted are from the financial services sector.

Continue reading →

The finance industry is a prime target for cyberattacks and a new report from F-Secure shows that it's facing a wide range of threats that go far beyond traditional theft.

Attacks targeting banks, insurance companies, asset managers and similar organizations can range from common script-kiddies to organized criminals and state-sponsored actors. And these attackers have an equally diverse set of motivations for their actions, with many seeing the finance sector as a tempting target due to its importance in national economies.

Continue reading →

A new report reveals that 32 percent of businesses still have Windows XP installed on at least one device on their network and 79 percent of businesses are running Windows 7, which will reach its end of service in January 2020, on one or more devices.

The study from IT industry marketplace Spiceworks also shows many businesses are turning to next-generation security solutions like AI-powered threat intelligence and security-as-a-service to face security threats and vulnerabilities including outdated operating systems, limited use of encryption, and a lack of in-house security expertise.

Continue reading →

According to a new report, 53 percent of enterprise security leaders don't know if their security tools are working, despite massive spending.

The study carried out for continuous validation specialist AttackIQ by the Ponemon Institute shows companies surveyed are spending an average of $18.4 million annually on cybersecurity and 58 percent will be increasing their IT security budget by an average of 14 percent in the next year.

Continue reading →

Containerization has seen rapid adoption in recent years, but a new study from container security specialist StackRox reveals organizations struggling with security issues.

The report shows that while two-thirds of organizations have more than 10 percent of their applications containerized, 40 percent of them remain concerned that their container strategy doesn't adequately invest in security. Another 34 percent say that their strategy lacks sufficient detail.

Continue reading →

Security and compliance specialist Qualys is announcing today that it's making its Global IT Asset Discovery and Inventory app available to all businesses for free.

With the app users can automatically create a continuous, real-time inventory of known and unknown assets across a global IT footprint. The assets can be anything from on-premises, endpoints, multi-cloud, mobile, containers, OT and IoT.

Continue reading →

Working in a security operations center is stressful, so much so that 65 percent of analysts report having considered changing careers or quitting their jobs.

This is among the findings of a new study carried out by the Ponemon Institute for data analytics platform Devo Technology, which also finds that 49 percent say their SOC is not fully aligned with business needs.

Continue reading →

Facebook announced last month that it was launching its own Libra cryptocurrency. But the results of a new survey suggest that the social network is struggling to gain consumer trust in its system.

Messaging app Viber surveyed 2,000 people in the US and UK and finds that fewer than three percent of Americans and only 1.4 percent in the UK say they would be willing to try Libra for payments.

Continue reading →

Most small and medium businesses are seriously underestimating their vulnerability to cyberattacks according to a new study.

The report from password manager company Keeper Security shows that 66 percent don't think they will fall victim to an attack. But this confidence is contradicted by a study last year that showed 67 percent of SMBs had been attacked in the past year.

Continue reading →

The latest mid-year Cyber Attack Trends Report from Check Point shows mobile banking malware attacks are up 50 percent compared to the first half of 2018, while the number of organizations hit by cryptominers is down to 26 percent, from 41 percent last year.

Among the top banking malware variants are Ramnit (28 percent), a Trojan that steals banking credentials, FTP passwords, session cookies and personal data; Trickbot (21 percent), which first emerged in October 2016; and Ursnif (10 percent) a Trojan that targets the Windows platform.

Continue reading →

Email attacks are causing major problems for IT professionals, with over a third (38 percent) blaming them for increased stress at work.

A survey of 660 IT professionals by Barracuda Networks reveals that 38 percent also admit to worrying about email attacks outside of work hours and 16 percent have canceled personal plans due to email attacks.

Continue reading →

In the past three months 22 percent of businesses have suffered a data breach as a result of an email attack according to a new report.

The study released by email security platform GreatHorn spoke to more than 1,000 professionals to get a better understanding of the current state of enterprise email security.

Continue reading →