16 Aug 2019

Network Deception Techniques Cut Dwell Times, Says Report

A new survey by Enterprise Management Associates (EMA) and Attivo Networks looks at how deception technology can improve the cyber defenses of organizations. It found that the majority of firms (55%) are using this technology. Around half of these firms rely on commercial solutions, 30% have developed their own solutions

Read More
15 Aug 2019

The changing face of DDoS attacks: Degraded performance instead of total takedown

Research by Neustar looks at the growing threat of small-scale DDoS attacks that are increasing in frequency and sophistication. 75% of the attacks that Neustar mitigated in Q2 of this year involved malicious traffic that reached no more than 5Gbps, and the number of attacks involving over 100 Gbps dropped

Read More
14 Aug 2019

Energy Department Never Blacklists Risky Nuclear Tech Vendors, GAO Says

Even though the US Secretary of Energy has the authority to ban nuclear tech vendors that “present a significant supply chain risk,” the Energy Department has not blacklisted a single risky vendor since it was granted this authority by Congress in 2013. An audit by the Government Accountability Office (GAO)

Read More
14 Aug 2019

Orgs Doing More App Security Testing but Fixing Fewer Vulns

A new study by WhiteHat Security shows that in 2018, US companies tested 20% more application for security vulnerabilities than in the year before, but they fixed only about half (50.7%) of critical flaws and 37% of high severity issues that were uncovered during dynamic application security tests (DAST). This

Read More
12 Aug 2019

Why remote workers are an underrated security risk for small businesses

A mere 4% of small businesses in the United States have fully adopted the cybersecurity best practices outlined by the US Small Business Administration (SBA), a new report by Nationwide found. Around 20% of small businesses in the survey did not train employees about cybersecurity at all. Most small business

Read More
08 Aug 2019

A Secure Network Is Not Enough, Cyber Wargames Show

A series of cyber war games organized by the US Defense department has revealed unexpected ways in which threat actors could sabotage military operations, even if military networks are well protected. The vulnerabilities stem from the military’s reliance on private contractors and civilian infrastructure. For instance, military operations could be

Read More
08 Aug 2019

Automation, visibility remain biggest issues for cybersecurity teams

A new survey by Fidelis Cybersecurity reveals that the majority of infosec professionals are very concerned about a lack of automation (57.43%) and of visibility (53.39%) in their organization. While 70% of respondents said that threat hunting is a necessity to address growing cyber threats, a majority of firms are

Read More
07 Aug 2019

Organizations are employing cyber-resilient strategies in new ways

A new Wipro study looks at the maturing cybersecurity strategies of companies across the globe. Around 20% of firms now have a CISO directly reporting to the CEO and 15% of firms spend more than 10% of their IT budget on security. In addition, almost two-thirds (65%) of firms are

Read More
07 Aug 2019

How to prevent the top 11 threats in cloud computing

The Cloud Security Alliance has released a new report listing the latest threats related to cloud computing that impact strategies for could adoption in businesses.   The top 11 new threats for cloud environments are: 1. Data breaches 2. Misconfiguration 3. Lack of security architecture and strategy 4. Poor access

Read More
02 Aug 2019

70 Percent of Organizations Will be Using Security-as-a-Service by 2021

Two in three firms are implementing Security-as-a-Service (SECaaS), or plan to do so in the next 12 months, a new Thycotic study shows. It projects that by 2021, SECaaS will have been adopted by over 70% of organizations. SECaaS can involve the use of security software provided by third-party firms,

Read More