Search

report

quantum

97% of UK businesses expect quantum computing to disrupt their sectors

Middle East News Desk /

A report published by EY revealed a significant number (97%) of UK business leaders expect quantum computing to disrupt their sectors to a high or moderate extent. The EY Quantum Readiness Survey 2022 contains the responses of 501 executive-level business leaders on a range of questions concerning the impact of quantum computing on UK businesses. It found that in the UK, nearly all (97%) of the executives surveyed expect quantum computing to disrupt their sectors to a high or moderate extent. Moreover, approximately half (48%) believe that quantum computing will reach sufficient maturity to play a significant role in the activities of most companies in their respective sectors by 2025. Yet, only one-third (33%) of the organizations have started strategic planning to prepare for the technology’s commercialization. Additionally, only 24% have organized pilot teams to explore its potential or are currently working to do so. If current trends persist, “quantum computing is likely to cause disruption sooner than many people think,” said Harvey Lewis, associate partner, client technology & innovation, Ernst & Young LLP, in a press release. “For some organisations, this will create enormous opportunities. For others, considerable risks,” he said. “Whether a business thrives or fails in the coming years will depend, we believe, on its overall readiness as determined by an array of commercial and technology-related factors, which we have measured through a combination of quantitative and qualitative research in this survey,” added Lewis. The view exactly as to when quantum computing will reach sufficient maturity to have an impact differs depending on the sector. The range of sectors already engaging in quantum computing is “remarkable,” said Dr Simon Plant, deputy director for innovation, National Quantum Computing Centre (NQCC). In the report’s foreword, Plant said that quantum technologies are just emerging, “but progress has been rapid over recent years.” He added that quantum technologies offer “the potential to unlock new, disruptive capabilities across computing, communications, sensing and more.” Other key findings: • 72% of technology, media and telecommunications (TMT) respondents say future cryptography-related tasks are their top priority for using quantum computing and related technologies • 56% of advanced manufacturing firms have begun strategic planning • 97% of organizations intend to conduct strategic planning in relation to the use of quantum computing within the next five years To read more exclusive features and latest news please see our latest issue here. Media contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com

97% of UK businesses expect quantum computing to disrupt their sectors Read More »

Fortinet

Fortinet global survey uncovers critical OT security challenges

Middle East News Desk /

Fortinet has released its global 2022 State of Operational Technology and Cybersecurity Report. While industrial control environments continue to be a target for cyber criminals – with 93% of Operational Technology (OT) organizations experiencing an intrusion in the past 12 months – the report uncovered widespread gaps in industrial security and indicated opportunities for improvements. Key findings of the report include: OT activities lack centralized visibility, increasing security risks. The Fortinet report found that only 13% of respondents have achieved centralized visibility of all OT activities. Additionally, only 52% of organizations are able to track all OT activities from the security operations centre (SOC). At the same time, 97% of global organizations consider OT a moderate or significant factor in their overall security risk. The report findings indicate that the lack of centralized visibility contributes to organizations’ OT security risks and weakened security posture. OT security intrusions significantly impact organizations’ productivity and their bottom line. The Fortinet report found that 93% of OT organizations experienced at least one intrusion in the past 12 months and 78% had more than three intrusions. As a result of these intrusions, nearly 50% of organizations suffered an operation outage that affected productivity with 90% of intrusions requiring hours or longer to restore service. Additionally, one-third of respondents saw revenue, data loss, compliance and brand-value impacted as a result of security intrusions. Ownership of OT security is not consistent across organizations. According to the Fortinet report, OT security management falls within a range of primarily director or manager roles, ranging from the Director of Plant Operations to Manager of Manufacturing Operations. Only 15% of survey respondents say that the CISO holds the responsibility for OT security at their organization. OT security is gradually improving, but security gaps still exist in many organizations. When asked about the maturity of their organization’s OT security posture, only 21% of organizations have reached level 4, which includes leveraging orchestration and management. Notably, a larger proportion of Latin America and APAC respondents have reached level 4 compared to other regions. More than 70% of organizations are in the middle levels toward having a mature OT security posture. At the same time, organizations face challenges with using multiple OT security tools, further creating gaps in their security posture. The report found that a vast majority of organizations use between two and eight different vendors for their industrial devices and have between 100 and 10,000 devices in operation, adding complexity. OT Security is a Corporate-Level Concern As OT systems increasingly become targets for cyber criminals, C-level leaders recognize the importance of securing these environments to mitigate risks to their organizations. Industrial systems have become a significant risk factor since these environments were traditionally air-gapped from IT and corporate networks, but now these two infrastructures are becoming universally integrated. With industrial systems now being connected to the internet and more accessible from anywhere, organizations’ attack surface is increasing significantly. To read more exclusive features and latest news please see our latest issue here. Media contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com

