Latest news with #cyberresilience
Forbes
7 days ago
- Business
- Forbes
Cybersecurity Testing Can Ensure Cyber Resilience—Here's How to Do It
By Zach Amos Too many businesses are dangerously overestimating their cyber resilience. Any business that has an online presence is vulnerable to a cyberattack. Most vulnerabilities are due to legacy or unpatched systems that still power core operations, exposing critical entry points. However, the biggest weakness isn't always technical, but in a company's perception. Too many businesses are dangerously overestimating their cyber resilience because they see investments in digital tools and services as an all-in-one solution. This false sense of protection can create a blind spot, leading to significant financial losses and reputational harm if left unresolved. Here is why this happens and how businesses can accurately test and strengthen their security posture. Disconnect Between Confidence and Actual Cybersecurity Readiness Cyberattacks have become more prevalent in recent years, with healthcare, finance, and manufacturing the most targeted industries due to their valuable data and the ways this information can be exploited. In fact, nearly six in 10 companies had to protect themselves from ransomware incidents. Despite these sobering numbers, Bain & Company revealed that 43% of industry leaders believe they're following the best cybersecurity practices, yet only 24% of those actually met the standards. This complacency creates a gap between perceived and actual readiness, leaving firms vulnerable to ransomware, data loss, and extended business downtime. What causes this disconnect between confidence and actual cybersecurity readiness? It can stem from various factors, which may be technical, organizational, or psychological. Here are some of the most common reasons: 5 Warning Signs a Company Is Overestimating Its Cybersecurity Posture Knowing the red flags can help businesses identify whether they're among the overconfident majority. Here are five common indicators: If an organization has never performed a breach and attack simulation (BAS) or red team exercise, it's likely operating in the dark. These simulations expose real-world weaknesses that standard security reviews often miss. Security posture assessments should occur regularly, especially as business environments, tools, and threats evolve. Relying on annual reviews or outdated risk models is a strong sign of overconfidence. It is generally recommended to evaluate risk annually, but some companies benefit from quarterly or even monthly reviews. Mistaking regulatory compliance for comprehensive protection is common, but it's a misleading reality. Compliance provides a baseline, not a guarantee that a business will likely survive an attack. Assessing a company's resilience must include evaluating its risk exposure. Micro, small, and medium Enterprises (MSMEs) can take a critical hit from a cyberattack. If a recovery plan hasn't been tested under stress, it's unlikely to hold up in a real-world scenario with much higher stakes. True cyber resilience is cross-functional, not only the responsibility of the IT team. If executive leaders, finance, operations, and legal teams aren't involved in incident response planning, the organization may not be as prepared as it thinks. With 95% of data breaches tied to human error, any employee can jeopardize the company. More from AllBusiness: How to Perform Cybersecurity Testing to Evaluate Cyber Resilience Organizations must conduct realistic and data-driven inspections of their current readiness to bridge the gap between confidence and actual capability. A good starting point is a comprehensive security posture assessment (SPA). It probes into the technical controls a business has set up, including firewalls, EDR configurations, and access management policies. It also considers employees' user behavior, such as their susceptibility to phishing or unsafe browsing habits on company computers. SPAs help identify gaps in policy enforcement and recovery preparedness. Running BAS tools helps businesses examine how well their systems can survive the latest adversarial tactics by emulating them. These technologies run thousands of real-world tactics, techniques, and procedures mapped to MITRE ATT&CK frameworks to highlight where current defenses fail before a threat actor exploits them. Organizations must also track and benchmark key performance indicators, such as the mean time to detect (MTTD) and the mean time to respond (MTTR). If it takes a team days to detect an intrusion versus the industry standard of hours for well-prepared corporations, they may not know how to react in real-time. Simulate attack scenarios involving all departments, from the C-suite to front-line responders, to ensure everyone understands their role in a crisis. These exercises reveal critical coordination gaps that technical testing alone cannot. For example, who notifies law enforcement if a ransomware attack encrypts customer data and demands payment within 24 hours? Who speaks to the media? Does the legal team know if ransom payment is allowed under local laws? These exercises expose coordination gaps and practice decision-making under pressure. Validating backup and recovery systems under real conditions is nonnegotiable. Many firms skip stress testing continuity plans, assuming backup systems will work. In reality, backups can be encrypted by the same ransomware if not properly segmented. Routinely run live restoration drills from cold storage, cloud snapshots, and isolated backup networks. Check if the customer database can be fully restored within a 24-hour recovery time after simulated data corruption. If it takes longer or fails outright, the business continuity plan needs revision now, not after a breach. Strengthen Cyber Resilience Before It's Too Late Once the gaps are identified, businesses must act quickly and decisively to reinforce their defenses. Here's how: Company Confidence Is Not Risk Resilience The harsh truth is that if organizations haven't rigorously tested their defenses in the past six months, their cyber resilience is likely far below what company leaders assume. Overconfidence can be more damaging than being underprepared, because it prevents businesses from taking action to protect themselves. Business leaders should not wait for a breach to be a wake-up call. By honestly assessing security posture, testing rigorously and acting proactively, companies can replace misplaced confidence with genuine resilience by assessing security posture, testing rigorously, and acting proactively.
