Category: IT SECURITY GURU

DTX Europe 2023

DTX brings together creative minds, technical experts and the latest tools needed to drive change and generate value across today’s organisations. “Your Home of Digital Transformation” Covering cloud, networks and infrastructure; data, analytics and AI; software engineering and DevOps; and…

Understanding Changes in the OWASP API Security Top 10 List

The Open Web Application Security Project (OWASP),  a non-profit foundation devoted to web application security, recently released the 2023 OWASP API Security Top 10 list. The list aims to raise awareness about the most common API security risks plaguing organisations…

History’s Greatest Insider Threats

One of the most difficult problems for security professionals to grapple with is defending against dangers that come from within an organisation. Unfortunately, protecting against insider threats is often more complicated than traditional threat prevention. There are many different ways…

Cyber-attack hits the UK’s electoral registers

Confidence in the UK’s electoral authority has been cast into doubt following the revelation of a malicious cyber-attack that infiltrated the records of 40 million voters, remaining undetected for a year. Shockingly, this breach was not disclosed to the public…

Ransomware on manufacturing industry caused $46bn in losses

Between 2018 and 2023, 478 manufacturing companies have suffered a ransomware attack, leading to a loss of approximately $46.2 billion in downtime alone. Serious cyber incidents affecting manufacturing companies can lead to significant disruptions to production lines. As a result,…

Keeper empowers cybersecurity advocates with new Influencer Programme

Keeper Security has announced the launch of its groundbreaking Keeper Influencer Program. This unique initiative aims to collaborate with content creators from all social media platforms who are passionate about cybersecurity and eager to share their experiences using Keeper’s industry-leading password…

Cyber Mindfulness Corner Company Spotlight: DXC Technology

At the IT Security Guru we’re showcasing organisations that are doing great things for employee wellbeing! This week, Mike McDaniel, President of Modern Workplace at DXC Technology, tells the Gurus about how DXC Technology are revolutionising the virtual employee workplace…

MOVEit latest: US Government services provider Maximus hit

The MOVEit attack is constantly evolving and this week a new update has occurred. Maximus Inc., a US government services provider is the latest victim of the Clop ransomware gang’s exploitation of a critical vulnerability within Progress Software Corp.’s MOVEit…

Data Loss Prevention for Small and Medium-Sized Businesses

Hybrid work models and broadly adopted cloud technology disperse operations extensively; data is moved, stored, and accessed from highly distributed locations. Within such a disseminated environment, cybersecurity hygiene concerns businesses and organisations, especially nowadays, where highly skilled cybercriminals become more…

Norway government ministries hit by cyber attack

A recent cyber attack struck a significant blow to the Norwegian government, affecting a total of 12 government ministries. In response to this alarming situation, a crisis staff was promptly assembled. The government minister in charge of handling the response…

Dragos Accelerates Growth in Europe, Expands Leadership Team

Today, Dragos Inc., who provide cybersecurity protection for industrial controls systems (ICS) and operational technology (OT) environments, announced its deepening commitment to Europe to provide industrial and critical infrastructure organisations in the region with the Dragos Platform, threat intelligence, and services…

Lookout Announces Operations in Mainland China

Yesterday, Lookout, Inc. announced Lookout China Connect, an extension of the Lookout Cloud Security Platform operating in mainland China. Lookout China Connect simplifies connectivity for remote workers in mainland China without the complexity of a private network, all while complying with…

Security Serious Unsung Heroes Awards 2023 have launched

Eskenzi PR has today opened nominations for its eighth annual Security Serious Unsung Heroes Awards. The awards are all about celebrating the UK’s cybersecurity professionals, teachers, lecturers, leaders and those working to make the industry not only more secure, but…

HCA Healthcare Falls Victim to Data Security Incident

One of the largest healthcare providers in the US, HCA confirmed the breach on Monday 10 July. The data was taken from an external storage location exclusively used to automate the formatting of email messages. Taken from its statement, HCA…

Cato Networks Extends ZTNA to Protect Against Insider Threats

Cato Networks, provider of the world’s leading single-vendor SASE platform, addressed mounting security concerns posed by insider threats. Over the past two years, incidents related to insider threats have grown 44%, according to the Ponemon Institute,1 with the cost per…

Cyber Mindfulness Corner Company Spotlight: Exabeam

At the IT Security Guru we’re showcasing organisations that are doing great things for employee wellbeing! This week, Gianna Driver, Chief Human Resource Officer at Exabeam, tells the Gurus about how Exabeam are championing wellbeing support within the organisation. Driver…

Breaking it Down: What You Need to Know About Data Breaches

One of the most pressing cybersecurity concerns for organisations today is preventing the exfiltration of sensitive data. Even companies whose main focus is not digital or technological in nature have to manage, store, send, and receive considerable amounts of data…

Why Schools are Low-Hanging Fruit for Cybercriminals

Hackers are increasingly targeting schools as technology is being integrated more deeply into teaching. Educational institutions own many sensitive data, such as personnel and financial information, as well as intellectual property. Unfortunately, many schools lack adequate cybersecurity measures, making them…

Zombie API vs Shadow API: The Crashtest

The 1954 novel, “I Am Legend,” played a major role in the development of the modern zombie and vampire genre. As far as the main character, Robert Neville, knows, he’s the last survivor of the pandemic that turned everyone else…

CISO Speaks: Resilience and Avoiding Burnout

We talk a lot in security about ‘burnout’.  But we spend a lot less time talking about how to build resilient humans to minimise the risk of burnout… This feels like we have fallen into the same trap with western…

