Security

Five considerations when budgeting for enterprise storage

By Eric Herzog, Chief Marketing Officer at Infinidat. Enterprise storage is fundamental to maintaining a strong enterprise data infrastructure. While storage has evolved over the years, the basic characteristics remain the same – performance, reliability, cost-effectiveness, flexibility, capacity, flexibility, cyber resilience, and usability. The rule of thumb in enterprise storage is to look for faster, cheaper, easier and bigger capacity, but in a smaller footprint. So, when you’re reviewing what storage solutions to entrust your enterprise with, what are the factors to be considering? What are the five key considerations that have risen to the top of enterprise storage buying decisions? • Safeguard against cyber attacks, such as ransomware and malware, by increasing your enterprise’s cyber resilience and cyber recovery with automated cyber protection.• Look to improve the performance of your enterprise storage infrastructure by up to 2.5x (or more), while simultaneously consolidating storage to save costs.• Evaluate the optimal balance between your enterprise’s use of on-premises and the use of the public cloud (i.e. Microsoft Azure or Amazon AWS).• Extend cyber detection across your storage estate.• Initiate a conversation about infrastructure consumption services that are platform-centric, automated, and optimised for hybrid, multi-cloud environments. The leading edge of enterprise storage has already moved into the next generation of storage arrays for all-flash and hybrid configurations. With cybercrime expected to cost an enterprise in excess of £7.3 trillion in 2024, according to Cybersecurity Ventures, the industry has also seen a rise in cybersecurity capabilities being built into primary and secondary storage. Seamless hybrid multi-cloud support is now readily available. And enterprises are taking advantage of Storage-as-a-Service (STaaS) offerings with confidence and peace of mind. When you’re buying enterprise storage for a refresh or for consolidation, it’s best to seek out solutions that are built from the ground-up with cyber resilient and cyber recovery technology intrinsic to your storage estate, optimised by a platform-native architecture for data services. In today’s world with continuous cyber threats, enterprises are substantially extending cyber storage resilience and recovery, as well as real-world application performance, beyond traditional boundaries. We have also seen our customers value scale-up architectures, such as 60%, 80% and 100% populated models of software-defined architected storage arrays. This can be particularly pertinent with all-flash arrays that are aimed at specific latency-sensitive applications and workloads. Having the option to utilise a lifecycle management controller upgrade program is also appealing when buying a next-generation storage solution. Thinking ahead, this option can extend the life of your data infrastructure. In addition, adopting next-gen storage solutions that facilitate a GreenIT approach puts your enterprise in a position to both save money (better economics) and reduce your carbon emissions (better for the environment) by using less power, less rack space, and less cooling. I call this the “E2” approach to enterprise storage: better economics and a better environment together in one solution. It helps to have faster storage devices with massive bandwidth and blistering I/O speeds. Storage is not just about storage arrays anymore Traditionally, it was commonly known that if you needed more enterprise data storage capacity, you’d buy more storage arrays and throw them into your data centre. No more thought needed for storage, right? All done with storage, right? Well, not exactly. Not only has this piecemeal approach caused small array storage 'sprawl' and complexity that can be exasperating for any IT team, but it doesn’t address the significant need to secure storage infrastructures or simplify IT operations. Cyber storage resilience and recovery need to be a critical component of an enterprise’s overall cybersecurity strategy. You need to be sure that you can safeguard your data infrastructure with cyber capabilities, such as cyber detection, automated cyber protection, and near-instantaneous cyber recovery. These capabilities are key to neutralising the effects of cyber attacks. They could mean the difference between you paying a ransom for your data that has been taken 'hostage' and not paying any ransom. When you can execute rapid cyber recovery of a known good copy of your data, then you can effectively combat the cybercriminals and beat them at their own sinister game. One of the latest advancements in cyber resilience that you cannot afford to ignore is automated cyber protection, which helps you reduce the threat window for cyber attacks. With a strong automated cyber protection solution, you can seamlessly integrate your enterprise storage into your Security Operations Centres (SOC), Security Information and Events Management (SIEM), Security Orchestration, Automation, and Response (SOAR) cyber security applications, as well as simple syslog functions for less complex environments. A security-related incident or event triggers immediate automated immutable snapshots of data, providing the ability to protect both block and file datasets. This is an extremely reliable way to ensure cyber recovery. Another dimension of modern enterprise storage is seamless configurations of hybrid multi-cloud storage. The debate about whether an enterprise should put everything into the public cloud is over. There are very good use cases for the public cloud, but there continues to be very good use cases for on-prem storage, creating a hybrid multi-cloud environment that brings the greatest business and technical value to the organisation. You can now harness the power of a powerful on-prem storage solution in a cloud-like experience across the entire storage infrastructure, as if the storage array you love on-premises is sitting in the public cloud. Whether you choose Microsoft Azure or Amazon AWS or both, you can extend the data services usually associated with on-prem storage to the cloud, including ease of use, automation, and cyber storage resilience. Purchasing new enterprise storage solutions is a journey. Isn’t it the best choice to get on the journey to the future of enterprise storage, cyber security, and hybrid multi-cloud? If you use these top five considerations as a guidepost, you end up in an infinitely better place for storage that transforms and transcends conventional thinking about the data infrastructure. Infinidat at DTX 2025 Eric Herzog is a guest speaker at DTX 2025 and will be discussing “The New Frontier of Enterprise Storage: Cyber Resilience & AI” on the Advanced Cyber Strategies Stage. Join him for unique insights on 3 April 2025, from 11.15-11.40am. DTX 2025 takes place on 2-3 April at Manchester Central. Infinidat will be located at booth #C81. For more from Infinidat, click here.