Fortinet global survey uncovers critical OT security challenges Read More »

Group337

Group337 announces new industry report

News Desk /

Group337, a team of experts focused on activating the companies, brands, and people in the security industry through insights, intuition, and ideas, today announced the completion of a new industry report titled, Securing the Supply Chain. The report, completed in collaboration with BoxLock, examines the Total Addressable Market (TAM) for access control technology within the supply chain. The report, releasing later this month, details findings on the market and the opportunity for access control in logistics. The results focus on five key segments in the supply chain industry: automotive logistics, aviation MRO, healthcare logistics, specimen logistics, and storage and warehouses. Furthermore, it examines why securing the supply chain is essential regarding financial loss, risk, and liability and how access control solutions help solve these problems through accountability, efficiency, and peace of mind. “We’re thrilled to bring further data and insights to the access control industry, “said Jonathon Harris, Vice President of Group337. “Since the release of the Access Control Index last year, we’ve spent time digging into specific target segments, and we’re excited to present the findings from our research showing how access control intersects with supply chain management. We hope this information aids access control business leaders in making more data-driven decisions.” “The secure movement of goods and services has never been more important or complex,” said Brad Ruffkess, CEO of BoxLock. “Our customers have made it clear that controlling access to their supply chain has become one of their biggest challenges. This report further validates the opportunity for access control technology, and the value real-time visibility and reliable chain of custody tracking can deliver across all facets of the supply chain.”   To stay up to date on the latest, trends, innovations, people news and company updates within the global security market please register to receive our newsletter here. Media contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com

Group337 announces new industry report Read More »

DDos A1Networks

Key Findings of A10 Networks’ Q4 2019 DDoS Weapons Report

Exclusives, News Desk /

A DDoS attack can bring down almost any website or online service. The premise is simple: using an infected botnet to target and overwhelm vulnerable servers with massive traffic. Twenty years after its introduction, DDoS remains as effective as ever—and continues to grow in frequency, intensity, and sophistication. That makes DDoS defense a top cybersecurity priority for every organisation. The first step: understanding the threat you face.  To help organisations take a proactive approach to DDoS defense, A10 Networks recently published a report on the current DDoS landscape, including the weapons being used, the locations where attacks are being launched, the services being exploited, and the methods hackers are using to maximise the damage they inflict. Based on nearly six million weapons tracked by A10 Networks in Q4 2019, the study provides timely, in-depth threat intelligence to inform your defense strategy.  Here are a few of our key findings.  Reflected Amplification Takes DDoS to the Next Level The SNMP and SSDP protocols have long been top sources for DDoS attacks, and this trend continued in Q4 2019, with nearly 1.4 million SNMP weapons and nearly 1.2 million SSDP weapons tracked. But in an alarming development, WS-Discovery attacks have risen sharply, to nearly 800,000, to become the third most common source of DDoS. The shift is due in part to the growing popularity of attacks using misconfigured IoT devices to amplify an attack.  In this key innovation, known as reflected amplification, hackers are turning their attention to the exploding number of internet-exposed IoT devices running the WS-Discovery protocol. Designed to support a broad variety of IoT use cases, WS-Discovery is a multicast, UDP-based communications protocol used to automatically discover web-connected services. Critically, WS-Discovery does not perform IP source validation, making it a simple matter for attackers to spoof the victim’s IP address, at which point the victim will be deluged with data from nearby IoT devices.  With over 800,000 WS-Directory hosts available for exploitation, reflected amplification has proven highly effective—with observed amplification of up to 95x. Reflected amplification attacks have reached record-setting scale, such as the 1.3 Tbps Memcached-based GitHub attack, and account for the majority of DDoS attacks. They’re also highly challenging to defend; only 46% of attacks respond on port 3702 as expected, while 54% respond over high ports. Most of the discovered inventory to date has been found in Vietnam, Brazil, United States, the Republic of Korea, and China. DDoS is Going Mobile Unlike more stealthy exploits, DDoS attacks are loud and overt, allowing defenders to detect their launch point. While these weapons are globally distributed, the greatest number of attacks originate in countries with the greatest density in internet connectivity, including China, the United States, and the Republic of Korea.  A10 Networks has also tracked the hosting of DDoS weapons by autonomous number systems (ASNs), or collections of IP address ranges under the control of a single company or government. With the exception of the United States, the top ASNs hosting DDoS weapons track closely with the countries hosting the majority of attacks, including Chinanet, Guangdong Mobile Communication Co. Ltd., and Korea Telecom. 