Zawya
7 days ago
- Business
- Zawya
South Africa: Magix launches Research and Development Lab to tackle new cyber threats
Magix, a leader in cybersecurity solutions, is proud to announce the launch of the Magix R&D Lab, a cutting-edge research and development initiative aimed at advancing cybersecurity through innovative threat research and offensive security expertise. Kevin Wotshela, managing director of Magix Security, expressed his excitement about the new venture: 'Magix R&D Lab represents our commitment to staying at the forefront of cybersecurity innovation. By combining our experience with pioneering research, we are geared to protect our clients from the ever-evolving landscape of cyber threats.' Dedicated to uncovering threats, developing custom tools, and simulating real-world attacks the Lab's mission is to fuel offensive security services with original research and insights, helping clients remain resilient, audit-ready, and ahead of the curve. Key features of Magix R&D Lab: - Advanced Threat Simulation: By evaluating the latest vulnerabilities and attack techniques, Magix R&D Lab ensures that environments are tested against the methods used by real attackers. - Continuous Up-skilling and Training: Engineers at Magix R&D Lab are engaged in ongoing research, red team simulations, and hands-on lab work, sharpening their offensive security expertise. - Enhanced Threat Intelligence: Magix R&D Lab tracks global adversaries, reverse-engineers malware, and monitors dark web chatter, translating this into actionable intelligence for stronger cyber resilience. Another key focus of the Lab is to share knowledge through a series of insightful White Papers that address pressing issues currently impacting the cybersecurity landscape in South Africa. The first in the Magix R&D Lab series, "The Role of AI in Ethical and Unethical Hacking: Implications for Business," authored by Tim Butler, Floyd Tshoma, and Hlayisani Shondlani, delves into the dual nature of Artificial Intelligence in cybersecurity. This paper is a valuable resource for businesses and individuals eager to understand how AI can be both a shield and a weapon in the digital realm. By sharing these findings, Magix R&D Lab aims to motivate and empower stakeholders to enhance their defensive strategies and navigate the complexities of modern cybersecurity challenges effectively. Meet the experts behind Magix Lab R&D The authoring team is comprised of talented and dedicated professionals who excel in the field of cybersecurity. Meet three of our key members who are instrumental in driving our success. Tim Butler Tim Butler: A leader in IT and cybersecurity Position: Magix chief operations officer Certifications: Multiple CompTIA Certifications (A+, N+, Cloud+, Project+, Security+, Pentest+, CySA+, CASP+), London School of Economics MBA Essentials Certificate A driven and motivated individual, with over 15 years of IT experience, Tim is able to share his knowledge and draw the best aspects out of his Team. With multiple certifications in the IT space, Cybersecurity has been at the forefront in securing users and architecture, and now in testing against them. With an open mind, Tim is always willing to expand his knowledge and expertise. Especially when his Colleagues are so passionate and knowledgeable, this makes the experience all the more enriching. Floyd Tshoma Floyd Tshoma: The critical thinking specialist Position: Magix cyber security consultant Certifications: ICSI|CNSS Certified Network Security Specialist, ISCI|CPT Certified Penetration Tester, Certified Information Systems Security Professional (CISSP), ISO/IEC 27001 Dynamics of Information Security Management Systems (ISMS), Cisco Ethical Hacker With a wide range of knowledge in the IT field, coupled with a mind honed for critical thinking, Floyd demonstrates these skills daily as an amazing Cybersecurity Professional. He is able to identify flaws in IT infrastructure and applications, then communicate these clearly to clients to strengthen their overall security posture. Never sitting still, Floyd continues to add to