Industry experts comment on Data Privacy Day

With today (28 January) marking Data Privacy Day - an annual event seeking to raise awareness and promote privacy and data protection best practices - industry experts have marked the occasion by presenting a range of views on the latest trends and challenges that have arisen since last year's occasion. - Dr Ellison Anne Williams, Founder and CEO of Enveil, comments, “Data Privacy Day serves as a crucial reminder to safeguard sensitive information in an era where data dominates. As we navigate an increasingly interconnected world and transformative technologies such as AI grow their foothold in the digital economy, finding ways to protect data privacy and mitigate risk will be essential. “Privacy Enhancing Technologies (PETs) enable, enhance, and preserve data privacy throughout its lifecycle, securing data usage and allowing users to capitalise on the power of AI without sacrificing privacy or security. Organisations that truly prioritise data will incorporate PETs as a foundational, business-enabling tool that will fortify data-driven capabilities and enable data to be leveraged securely across silos and boundaries. “This year’s Data Privacy Day theme is ‘Take control of your data’, but that sentiment should not be limited to our personal data footprint. Businesses need to be proactive in their approach to data protection and commit to a future where PETs are woven into the very fabric of digital strategy. This will empower users to responsibly and securely harness innovative tools, such as AI and Machine Learning, in line with global regulations and compliance requirements.” - Edwin Weijdema, Field CTO EMEA & Cybersecurity Lead at Veeam, adds, “This year, Data Privacy Day seems a little different. With significant cyber security regulations coming into force around the world, most notably NIS2 and DORA, it feels like a lot has changed since we marked this day just 12 months ago. “And it has. We’ve seen corporate accountability given increasing weight when it comes to data resilience thanks to NIS2. It’s no longer a case of passing the buck – responsibility ultimately sits with the C-suite. Simultaneously, data resilience is shifting from a ‘cyber security requirement’ to a tangible business differentiator. At the moment, breaches and ransomware are still a ‘when’, not an ‘if’ - and I don’t see this changing. As C-suites become ever more aware, they’ll be demanding to see evidence of their organisation's data resilience, from their internal teams and any third-party partners. “Data Privacy Day is a good chance to reflect on how much can change in a year. After all, organisations can’t rely on markers like this to nudge them on the importance of data resilience - it needs to be a priority 365 days a year.” - James Blake, VP Global Cyber Resiliency Strategy at Cohesity, comments, "On Data Privacy Day, it's crucial to recognise that focusing solely on compliance will only lead to companies tying themselves in knots reacting to the swarm of active or planned regulatory requirements, as well as data legislation coming into force across multiple national and state jurisdictions. If we look at Germany alone as an example, there are 17 state laws on top of national and EU requirements. The most effective way to ensure data privacy compliance is by building robust and repeatable operational capabilities. This involves programmatically conducting comprehensive data audits to identify, categorise, and secure sensitive information. Implementing robust encryption protocols, including migrating to encryption methods resilient to emerging quantum computing attacks, is essential. Additionally, consider working with technology companies who can offer immutable data that can provide an extra layer of security, ensuring data cannot be altered or deleted, thus protecting against ransomware attacks, data breaches and the unnecessary financial loss accrued because of downtime. Appointing security champions in each business unit to educate their peers on tailored data privacy processes based on data classification levels is an important step. By embedding these practices, compliance with varying regulatory requirements will naturally follow." - Adrianus Warmenhoven, a cyber security expert at NordVPN, comments: “As debates continue over whether data, oil, or land holds the greatest value, in cyber security, the answer is unequivocal: data. Personal data, unlike physical assets, can be copied, stolen, or sold without leaving visible traces, creating significant financial and reputational risks. “Apps are a major culprit, often exposing sensitive information through excessive permissions, missed updates, or unauthorised data sharing. Keeping software current is not just a personal safeguard; it also helps protect your network of contacts from phishing attacks through outdated systems. The good news is that while it may seem like an uphill battle to get on top of your data privacy, it’s never been easier to manage how much you share.” To protect people’s privacy on apps, Adrianus offers these preventive measures: Always download apps from official stores - Unofficial apps may not check how safe it is before it is available to download, increasing the risk of modifications by criminals. Familiarise yourself with the data permissions required by apps - Head to your settings and review and adjust these permissions as necessary, particularly sensitive ones like access to your camera, microphone, storage, location, and contact list. Before downloading any app, read its privacy policy - Understand what information it will track and share with third parties. If the privacy level is unsatisfactory, consider an alternative. You can usually find this in the description on your mobile device’s app store. Limit location access only when using the app - It is difficult to justify why some apps need to know your location at all times, so do not give it to them. Avoid using social media accounts to log in, because doing so can allow unnecessary data exchange. Delete any apps you no longer use - This helps to prevent them from collecting data in the background. For more on data privacy, click here.