Key Findings of A10 Networks’ Q4 2019 DDoS Weapons Report Read More »

Insight into the myriad of risks challenging personnel security in 2019

News Desk /

Healix International, the global travel risk management and international medical and security assistance provider, has published a report outlining the potential security risks in 2019 facing businesses that have employees working and travelling abroad. James Pothecary, Regional Security Coordinator, believes the report underlines the need for organisations sending workers abroad to employ a wide-ranging scope when it comes to risk assessment and mitigation. “The range of risks now present for those working abroad is probably at its broadest for decades. Not only are there the usual risks of terrorism, but the insidious threat of cyber-crime can undermine employee security, even in countries otherwise thought to be ‘safe’. “And, of course, there really isn’t any country that is ‘safe’ any more – indeed extremist groups appear to target the countries that were previously thought to be ‘safe’ to give added weight to the message they intend to send.” The Healix International Risk Oracle Report for 2019 provides valuable insight for all of those involved in employee security and risk management. Key risks identified include: Cyber-attacks If global incidents such as the 2017 ‘WannaCry’ ransomware attack propelled the threat into public consciousness, then 2018 was the year that this shadow industry matured into a full-scale criminal economy. Conservatively estimated to be worth over 1.5 trillion US dollars, cyber-crime goes beyond simple criminality for financial gain. The cyber sphere is being increasingly exploited as a disruptive tool by nation states, forcing countries to respond by developing their own cyber-security forces. Yet, both corporate and national cyber-security units have found themselves forced on the defensive against shadowy networks driven by ideology, greed and technical curiosity. In the cyber-conflicts of 2018, it was the disrupters who triumphed. Far-right extremism In 2019, the increased normalisation of far-right political discourse across the globe will continue to drive radicalisation. Far-right groups are increasingly organised, and will be further bolstered by the absorption of new recruits. Intelligence agencies, which have for the past several decades been overwhelmingly concerned with Islamist political violence, will struggle to detect and neutralise these groups, particularly as far-right communities proliferate on the internet. Terrorism is ubiquitous in modern society Whilst in real terms political violence is actually – for the third year in a row – declining, terrorism is a critical threat facing modern society. During 2018 the Healix Counter-Terrorism Desk predicted that the rapidly developing field of unmanned aerial vehicles (UAVs) was an increasingly attractive asset for terrorist threat actors. Not only does the use of UAVs dramatically reduce the risk to the terrorist operative, but ‘the threat posed by nascent unmanned vehicle technologies is accentuated by outdated security perimeter arrangements’. Simply put, security managers have not evolved to consider air-denial outside of the most extreme-risk conflict zones. www.healix.com/risk-oracle-2019/

Insight into the myriad of risks challenging personnel security in 2019 Read More »

healix

Insight into the myriad of risks challenging personnel security in 2019

UK News Desk /

Healix International, the global travel risk management and international medical and security assistance provider, has published a report outlining the potential security risks in 2019 facing businesses that have employees working and travelling abroad. James Pothecary, Regional Security Coordinator, believes the report underlines the need for organisations sending workers abroad to employ a wide-ranging scope when it comes to risk assessment and mitigation. “The range of risks now present for those working abroad is probably at its broadest for decades. Not only are there the usual risks of terrorism, but the insidious threat of cyber-crime can undermine employee security, even in countries otherwise thought to be ‘safe’. “And, of course, there really isn’t any country that is ‘safe’ any more – indeed extremist groups appear to target the countries that were previously thought to be ‘safe’ to give added weight to the message they intend to send.” The Healix International Risk Oracle Report for 2019 provides valuable insight for all of those involved in employee security and risk management. Key risks identified include: Cyber-attacks If global incidents such as the 2017 ‘WannaCry’ ransomware attack propelled the threat into public consciousness, then 2018 was the year that this shadow industry matured into a full-scale criminal economy. Conservatively estimated to be worth over 1.5 trillion US dollars, cyber-crime goes beyond simple criminality for financial gain. The cyber sphere is being increasingly exploited as a disruptive tool by nation states, forcing countries to respond by developing their own cyber-security forces. Yet, both corporate and national cyber-security units have found themselves forced on the defensive against shadowy networks driven by ideology, greed and technical curiosity. In the cyber-conflicts of 2018, it was the disrupters who triumphed. Far-right extremism In 2019, the increased normalisation of far-right political discourse across the globe will continue to drive radicalisation. Far-right groups are increasingly organised, and will be further bolstered by the absorption of new recruits. Intelligence agencies, which have for the past several decades been overwhelmingly concerned with Islamist political violence, will struggle to detect and neutralise these groups, particularly as far-right communities proliferate on the internet. Terrorism is ubiquitous in modern society Whilst in real terms political violence is actually – for the third year in a row – declining, terrorism is a critical threat facing modern society. During 2018 the Healix Counter-Terrorism Desk predicted that the rapidly developing field of unmanned aerial vehicles (UAVs) was an increasingly attractive asset for terrorist threat actors. Not only does the use of UAVs dramatically reduce the risk to the terrorist operative, but ‘the threat posed by nascent unmanned vehicle technologies is accentuated by outdated security perimeter arrangements’. Simply put, security managers have not evolved to consider air-denial outside of the most extreme-risk conflict zones.

