The biggest threat to online safety is poor cyber security, according to Ciaran Martin, CEO of the National Cyber Security Centre (NCSC). “We have got to get away from fear-based cyber security as ...

Doing security right is cheaper than trying to recover from a data breach — and the stakes keep getting higher. Recent moves by the courts indicate that organizations are expected to take adequate ...

Many organizations lag in patching high-severity vulnerabilities, according to a new study that reveals more than 50% of servers scanned have a weak security posture weeks and months after a security ...

Azure migrations are almost always treated as infrastructure projects first, and security projects second. Why do we say this? Teams focus on uptime, ...

Nearly every application has at least one vulnerability or misconfiguration that affects security and a quarter of application tests found a highly or critically severe vulnerability, a new study ...

Supply chains are only as strong as their weakest link. According to research from the Ponemon Institute and Mastercard’s RiskRecon, as cited by VentureBeat, 59% of data breaches happen via ...

Organizations invest time and money into staying safe from cyber threats, so it's critical they can measure how well their cybersecurity investments are paying off. Take password policies. Every ...

Cyber actors routinely exploit poor security configurations (either misconfigured or left unsecured), weak controls, and other poor cyber hygiene practices to gain initial access or as part of other ...

Former WhatsApp security head Attaullah Baig sued Meta, alleging securities fraud and retaliation. He claims WhatsApp violated a 2020 FTC privacy order with weak data security, broad engineer access ...

In brief: Even though EV charging networks are becoming critical infrastructure, many are still secured like consumer IoT gadgets. New research suggests weak authentication and predictable identifiers ...

A security researcher who decompiled the White House's new mobile app says it contains hidden GPS-tracking capabilities, weak security protections, and code loaded from an outside GitHub page, raising ...

Organizations recognize the cybersecurity risks posed by their end-users, so they invest in security and awareness training programs to help improve security and mitigate risks. However, cybersecurity ...