Palo Alto Networks partners with air transport expert

SITA, a specialist in air transport technology, has reached a significant agreement to partner with Palo Alto Networks, a global cyber security expert, to deliver comprehensive cyber security protection for mission-critical airports applications. As part of the agreement, Palo Alto Networks’ AI-powered cyber security platforms will be added into SITA’s CyberSecurity portfolio. SITA will provide the management and operation from its CyberSOC. The platform will safeguard access from remote sites, mobile workforce and airport assets such as check-in workstations, self-service kiosks, tablets, smartphones and baggage scanners, enabling smooth passenger flows whilst also avoiding downtimes and reducing turnaround times where efficiency of operations is a key priority. The partnership will focus on delivering advanced cyber security solutions (including Palo Alto Networks' Next Generation Firewalls (NGFW), Prisma SD-WAN Instant-On Network (ION) Devices, and Palo Alto Networks Prisma Access) to provide comprehensive network security, connectivity and cloud-based protection, all managed by SITA. This innovative development, called SITA Managed Security Service Edge (SSE) and consisting of Palo Alto Networks technologies, offers a complete suite of network security services (such as Secure Web Gateways, intrusion detection, threat intelligence, next generation antivirus or WildFire, DNS protection, SSL decryption and data loss prevention), all seamlessly delivered from Palo Alto Networks’ dedicated cloud platform. As a specialised subset within SITA’s Secure Access Service Edge (SASE) framework, SSE delivers robust and innovative world-leading security measures to protect digital infrastructure and implements the kind of advanced protection demanded by all CISOs and compliance authorities - including the National Institute of Standards and Technology (NIST) and ISO 27000. Martin Smillie, SITA Senior Vice President for Communications and Data Exchange (CDE), says, “The need to protect vital digital applications within the transportation industry has never been more acute, given the ever-evolving threat from cyber attacks. This agreement delivers industry-leading cyber security protection for our airport, airline and other customers, in mission critical areas of their operation. Managed by SITA CyberSOC, this combines Palo Alto Networks' best-in-class AI-powered, cloud native endpoint and application protection, all optimised and future-proofed to combat cyber threats.” Patricia Murphy, VP EMEA & LATAM Ecosystems at Palo Alto Networks, adds, “SITA has provided innovative answers for communications and data exchange to the aviation industry for the past 75 years, and is now expanding into other areas of transportation also. This partnership will begin a transformation of cyber security in the air transport industry, helping ensure that critical systems are protected with the most advanced cyber security platforms available - fostering a safer and more efficient environment for air travel worldwide.” Palo Alto Networks will help to provide the current and next generation of cyber security protection and software for SITA Secure Service Edge at mission-critical areas of aviation and other areas of transport. Palo Alto Networks leverages its Precision AI proprietary AI system to detect and outpace potential cyber threats, providing next-generation cyber security to thousands of customers globally across all industry sectors. Its platforms and services are supported by cutting-edge threat intelligence and state-of-the-art automation. For more from Palo Alto Networks, click here.