Insight into the myriad of risks challenging personnel security in 2019 Read More »

A10 Networks

The state of DDoS Weapons – Q4 2018 – Special report by A10 Security research

UK Exclusives, UK News Desk /

A10 Network’s recently released State of DDoS Weapons Report provides unique insights into Distributed Denial of Service (DDoS) attack techniques by tracking and taking inventory of the millions of DDoS weapons in the wild that can be exploited and used to launch attacks. A10 Network’s recently released State of DDoS Weapons Report provides unique insights into Distributed Denial of Service (DDoS) attack techniques by tracking and taking inventory of the millions of DDoS weapons in the wild that can be exploited to launch attacks. The threat intelligence derived from our research is an invaluable resource that helps A10 Networks and our customers proactively strengthen their defences. Why inventory DDoS weapons? Well, while you probably won’t know when your organization might be attacked, why, or who might instigate it, you can have advance notice of where an attack might come from. That’s because the first “D” in DDoS is “Distributed.” Unlike stealthy, obfuscated intrusions, distributed weapon attacks are noisy and commonly observed. The attack weapons are composed of malware infected DDoS-for-hire botnets and exposed servers whose vulnerabilities are exploited to reflect and amplify an attack. Knowing how to defend against both known and previously unseen attacks is important. But equally important is to know where the attacker’s weapons are actually located. To that end, A10 Networks and our partner DDoS threat researchers analyse forensic data, tap networks, track bot-herder activities, and scan the Internet for weapon signatures. We then create an up-to-date threat inventory that includes millions of IP addresses behind the DDoS weapons. This weaponry roadmap enables defenders to take a proactive stance against attackers by focusing on the location of DDoS weapons and the BGP Autonomous System Number (ASN) that hosts them upstream on the Internet. Actionable intelligence is made available by leveraging a weaponry inventory and dynamically applying it to create blacklists with millions of entries listing the suspect IPs. This methodology is very effective because it doesn’t matter what kind of attack is sourced from the weapon — If you know in advance based on its location that the weapon has a track record for launching attacks, policies can be developed to proactively block it. The proactive actions thus enabled are especially effective for DDoS defence. Key DDOS Weapon Observations 2018 22,811,159: DDoS weapons tracked by A10 Networks 5,116,043: Open DNS resolvers armed and ready to join DNS reflected amplification attacks China, USA, Italy: Top three countries hosting DDoS weapons 467,040: DDoS weapons hosted in public clouds USA, Italy, UK: Top three countries hosting IoT malware droppers www.a10networks.com/resources/ebooks/state-ddos-weapons

The state of DDoS Weapons – Q4 2018 – Special report by A10 Security research Read More »

