Should You Trust Cybersecurity Certifications?
There’s a major discrepancy between the number of organizations that are investing in cybersecurity certification programs and the number that feel prepared for an attack, according to an Immersive Labs report. While almost all organizations encourage industry certifications, fewer than a third (32%) of the 570 senior security and risk ... Read More
Dark Web Threats Target Energy Industry as Cybercrime Tactics Shift
The energy industry is increasingly targeted by malicious actors and threat groups through activity on the dark web, according to a report from Searchlight Cyber, which detailed numerous instances of threat actors selling initial access to energy organizations around the world. These include targets in the U.S., Canada, United Kingdom, France, Italy ... Read More
Cyberinsurance Prices Moderate as Premium Hikes Slow
Two reports focused on the cyberinsurance market found prices continued to moderate in the first quarter of 2023, according to the Global Insurance Market Index from Marsh. Average price increases rose by just 11% compared with 28% increases during the fourth quarter of 2022. A Fitch Ratings report found a decline ... Read More
Legacy AppSec Tools Getting Lost in the Cloud
As the pace of application development accelerates, IT and security teams are losing faith in old application security (AppSec) tools. Legacy tools can’t keep up and are stuck in a perpetual game of catch-up, according to a Backslash survey of 300 CISOs, AppSec managers and engineers. The impact is far-reaching, ... Read More
Consumers Wary of Biometric Security
Early releases of identity verification and facial recognition technology have failed to deliver on the promise of trustworthy digital identification and have damaged the reputation of biometric security tech, according to an Incode report. The global survey of 1,000 respondents found close to half (48%) indicated they consider digital authentication ... Read More
Phishing Attacks Shift to IT, Online Services-Related Campaigns
More IT and online services-related email subjects are being used as a phishing lure, as phishing emails continue to be one of the most common methods to perpetuate malicious attacks on organizations worldwide. These were among the key findings of KnowBe4’s latest phishing report, which also found tax-related email subjects ... Read More
Phishing Attacks Target BYOD Through Private Messaging Apps
Employees’ personal devices pose a threat to organizations as bring-your-own-device (BYOD) policies cause security headaches for IT professionals, according to a SlashNext survey of 300 tech workers and employers. The study revealed 95% of security leaders said that phishing attacks via private messaging apps are an increasing concern and 43% ... Read More
NetOps, Security Pros Overwhelmed by Network Updates
Network operations and security professionals are overwhelmed by constant updates and need more support from leadership to keep network and security devices updated and backed up. These were among the key results of a BackBox survey conducted by Wakefield Research of 250 network operations and security professionals. The survey found ... Read More
Cloud Attack Surface Expands, Putting Pressure on Enterprise Security
Organizations are overwhelmed with devices and applications in their environment due to lack of management and control, and this expansion of the cloud-based attack surface threatens to overwhelm enterprise IT security. Findings from JupiterOne’s State of Cyber Assets Report (SCAR) revealed digital assets increased by 133% year-over-year to an average ... Read More
LockBit Leads as Rampant Ransomware Activity Continues
Ransomware actors continue to focus their attacks on the manufacturing sector, and LockBit remains the most prolific threat group, according to the results of the GuidePoint Research and Intelligence Team’s (GRIT) Q1 2023 ransomware report. The study indicates ransomware activity rose by 25% compared to the fourth quarter of last ... Read More