PM unveils AI Opportunities Action Plan

The Prime Minister has unveiled the Government’s AI Opportunities Action Plan, committing £14 billion in investment into ‘game-changing’ artificial intelligence and creating 13,250 jobs. The IMF estimates that AI could increase productivity across the UK by as much as 1.5 percentage points each year, if the technology is fully embraced. These gains may be worth an average of £47 billion to the UK economy every year for over a decade. As part of the plan, the government is creating new AI Growth Zones to fast-track the building of AI infrastructure, starting in Culham and Oxfordshire. These zones will speed up planning permission and generate energy connections needed to power AI. Prime Minister Keir Starmer says, “Artificial Intelligence will drive incredible change in our country. From teachers personalising lessons, to supporting small businesses with their record-keeping, to speeding up planning applications, it has the potential to transform the lives of working people. “But the AI industry needs a government that is on their side; one that won’t sit back and let opportunities slip through its fingers. And in a world of fierce competition, we cannot stand by. We must move fast and take action to win the global race.” The AI Opportunities Action Plan takes forward the 50 recommendations set out by AI expert Matt Clifford, providing the full support of the government. The plan re-enforces the UK commitment to become a global leader in AI, learning from the US and EU’s approach to lead innovation and deliver long-term stability for businesses. Sachin Agrawal, UK Managing Director for Zoho, comments, “Artificial Intelligence is already having a transformative impact on people and businesses, driving efficiencies across areas such as data analysis, fraud detection and forecasting which make a significant difference to people’s lives. The commitment to investment and support in the AI Opportunities Action Plan is hugely encouraging, demonstrating the UK’s ambition as a global AI leader and instilling confidence in businesses to turbocharge innovation. “As part of this innovation push, it is important for the UK to understand how AI regulation and data privacy continue to challenge businesses developing and implementing AI systems. In 2024, multi-agent AI emerged as a significant trend by enabling the collaboration between specialised agents to handle complex workflows in enterprise businesses where structured information and datasets are critical for context. No comprehensive frameworks have been enacted yet in the UK, although renewed commitments such as this and continued efforts indicate the growing recognition of responsible AI governance. According to our Digital Health Study, 78% of businesses have already used AI or are planning to invest heavily in the technology. “As businesses take the next steps of AI adoption, fuelled by this landmark policy, they should be guided by the government, regulators and educators under AI frameworks that promote the safe and ethical development and usage of AI systems.” The Prime Minster highlighted the transformative role that AI can play in driving public sector efficiency, saving time on admin that can be reassigned to improving public services. Speeding up planning consultations to get Britain building, faster and more accurate medical diagnoses, reducing admin for teachers, and AI analysis of camera footage to improve roads were among the examples given by the Prime Minister on the benefits the plans will provide working people. As part of the plan, the government is setting up a new team to build the UK’s sovereign capabilities and seize AI opportunities, as well as creating a new National Data Library to securely unlock the value of public data and support AI development. Andy Ward, SVP International for Absolute Security, comments, “For the AI Opportunities Action Plan to truly deliver the transformative impact we all hope, it is vital that security is at the heart of these developments to ensure that AI systems that are being developed and deployed aren’t posing dangerous security risks. There’s no doubt that AI can bring a wealth of positives to our lives, but there’s a dark side to AI with cybercriminals manipulating it as part of attacks, infiltrating IT systems and increasing the sophistication and volume of attacks.” “While the intention of becoming a global AI leader is encouraging, it requires the government, NCSC and industry to ensure that AI rollouts consider the security risks posed and put in place safeguards to provide additional business protections. Our research found that over half of CISOs feel that their security team is unprepared for evolving AI-powered threats, and 44% have gone as far as banning their employees from using AI due to the security risks. “Cyber attacks have long been a case of when, not just if, and with AI positioned to increase the threat volume, taking a proactive approach to building cyber resilience has never been more important. Security teams not only need to identify and prevent attacks, they need the capability to recover when a breach does occur, shutting off compromised systems and restoring operations quickly and securely.”

KETS Quantum Security reacts to Salt Typhoon cyber attacks

On the back of the Salt Typhoon cyber attacks, Chris Erven, CEO & Co-Founder of KETS Quantum Security, comments on the potential threat of China developing a quantum computer and the danger for telecommunications companies. Chris takes up the story: “This is a fully global threat. Every single telco should be considering their cyber defences in the wake of the Salt Typhoon attacks. “China is making some of the largest investments in quantum computing, pumping in billions of dollars into research and development in the hope of being the first to create a large-scale, cryptographically relevant machine. And although they may be a few years away from being fully operational, we know a quantum computer will be capable of breaking all traditional cyber defences we currently use. So they, and others, are actively harvesting now, to decrypt later. “Telcos are particularly vulnerable since they provide the communication services for major enterprises and many governments, so these organisations should be the first to upgrade to quantum-safe methods, including a defence in depth approach with quantum key distribution and post quantum algorithms. “Adding to the danger, many telcos are moving to software-defined networks which use software-based controllers to manage the underlying network infrastructure rather than dedicated and more restricted hardware devices. This makes them particularly vulnerable because if an adversary gets into the management plane of a telco's SDN, they will have complete control of that network; whereas in the past, the access would have been much more limited. We really are talking about taking down the UK’s national telecommunications network. “Despite warning bells being raised for the last decade, Q Day is rapidly approaching, and telcos have to prepare now to avoid a catastrophic data breach. Thankfully, telcos - like BT and SK Telecom - are actively working to upgrade their systems to make them quantum-safe in the future. However, this transition needs to happen even quicker, and the Salt Typhoon attacks serve as a timely reminder that robust cyber defences are not a ‘nice to have’ - they are essential to protecting our way of living.”