The state of DDoS Weapons – Q4 2018 – Special report by A10 Security research

Exclusives, News Desk /

A10 Network’s recently released State of DDoS Weapons Report provides unique insights into Distributed Denial of Service (DDoS) attack techniques by tracking and taking inventory of the millions of DDoS weapons in the wild that can be exploited and used to launch attacks. A10 Network’s recently released State of DDoS Weapons Report provides unique insights into Distributed Denial of Service (DDoS) attack techniques by tracking and taking inventory of the millions of DDoS weapons in the wild that can be exploited to launch attacks. The threat intelligence derived from our research is an invaluable resource that helps A10 Networks and our customers proactively strengthen their defences. Why inventory DDoS weapons? Well, while you probably won’t know when your organization might be attacked, why, or who might instigate it, you can have advance notice of where an attack might come from. That’s because the first “D” in DDoS is “Distributed.” Unlike stealthy, obfuscated intrusions, distributed weapon attacks are noisy and commonly observed. The attack weapons are composed of malware infected DDoS-for-hire botnets and exposed servers whose vulnerabilities are exploited to reflect and amplify an attack. Knowing how to defend against both known and previously unseen attacks is important. But equally important is to know where the attacker’s weapons are actually located. To that end, A10 Networks and our partner DDoS threat researchers analyse forensic data, tap networks, track bot-herder activities, and scan the Internet for weapon signatures. We then create an up-to-date threat inventory that includes millions of IP addresses behind the DDoS weapons. This weaponry roadmap enables defenders to take a proactive stance against attackers by focusing on the location of DDoS weapons and the BGP Autonomous System Number (ASN) that hosts them upstream on the Internet. Actionable intelligence is made available by leveraging a weaponry inventory and dynamically applying it to create blacklists with millions of entries listing the suspect IPs. This methodology is very effective because it doesn’t matter what kind of attack is sourced from the weapon — If you know in advance based on its location that the weapon has a track record for launching attacks, policies can be developed to proactively block it. The proactive actions thus enabled are especially effective for DDoS defence. Key DDOS Weapon Observations 2018 22,811,159: DDoS weapons tracked by A10 Networks 5,116,043: Open DNS resolvers armed and ready to join DNS reflected amplification attacks China, USA, Italy: Top three countries hosting DDoS weapons 467,040: DDoS weapons hosted in public clouds USA, Italy, UK: Top three countries hosting IoT malware droppers www.a10networks.com/resources/ebooks/state-ddos-weapons

The state of DDoS Weapons – Q4 2018 – Special report by A10 Security research Read More »

Pulse Secure’s VPN solution earns ‘High Scores’ from IAIT Lab for zero trust-based secure access

Exclusives, News Desk /

Pulse Secure announced that the IAIT Lab has completed an extensive test of Pulse Connect Secure, resulting in superb findings across usability, comprehensiveness and interoperability for the market leading VPN solution. Pulse Connect Secure includes Pulse Secure Clients and the AppConnect SDK. Pulse Clients can be simply deployed, enabling users to quickly “click and connect” from any device, anywhere. Pulse Secure AppConnect SDK delivers per application SSL VPN connectivity for iOS and Android clients, enabling IT departments to create an even more transparent and secure mobile app experience for their users. The Institute for the Analysis of IT components (IAIT) examined Pulse Connect Secure under real-world conditions through a series of testing scenarios. Several conclusions included: “The Pulse Connect Secure appliance is perfectly suited to establish secure means of access to company resources via any kind of connection whatsoever. In the test, the solution was able to score high­ly across a very large scope of func­tions.” “It was easy to integrate our appliance into the vendor’s central cloud-based management tool Pulse One. Administrators looking for an ef­ficient solution for securing access to their company resources should definitely take a look at Pulse Pol­icy Secure.” www.pulsesecure.net

Pulse Secure’s VPN solution earns ‘High Scores’ from IAIT Lab for zero trust-based secure access Read More »

Pulse Secure

Pulse Secure’s VPN solution earns ‘High Scores’ from IAIT Lab for zero trust-based secure access

Security Management, UK News Desk /

Pulse Secure announced that the IAIT Lab has completed an extensive test of Pulse Connect Secure, resulting in superb findings across usability, comprehensiveness and interoperability for the market leading VPN solution. Pulse Connect Secure includes Pulse Secure Clients and the AppConnect SDK. Pulse Clients can be simply deployed, enabling users to quickly “click and connect” from any device, anywhere. Pulse Secure AppConnect SDK delivers per application SSL VPN connectivity for iOS and Android clients, enabling IT departments to create an even more transparent and secure mobile app experience for their users. The Institute for the Analysis of IT components (IAIT) examined Pulse Connect Secure under real-world conditions through a series of testing scenarios. Several conclusions included: “The Pulse Connect Secure appliance is perfectly suited to establish secure means of access to company resources via any kind of connection whatsoever. In the test, the solution was able to score high­ly across a very large scope of func­tions.” “It was easy to integrate our appliance into the vendor’s central cloud-based management tool Pulse One. Administrators looking for an ef­ficient solution for securing access to their company resources should definitely take a look at Pulse Pol­icy Secure.” www.pulsesecure.ne

Pulse Secure’s VPN solution earns ‘High Scores’ from IAIT Lab for zero trust-based secure access Read More »

Copyright notice This website and its content is copyright of Security Buyer – © Hand Media International LTD 2021. All rights reserved. Any redistribution or reproduction of part or all of the contents in any form is prohibited other than the following: you may print or download to a local hard disk extracts for your personal and non-commercial use only you may copy the content to individual third parties for their personal use, but only if you acknowledge the website as the source of the material You may not, except with our express written permission, distribute or commercially exploit the content. Nor may you transmit it or store it in any other website or other form of electronic retrieval system.

Scroll to Top