Ian Barker

Last year saw almost 100 zero-day attacks, putting a strain on security teams and becoming known as the 'Hot Zero-Day Summer.'

In response to these attacks, the first instinct of many organizations has been to turn to automation. But Marc Rubbinaccio, manager, compliance at Secureframe, doesn't believe that this is the right approach. We spoke to him to find out more.

Continue reading →

New analysis of system crashes shows that, without preventative IT in place, one in every 200 devices falls victim to the dreaded blue screen of death (BSOD) per day, even under 'good' operating conditions.

The research from Nexthink shows the recent CrowdStrike outage pushed the number as high as one in 10.

Continue reading →

Almost one in 10 decision-makers in both the UK (eight percent) and US (seven percent) are planning to spend over $25 million on AI this year.

A survey from Searce, of 300 C-Suite and senior technology executives at organizations with more than $500 million, finds that for US decision-makers, data privacy and security are ranked as the number one hurdle to adopting AI (20 percent), whereas UK decision-makers rank lack of qualified talent as their number one challenge (19 percent).

Continue reading →

CISOs are under the microscope to prove they can reduce vulnerabilities in the software development life cycle -- particularly, that they can do so from the start of code creation. As such, CISOs are searching for the most effective way to ensure the security awareness of their developers before they take on the responsibility of writing and introducing code.

Secure Code Warrior's co-founder and CTO, Matias Madou, believes that a 'gatekeeping' standard -- where developers are incrementally given access to more sensitive projects -- is the key to building a strong foundation for secure coding processes.

Continue reading →

A new study reveals that 93 percent of enterprise platform teams face persistent challenges with cloud costs, Kubernetes complexity and developer productivity.

The research from Rafay Systems shows that despite the widespread adoption of platform teams within IT organizations, survey respondents across the board confirm that these teams often are stretched to their limits managing complex multi-cluster Kubernetes and cloud environments.

Continue reading →

Governments, particularly those with a more authoritarian bent, really aren't keen on social media as it threatens their ability to control the narrative.

They especially don't like X since Elon Musk's takeover and stated commitment to free speech. In Venezuela the government recently banned the platform for 10 days. Even in the UK fingers have been pointed at the influence of social media following recent riots.

Continue reading →

Deepfakes are becoming more and more sophisticated, earlier this year a finance worker in Hong Kong was tricked out of millions following a deepfake call.

With the deepfake fast becoming a weapon of choice for cybercriminals, we spoke to Bridget Pruzin, senior manager -- compliance and risk investigations and analysis at Convera, to learn why she believes a 'Swiss cheese' approach, layering controls like unique on-call verification steps and involving in-person verification, is crucial to effectively defend against these scams.

Continue reading →

The world's critical national infrastructure remains on high alert. The National Cyber Security Centre in the UK and agencies in the US, Australia, Canada and New Zealand have all detailed how threat actors have been exploiting native tools and processes built into computer systems to gain persistent access and avoid detection.

We spoke to Chase Richardson, lead principal for cybersecurity and data privacy at Bridewell to discuss the critical trends and emerging dangers that cyber teams need to continue to watch out for?

Continue reading →

New research suggests that managed service providers (MSPs), which have historically expected to manage IT infrastructure for their customers, are increasingly expected to protect this infrastructure too.

The study from CyberSmart of 250 senior leaders at UK-based MSPs, finds that 65 percent of MSP customers now expect their provider to manage either their cybersecurity infrastructure or both their cybersecurity and IT infrastructure.

Continue reading →

Recent attacks have highlighted the vulnerability of industrial control systems to attack and a new report has found 18,000 exposed devices that are likely used to control industrial systems.

The report, from internet intelligence platform Censys, focuses on ICS devices in the US and UK and also finds that almost 50 percent of the human-machine interfaces associated with water and wastewater systems (WWS) identified could be manipulated without any authentication required.

Continue reading →

While CISOs are often responsible for technology implementation, they are not getting the support they need at a strategic level according to a new report.

The study from LevelBlue looks at the dynamics among enterprise C-suite executives to better understand issues that prevent risk reduction, stall or complicate compliance, and create barriers to cyber resilience.

Continue reading →

A new report from Pure Storage finds that the emergence of AI is a key avenue for innovation, but infrastructure issues, talent shortages and energy costs are holding back progress.

Based on a survey of 1,500 global respondents carried out by Vanson Bourne the report finds that although CIOs and other senior IT leaders face significant economic pressures, driving innovation remains imperative for enterprises.

Continue reading →

While digital certificates are an essential part of day-to-day security they also present challenges. They can expire or be revoked, or even forged.

We spoke to Bert Kashyap, CEO of passwordless security platform SecureW2, to learn more about certificate-related vulnerabilities and what IT and security teams can do to deal with them effectively.

Continue reading →

Ransomware groups continue to refine their craft, building and scaling business models that resemble legitimate corporate enterprises according to a new report.

The latest Ransomware Radar Report from Rapid7 finds smaller organizations are becoming a more frequent target too. Companies with annual revenues around $5 million are falling victim to ransomware twice as often as those in the $30-50 million range and five times more frequently than those with a $100 million revenue.

Continue reading →

Phishing remains a significant threat to organizations. A new report from Darktrace shows 17.8 million phishing emails detected across its customer fleet between December 21, 2023, and July 5, 2024. Alarmingly, 62 percent of these emails successfully bypassed DMARC checks.

Cybercriminals are embracing more sophisticated tactics, techniques and procedures designed to evade traditional security parameters.

Continue reading →