Feature - Reducing the impact of cyber attacks with rapid detection

By Eric Herzog, CMO at Infinidat. There are constant headlines reporting cyber attacks on enterprises and preparing for the inevitability of cyber crime is absolutely critical. Yet despite such a widespread expectation of cyber attacks, there's a concerning lack of preparedness. Research conducted by the Ponemon Institute in 2023 suggests that only 35% of enterprises say they feel properly prepared to deal with a cyber security incident. And even among the ones that are prepared, there’s a general acceptance of vulnerabilities within their defences and reactions that they are not fully prepared for. Hackers will exploit this to the maximum. Three major costs of a cyber attack When a cyber attack does occur, and enterprise data becomes compromised, huge costs, operational disruption, and reputational damage are incurred. Let’s examine these impacts individually. The financial impact of data breaches is substantial and continues to rise. According to the Ponemon research, the global average cost of a data breach increased by 10% to $4.88 million, which is the highest ever recorded. Cyber attacks, as we all know, also significantly disrupt business operations. According to Statista research, it took an average of 64 days to contain a breach in 2024 and in cases where stolen or compromised credentials were involved, this increases significantly. Such an extended period of disruption can severely impact a company's ability to function normally, potentially leading to lost productivity, lost revenue, and lost profits. And let’s not overlook the reputational impact of data breaches, which leads to loss of business in the longer term. This is, perhaps, the most costly aspect of a cyber attack, because the intangible values of customer trust and loyalty are significantly affected. Depending on the industry, this cost can vary significantly, with the healthcare, financial services, technology and service sectors being the most expensive to recover from. In the UK, the Ponemon research cites the average cost of recovery within these industries was £5m. What enterprises need to properly prepare for and counter these attack threats is powerful, easy-to-manage data protection and backup storage solutions, combined with guaranteed cyber storage resilience. This is because the speed at which a cyber attack occurs requires immediate and coordinated responses - from all levels of an organisation. A need for ‘baked in’ cyber storage resilience Using a software-defined storage architecture with integrated cyber storage resilience technology is one good way to minimise these impacts. When cyber storage resilience is embedded into enterprise storage, it allows for sub-second protection response and recovery times. This is critical because, when confronting a cyber attack, losing time can cost tremendous amounts of money. Ultra-fast response times will significantly reduce a cyber event's potential cost and recovery impact. For instance, a backup repository involving multiple petabytes of storage could be fully recoverable in just a few minutes. Here's an actual, real-world use case example to illustrate this. To protect the client’s confidentiality, I will just call them ‘Fortune Global 500 company’. This actual customer needed to improve its restore times for their Oracle databases without impacting on service. They were able to achieve an average seven-times improvement to the backup time of their databases using Infinidat. They also achieved a 97% reduction in recovery time for full copies and a 95% reduction to full physical back up times. In addition, backup integrity was fully verified and, after verification, could be converted to an immutable copy to protect against cyber attacks. The five cyber essentials What core cyber storage resilience capabilities were essential for this enterprise to have in place? There are five: • Logical air-gapped protection: Leveraging the ability to isolate data sets logically, fully, and completely, without requiring secondary environments.• Immutable snapshots: Completely hardened and unchangeable data set protection, helping ensure your business is following a proper set of best practices.• Fenced forensic network: Dedicated networking resources activated only to surface a copy of the data to be inspected, tested, or recovered from, within a fully isolated, tightly managed network environment.• Near-instantaneous recovery of any size backup repository.• Data centre-wide cyber security integration, where enterprise storage is seamlessly integrated with data centre-wide cyber security software applications. AI powered scanning To extend their cyber prevention further, advanced cyber detection capabilities can validate the integrity of immutable snapshots using powerful, AI-based scanning engines. Comprehensive machine learning technology can detect ransomware and malware attacks with up to 99.99% accuracy, enabling enterprises to quickly and easily identify a last known good copy for rapid, intelligent recovery. This provides complete reassurance that the data has not been compromised. A new standard for cyber resilient storage What enterprises need from their storage platform today are outstanding performance levels, guaranteed availability, cyber storage resilience, ease of use, and cost savings - at scale and for any backup/recovery data protection use case. By their very nature, backups are the last resort for protecting and recovering critical data. The storage location for this critical data should embody enterprise-calibre reliability and resilience. It should come with SLA-based guarantees for performance, 100% availability, and cyber storage recoverability. This sets the standard for enterprise storage and backup use cases, ensuring the utmost safety and recoverability for critical, backed-up data. Infinidat allows customers to choose the solution that best fits their use case or environment, with a consistent and easy-to-manage set of solutions to save them time and money. Action is critical Extensive research clearly indicates that preparing for cyber attacks is not just advisable, but critical for business survival in the digital age. The inevitability of cyber threats means companies must invest in comprehensive preparation strategies to mitigate their risks, protect their assets, and ensure rapid response capabilities. This proactive approach is essential for maintaining business continuity and safeguarding against potentially devastating financial and reputational damages. To read more from Infinidat, click here.

