Cyber workforce size stalls despite skills shortages
New research from ISC2 shows that growth of the global cyber workforce has stalled at 5.5 million, but an estimated 10.2 million professionals are needed to effectively secure organizations.
This 4.8 million gap represents a 19 percent year-on-year increase. The survey of almost 16,000 cybersecurity practitioners and decision-makers globally shows that for the first time, participants cite 'lack of budget' as the top cause of their staffing shortages.
Want a 75 percent chance of breaking your app? Install a security patch
New research released from Endor Labs finds that security patches have a 75 percent chance of breaking an application.
It also shows that 69 percent of vulnerability advisories are published after a patch has been released, with a median delay of 25 days between public patch availability and advisory publication, increasing the window of opportunity for attackers to exploit vulnerable systems.
Navigating AI challenges in the enterprise [Q&A]
As more businesses turn to AI, they face a number of challenges around integrating it effectively and obtaining the best value while still ensuring that their data remains secure. It's also important that they select the right AI provider for their needs.
We spoke to Naren Narendran, chief scientist at database specialist Aerospike, to discuss the strategic considerations and concerns enterprises face as they incorporate AI into their operations.
Druva launches natural language tool to help cybersecurity investigations
When investigating an incident to contain and remediate a threat, security teams need to understand complex attack patterns, such as malware gestation, score, and sprawl -- the answers to which all lie in the data and systems.
To help with this process Druva is releasing Dru Investigate, a GenAI-powered tool that guides data security investigations using a natural language interface.
Attacks related to non-human identities increase
New data shows that one in five organizations has experienced a security incident related to non-human identities; and only 15 percent remain confident in their ability to secure them.
A report from the Cloud Security Alliance (CSA), and Astrix Security reveals that there is a growing recognition of the importance of investing in NHI security with a quarter of organizations already investing in these capabilities and an additional 60 percent planning to within the next twelve months.
Ransomware poses a threat to education
As we begin a new school year, a survey of 250 IT leaders from educational institutions in the US and UK highlights the potential damage from cyberattacks on schools.
The study from Action1 shows 20 percent of respondents believe that the current level of support from their school board is insufficient, with a high risk of significant impact on education quality due to ransomware.
Cybersecurity qualification adds new quantum and AI modules
The Chartered Institute of Information Security (CIISec) is announcing the addition of artificial intelligence (AI) and quantum computing modules to its CyberEPQ qualification for all students from September 2024 onwards.
Available to any student over the age of 14 in the UK, the CyberEPQ (Extended Project Qualification) is aimed at bringing new and diverse talent into the industry, representing an ideal stepping stone into a cybersecurity career.
UK government announces new plans to protect data centers
Data centers powering the UK economy will be designated as Critical National Infrastructure alongside energy and water systems under new government plans.
This is the first Critical National Infrastructure (CNI) designation in almost a decade, since the space and defense sectors gained the same status in 2015.
Nord Security launches eSIM for businesses
You probably already know about how eSIMs work and their advantages when travelling to different countries.
Of course this functionality is useful for businesses as well as individuals and Nord Security -- the company behind NordVPN -- is launching a new version of its Saily eSIM service aimed specifically at business users.
How did you do that? Almost half of businesses don't understand employee working habits
A new survey of 400 senior US and UK IT decision makers (ITDMs) finds 45 percent of organizations do not conduct any employee journey mapping, leaving them in the dark about how employees complete their work and what digital friction they face.
The study from Scalable Software finds the majority of ITDMs believe they have sufficient data on the digital employee experience (DEX). 92 percent of ITDMs say they have enough insight into the configuration, stability and performance of endpoints and applications to optimize DEX.
How to overcome today's intelligence challenges to uncover the threats that matter [Q&A]
Threat intelligence is critical to protection efforts, but businesses often struggle with effective management and correlation of this data to help prioritize their efforts.
We spoke to Richard Struse, chief technology officer and co-founder of Tidal Cyber, to discuss the challenges presented when organizations scramble to update systems that aren’t actually vulnerable or stop threats that would essentially have no impact on their business.
Only 37 percent of organizations are prepared for AI
A new survey finds that while 94 percent of business leaders say AI is a top C-suite priority and 91 percent agree it provides a competitive advantage, only 37 percent are fully prepared to implement AI projects now.
The study from Riverbed of 1,200 decision makers globally finds that currently 54 percent of leaders say the primary reason for using AI is to drive operational efficiencies over growth (46 percent), however, by 2027 58 percent of organizations expect AI will primarily be a growth driver.
Remote access tools leave OT systems at risk of attack
Remote access tools are creating cybersecurity risks and operational burdens for operational technology (OT) systems, according to a new report.
The study, from the Claroty Team82 threat research team, using data from more than 50,000 remote-access-enabled devices shows that the volume of remote access tools deployed is excessive, with 55 percent of organizations having four or more and 33 percent having six or more.
Free tool for service providers helps identify security and compliance gaps
Compliance automation software company Secureframe has launched its free Gap Assessment Tool to help service partners including MSPs, MSSPs, vCISOs, and IT security consultants identify gaps in security posture or compliance status.
It's designed to address a common challenge faced by IT service providers -- uncovering areas of non-compliance and potential risk while demonstrating value to clients.
Platform engineering hampered by development needs
Many organizations rely on platform engineering to introduce automation, self-service capabilities, and streamlined workflows into software development.
But a new report from Forrester for digital experience specialist the Qt Group finds that 63 percent of embedded software from organizations with a platform engineering strategy is still created using custom, ad hoc solutions.