Digital-First Economy Has Transformed Role of CISO

A new global survey by Salt Security has found that a digital-first economy has introduced unforeseen risks for nearly 90% of CISOs. The findings were revealed earlier this week in a new “State of the CISO 2023” report. Conducted by…

Art = Human + Machine

From Jens-Peter Sjöberg, Lord of the Rings CGI artist and co-founder and Creative Director at Swedish video tech pioneers Phyron  As a creative and filmmaker, I’ve always been fascinated by the intersection of technology and art. Generative AI models such…

Armis Identifies Riskiest OT and ICS Devices across CNI

Armis has released new research identifying the riskiest devices that pose threats to critical infrastructure industries: manufacturing, utilities and transportation. Data analysed from the Armis Asset Intelligence and Security Platform, which tracks over three billion assets, found that the operational technology (OT) and…

Outpost24 Acquires EASM Provider Sweepatic

Cybersecurity risk management specialists Outpost24 have today announced the acquisition of Sweepatic. Based in Leuven, Belgium, Sweepatic is an innovative external attack surface management (EASM) platform. Gartner identified EASM as a top Security and Risk Management (SRM) trend for 2022.…

UK Organisations lack clear path to achieve threat intelligence

New research by Armis shows organisations in the U.K. are facing immediate cybersecurity challenges stemming from a heightened regulatory environment, staffing and recruitment difficulties and an expanded attack surface.  In this complex environment, threat intelligence has become the top priority on…

A Roadmap for Becoming a Penetration Tester in 2023

Few areas of cybersecurity measure up against penetration testing in terms of importance and excitement. This activity boils down to finding flaws in computer systems so that organizations can address them proactively and forestall real-world attacks. A pentester worth their…

Salt Security Attains AWS Security Competency Status

Today, Salt Security announced that it has achieved Amazon Web Services (AWS) Security Competency status in the Application Security category. Salt is the only API security company to have earned AWS Security Competency. Having this certification differentiates Salt as an…

New security model launched to eliminate 95% of cyber breaches

A new security model has been launched this week, dubbed Access Segmentation and Encryption Management (ASEM), which is being touted as the most comprehensive cybersecurity protection available today. The model, which is currently only available through MyCena Security Solutions, addresses…

Tips to Protect Against Holiday and Airline Scams

Summer holidays are fast approaching, and many of us are eagerly planning our vacations. Whether it’s a long-awaited reunion with loved ones, a leisurely exploration of a new destination, or simply an adventure in the making, booking a holiday is…

Using Tech For Good: Introducing The Zensory

“We know that there’s a problem within the cybersecurity industry when it comes to burnout – and it’s a problem that’s only getting worse.” That’s what Yvonne Eskenzi, Co-Founder of wellbeing and productivity app The Zensory, has noticed over the…

How to prevent against the 5 main types of insider threats

Over one in ten data breaches originate from a malicious insider, and they cost companies $4.18 million dollars per incident. And that’s only the malicious ones.   According to the 2023 Insider Threat Report by Cybersecurity Insiders, nearly three-fourths (74%) of…

Time Taken For Hackers to Crack Passwords Revealed

New Specops Software research has unearthed the length of time it takes modern attackers to brute force user passwords. Plain text password storage is rare in these modern times, requiring attackers to adopt password cracking methods to make use of…

Adarma Announces Management Expansion Amid Rapid Growth

Edinburgh-based Adarma, the leading independent specialist in detection and response services, welcomes three new leaders to its cybersecurity services delivery team. The appointments of Donna Goddard as Head of Security Engineering; Matthew Hmoud as Head of Security Consulting; and Richard…

International Cyber Expo 2023 – Registration is now OPEN

Registration for this year’s International Cyber Expo (ICE) on the 26th and 27th of September 2023 at London Olympia is now open. The award-winning security event will once again showcase an impressive line-up of talks, demonstrations, and senior-level roundtable discussions…

The Future is (Cyber) Mindful

In cybersecurity, a vulnerability is a weakness. It’s a bad thing. Defences must be strong, unbreakable, and hardened against threats 24/7. The same sentiment seems to extend to its professionals, whether we recognise it or not. As a result, a…

Discord Suffers Data Breach Through Compromised Third Party

Popular social media platform Discord has notified users it has suffered a data breach after a support agent’s account at a third party became compromised. A malicious individual then gained unauthorised access to the agent’s support queue, exposing user email…

Risk of cyber-attack “worry” for Eurovision contest

While there is no specific intelligence about an attacked planned for the weekend, experts from the UK’s National Cyber Security Centre have been drafted to help minimise the risk of sabotage. Broadcasters’ main worry suffering an attack from pro-Russian hackers…

Introducing the IT Security Guru’s brand-new cyber mindfulness corner: a peer-to-peer hub full of advice for battling burnout, mental health support resources, and the latest cyber-mindfulness related news. We aim to champion a more mindful industry, alongside professionals who share…

Why Should You Take IT Security Seriously?

The lax attitude to cyber security by a large percentage of internet users never fails to amaze and bamboozle IT security specialists. People seem to have a blasé attitude towards their online safety, probably because they do not believe anything…

Salt Security Achieves AWS WAF Ready Designation

Today, API security company Salt Security announced it is now an Amazon Web Service (AWS) Web Application Firewall (WAF) Ready Partner. This service helps customers discover Partner solutions validated by AWS Partner Network (APN) Solutions Architects that integrate with AWS…