NIS2 still a mystery to cyber security bosses, research shows

Senior cyber security professionals at more than a fifth of the UK’s largest businesses are still “not sure” whether the EU’s NIS2 directive - which is the EU-wide legislation on cyber security - even applies to their organisation, new research by specialist cyber security consultancy, Green Raven, has revealed. More than two-thirds of respondents at organisations with at least 1,000 employees said that NIS2 does apply to them, but almost 10% of these admitted that their organisation was not compliant as of the 17 October 2024 deadline – with a further 3% not sure. The findings contradict previous research from June 2024, in which 97% of IT leaders at UK companies declared themselves confident that they would be, or already were, NIS2-compliant. Morten Mjels, CEO of Green Raven, says, “NIS2 came into force in January 2023 – almost two years ago – so for senior cyber security professionals at the companies most likely to be impacted to not know if it even applies - wow. Saying, 'Yes, we’re compliant' may be acceptable; admitting that 'No, we’re not compliant but we’re working on it' may also be acceptable - assuming there may be a grace period when new regulations come into force. “But, eventually, failure to be compliant is going to significantly impact the ability of these organisations to do business in Europe, or is going to attract a significant fine for doing business in Europe without being compliant. And saying, ‘We weren’t sure’ is unlikely to be much of a defence.” The research also asked respondents for their reaction to the Cyber Security and Resilience Bill, trailed by the UK Government in July 2024’s King’s Speech. This new bill is expected to build upon the foundations laid by the EU’s Network and Information Systems (NIS) directive and is commonly seen as the UK’s response to the NIS2 directive. Asked to react based on what they had heard or read about the new Act: • 37% of respondents hope that the new Cyber Security and Resilience Bill won’t apply to their organisation, but almost 80% expect that it will.• 46% of respondents expect the bill to make unwanted demands of UK businesses, but over 82% expected the bill to make reasonable demands of UK businesses. A similar proportion agreed that the bill would make necessary demands of UK businesses.• Almost 88% of respondents agreed with the statement "The UK Cyber Security and Resilience Bill will improve the UK's overall cyber resilience”. Not a single respondent disagreed with the statement, despite the acknowledgement of the additional demands and overheads the new bill is likely to bring. Morten comments, “While few details are known beyond the idea that it will be the UK’s equivalent of NIS2, the key takeaway from the research is that every cyber security professional asked clearly believes that there is more that organisations can, and will, be forced – via legislation – to do to improve their cyber security posture and resilience. As a cyber security professional in an organisation likely to be in scope, I wouldn’t be waiting for legislation.” Conducted on its behalf by research specialist, Censuswide, Green Raven surveyed 200 respondents from among the UK’s 1,930 organisations with at least 1,000 employees. All respondents described their role as CISO/director/head/manager of (or in) their organisation's cyber security team. The EU’s Network and Information Security Directive (NIS2) aims to improve the overall level of cyber security and standardise cyber resilience across the EU, by requiring operators of critical infrastructure and essential services to implement appropriate security measures and report any incidents to the relevant authorities. EU member states were required to transpose NIS2 into their national legislation by 17 October 2024. Although the UK has left the EU, NIS2 impacts UK organisations that fall under its scope and conduct business in the EU, either as a customer or as a supplier. Green Raven is a specialist cyber security consultancy and reseller, applying decades of track record, experience and knowledge to bring together customers and cyber security solution providers. In particular, Green Raven is a white-label partner for Darkscope, which is predictive cyber threat intelligence for enterprises. Green Raven’s implementation of Darkscope’s unique, AI-powered portfolio of solutions spots cyber attacks that others can’t, and before they take place – so those responsible for cyber security can reinforce their cyber defences where they know they’re about to be needed. Its Supply Chain Monitoring Service leverages advanced cyber intelligence techniques and cutting-edge technologies to provide comprehensive oversight of an entire supply chain network – a key objective of the NIS2 directive.

Zimperium predicts data privacy emphasis in 2025

Nico Chiaraviglio, Chief Scientist and Krishna Vishnubhotla, VP Product Strategy & Threat Intelligence at Zimperium, is predicting data privacy emphasis, more evasive phishing attacks and a rise of sideloading for 2025: Each year around this time, security leaders cast their predictions on how the industry will change in the new year. What new threats will arise? How will organisations shift their security priorities? Which cybercriminal tactics will increase and which will decrease? At Zimperium, our mission is to secure the mobile attack surface and to empower security teams to effectively manage and mitigate mobile threats. In light of the research data we’ve compiled across millions of mobile devices and mobile apps over this past year, we’ve sat down to think about what new mobile security trends and threats you can expect to see in 2025. Prediction 1: Mobile Security Platforms Will Increasingly Address Data Privacy Concerns, Not Just Security Mobile security plays a crucial role in addressing the needs of data privacy. However, we often see mobile security with the lens of threat defence and application security. But regulatory compliance is a key piece of the mobile security function and we predict that in 2025, we will see mobile security prioritising data privacy needs by implementing robust privacy-preserving technologies. According to Zimperium’s 2024 Global Mobile Threat Report, 82% of organisations allow bringing your own device (BYOD) to work. And a recent survey from Tableau found that 63% of Internet users believe most companies aren’t transparent about how their data is used, with 48% having stopped shopping with a company because of privacy concerns. We will likely see more regulatory compliance baked into mobile security solutions, particularly around data handling and encryption standards. We are already seeing regulatory shifts in the financial sector, holding app developers accountable for any harm towards their end users due to external attacks. Businesses are recognising that regulatory compliance features are a necessary piece of the mobile security stack, and they are seeking mobile security platforms that address both privacy and security needs. Prediction 2: Social Engineering Attacks Will Keep Becoming More Sophisticated and Evasive, Traditional Phishing Defenses Fall Short Social engineering has evolved considerably over the past year. In 2025, we predict that 'mishing' (mobile phishing) attacks will become so sophisticated and evasive that traditional tooling won’t be able to detect it. We will see the rise of AI-driven mobile malware capable of mimicking user behaviour, making it far harder to detect using traditional methods. Verizon’s 2024 Mobile Security Index revealed that AI technologies are expected to intensify the mobile threat landscape, with 77% of respondents anticipating AI-assisted attacks, such as deep fakes and SMS phishing. A notable example was identified by Zimperium’s zLabs researchers on an Android-targeted SMS stealer campaign, which to date, researchers have found over 107,000 malware samples directly tied to the campaign. In separate research, the zLabs team found a new variant of the FakeCall malware, revealing new traits present in this variant, including the ability to capture information displayed on a screen using the Android Accessibility Service. Similar to the above, we will continue to see the development of 'stealth mobile devices', or devices specifically designed to circumvent typical security measures.. This highlights a strategic evolution in mobile security – evasive cyberattacks are now the new normal as cybercriminals are becoming more sophisticated in their mobile phishing attacks. Prediction 3: Non-Traditional Entry Points Will Escalate Enterprise Mobile Risk Threat actors will increasingly exploit iOS shortcuts, configuration profiles, and sideloaded applications to breach enterprise security. Recent research unveiled the dangers of sideloading applications, the practice of installing mobile apps on a device that are not from the official app stores. According to Zimperium’s 2024 Global Mobile Threat Report, financial services organisations saw 68% of its mobile threats attributed to sideloaded apps. In fact, zLabs researchers found that mobile users who engage in sideloading are 200% more likely to have malware running on their devices than those who do not. Riskware and trojans, applications that disguise themselves as legitimate apps, are the most common malware families found. APAC outpaced all regions in sideloading risk with 43% of Android devices sideloading apps. To protect against the risk that comes from sideloaded apps, enterprises must effectively protect their mobile endpoints by adopting a multi-layered security strategy including mobile threat defence and mobile app vetting. The prominence of trojans are highlighted in the report with the findings indicating that threats from sideloaded apps are primarily driven by riskware and trojans, which account for a staggering 80% of the malware observed. Additionally, Zimperium’s threat data shows that approximately one in four Android devices face this issue. While sideloading is much more prevalent on Android, the recent Digital Markets Act (DMA) is expected to increase its prevalence on iOS. Cybercriminals are constantly scouring for ways to break in and compromise corporate networks. In 2025, they will ramp up efforts on targeting non-traditional entry points. Prediction 4: Surge in Mobile-Specific Ransomware Mobile-specific ransomware is a rapidly evolving threat that should be top of mind for every CISO. Zimperium’s Mobile Banking Heist Report provides early evidence of this shift: in 2023, 29 malware families targeted 1,800 mobile banking apps with several showing early-stage ransomware capabilities. These tactics are tailored for mobile, signalling a move beyond data theft toward extortion and ransomware schemes designed specifically for mobile platforms. This trend is part of a larger increase in ransomware and extortion attacks across digital channels. According to the 2023 Verizon Data Breach Investigations Report (DBIR), ransomware or extortion was involved in nearly one-third of breaches, indicating a shift among traditional ransomware actors toward new methods, including mobile-focused extortion. This shift is further confirmed by the Thales 2024 Data Threat Report, which notes that ransomware and malware remain some of the fastest-growing threats, with 41% of enterprises facing malware-related breaches this year alone. With ransomware attacks growing by 21% in 2024, attackers are increasingly exploiting mobile platforms due to their unique vulnerabilities and often weaker security postures. For CISOs, this signals an urgent need to prioritise advanced app-level security, phishing defences, and proactive monitoring in mobile environments, as the connectivity and sensitive data handled by mobile devices make them prime targets for the next wave of ransomware. Zimperium’s zLabs research team is on a mission to identify emerging threats to mobile security, exposing malware groups and their variants before they have a chance to wreak havoc on businesses' mobile ecosystem. Our team will remain on the pulse of these developments, keeping a close eye on how these predictions play out in the new year.

Macquarie Government expands Netskope partnership

Macquarie Government, part of Macquarie Technology Group, today announced it has expanded its four-year partnership with global SASE (Secure Access Service Edge) leader, Netskope, following a large-scale Federal Government network security deployment. The Australian sovereign company deployed Netskope’s single-vendor SASE platform to the Department, ensuring it maintains compliance with the Essential 8 (E8) Maturity Model Level 2 controls. By adopting Zero Trust principles, the solution ensures all access is both explicitly requested and continuously revalidated, providing robust security measures critical for safeguarding government networks and data. SASE architecture delivers an automated, dynamic policy enforcement framework, ensuring the Department’s personnel access applications securely based on their clearance levels, whether working remotely or on-premises. Without disrupting the user experience, SASE continuously verifies and validates access, blocking unauthorised data sharing on unapproved applications and guiding staff toward agency-approved tools, enhancing both security and compliance. SASE underpinned by zero trust empowers Federal Government departments to embrace flexible working and complete cloud adoption – critical factors for attracting and retaining top talent. By enabling this modern workforce approach, it ensures robust security remains uncompromised, supporting the government's commitment to innovation and operational excellence. As part of its strategic expansion, Macquarie Government was an early adopter and one of the first Australian organisations to be appointed to Netskope’s Managed Service Provider (MSP) Program. This milestone strengthens its capability to deliver advanced technology solutions to the Government, further cementing its role as a trusted partner in enhancing public sector security. “The combination of Netskope's best-in-class single-vendor SASE platform with Macquarie Government's sovereign capabilities brings the promise of secure, flexible access to Australian Government agencies, transforming the way users and applications are secured,” says Aidan Tudehope, Managing Director, Macquarie Government (pictured above). “By ensuring compliance with Essential 8 Maturity Level 2 standards, this partnership delivers enhanced security and resilience, providing a robust system that addresses the unique needs of government entities in an increasingly complex digital landscape.” Tony Burnside, Senior Vice President and Head of APJ, Netskope, adds, “This deployment represents a significant milestone in advancing cyber posturing within the Australian Government. By leveraging the advanced capabilities of the Netskope One platform and Macquarie Government’s local engineering expertise, they have turned the vision of SASE into a practical, impactful reality.” “Macquarie Government continues to refine their approach, delivering innovative solutions that enable SASE deployments at a PROTECTED classification while meeting the stringent compliance requirements of the Australian Government.” This partnership expansion follows the addition of Macquarie Government to the Information Communications Technology Provider Arrangement (ICTPA) panel, enabling Australian Defence and Intelligence agencies to procure services directly from the company. For more from Macquarie, click here.

DigiCert unveils 2025 security predictions

DigiCert, a global provider of digital trust, has released its annual forecast of cyber security predictions for identity, technology, and digital trust that the company expects to shape the landscape in 2025 and beyond. These predictions provide a snapshot of the cyber security challenges and opportunities enterprises will encounter in the months ahead. Prediction 1: Post-quantum cryptography takes off2025 marks a pivotal year when post-quantum cryptography (PQC) shifts from theoretical frameworks to real-world deployments. With impending announcements from the US National Security Agency (NSA) and growing compliance pressures, PQC adoption will surge, empowering industries to embrace quantum-resistant solutions. Prediction 2: Chief Trust Officers take centre stageDigital trust becomes a boardroom priority, leading to a continued rise of Chief Trust Officers (CTrOs) who will oversee ethical AI, secure digital experiences, and compliance in an increasingly regulated environment. Prediction 3: Automation and crypto-agility become a necessityWith industry shifts toward shorter SSL/TLS certificate lifespans, automation and crypto-agility will emerge as critical capabilities for organisations aiming to maintain secure operations amidst evolving standards. Prediction 4: Content provenance goes mainstreamIn an era of deepfakes and digital misinformation, the Coalition for Content Provenance and Authenticity (C2PA) is set to redefine how we verify digital content. Expect to see C2PA’s Content Credential icon become commonplace on images and videos to enhance trust across media platforms. Prediction 5: Organisations will demand resilience and zero outagesThe CrowdStrike outage this summer underscored the need for better testing of automated updates and stronger digital trust. As IoT adoption grows, concerns about the safety of over-the-air updates, particularly for self-driving cars, are prompting calls for greater transparency in security practices. The EU’s Cyber Resilience Act, effective in 2027, will drive stricter cybersecurity standards, fostering a more secure and trustworthy IoT ecosystem. Prediction 6: AI-driven phishing attacks will surgeThe proliferation of AI will fuel an unprecedented surge in sophisticated phishing attacks, making them harder to detect. Attackers will leverage AI to craft highly personalised and convincing phishing campaigns, while automated tools will enable them to scale attacks at an alarming rate, targeting individuals and organisations with precision. Prediction 7: New private PKI standards like ASC X9 will gain momentumASC X9 is poised to gain momentum as industries like finance and healthcare increasingly require customised security frameworks to meet stringent regulatory demands and unique operational needs. Unlike public PKI, ASC X9 offers greater flexibility by enabling tailored policies and trust models, addressing critical areas such as data integrity and authentication. This ability to foster secure, scalable, and interoperable frameworks will make ASC X9 a preferred standard for organisations prioritising trust and collaboration. Prediction 8: Cryptography Bill of Materials (CBOM) gains tractionIn response to escalating cyber security threats, CBOMs will become a vital tool for ensuring digital trust by cataloguing cryptographic assets and dependencies, enabling better risk assessments. Prediction 9: The era of manual certificate management wndsManual management of certificates, still common in nearly a quarter of enterprises, will phase out as automation becomes indispensable for handling shorter certificate lifespans and stricter security protocols. Prediction 10: Organisations will continue to prioritise fewer vendorsDespite concerns about single-vendor risks and a peak of venture capital funding for AI start-ups, enterprises will continue to consolidate vendors to simplify management, improve integration, and enhance overall security practices. “The relentless pace of innovation is not just reshaping our digital lives - it’s exposing new vulnerabilities faster than we can secure them, demanding a bold rethinking of how we approach cyber security,” says Jason Sabin, CTO at DigiCert. “The predictions for 2025 underscore the urgent need to stay ahead of these vulnerabilities by driving quantum readiness, enhancing transparency, and reinforcing trust as the bedrock of our rapidly changing digital ecosystem. DigiCert remains committed to shaping and securing future digital innovation to remain ahead of the vulnerability curve.” For more from DigiCert, click here.