his knowledge and skills through further certifications and training, applying and sharing that knowledge to his work and life. Hlayisani Shondlani Hlayisani Shondlani: The logical innovator Position: Magix cyber security consultant Certifications: Certified Ethical Hacker (CEH), ISO 27001 Internal Auditor, BSc Statistics and Computer Science, Cisco Ethical Hacker Passionate and eager to explore the world of Cybersecurity, Hlayisani shows a knack for logical thinking and pattern recognition. These make him an incredible cybersecurity professional, as he uncovers flaws in avenues not thought of in applications and network architecture, further securing clients assets. Always looking ahead, he continues to hone his skills and knowledge, applying them in his work and personal endeavours. Together, Tim, Floyd, and Hlayisani form a formidable team at Magix Lab R&D, each contributing unique skills and perspectives to advance cybersecurity solutions. Their dedication to the field and commitment to continuous improvement ensure that Magix R&D Lab remains at the forefront of innovation in cybersecurity. Commitment to Global Collaboration With over 20 years' experience, Magix Security is a trusted provider of comprehensive cybersecurity solutions. With a focus on innovation, the company is dedicated to protecting clients from the growing and evolving threats in the digital landscape. Further collaborations with industry leaders such as Checkmarx, Syteca, Usecure, Bottomline, Qualys, and Perception Point ensure that the Lab remains at the forefront of technological advancements. Discover the Future of Cybersecurity with Magix R&D Lab Magix R&D Lab invites businesses and cybersecurity professionals to delve into this White Paper and to explore its' comprehensive analysis of AI's offensive and defensive roles in hacking, detailed case studies, and strategic recommendations for enhancing cybersecurity defenses. Key findings reveal that: - 85% of cybersecurity professionals believe AI-driven cyberattacks are more sophisticated and harder to detect. - AI-assisted ransomware attacks saw a 67% increase in the last year. - AI-generated malware surged by 125% in the past year. - 60% of cybercriminal groups now employ generative AI for attacks. - Credential stuffing attempts using AI increased by 150%. - AI-driven spear phishing emails have a 92% higher success rate. All rights reserved. © 2022. Provided by SyndiGate Media Inc. (
Gulf Business
22-07-2025
- Business
- Gulf Business
Cohesity's Johnny Karam, Mark Molyneux on raising cyber resilience among UAE employees
Images: Supplied The UAE workforce is showing strong signs of cybersecurity readiness, outpacing their EMEA peers in areas such as threat awareness and trust in their organisations' ability to recover from attacks. That's according to new research from Cohesity, a global leader in AI-powered data security and resilience. The survey, conducted in partnership with OnePoll, captured responses from 500 full-time UAE employees, revealing that 86 percent believe they can identify a cyber threat, and nearly 90 percent trust their employer's cyber resilience. But the study also sheds light on lingering behavioural gaps, with some employees admitting they might delay reporting due to fear of blame or confusion about protocols. Cohesity leaders say this is the next frontier—empowering teams to not just recognise risks but confidently act on them without hesitation. With the UAE's national cybersecurity ambitions accelerating, businesses now need to focus on turning awareness into action. Gulf Business sat down with Your latest research shows that while 86 per cent of UAE employees believe they can identify a cyber threat, deeper knowledge still seems lacking. What does this confidence gap reveal about current training methods, and how should organisations close it? Johnny Karam: The fact that 86 percent of UAE employees feel confident in identifying cyber threats is a strong reflection of the country's focus on digital awareness. This high level of awareness reflects the UAE Cybersecurity Council's long-term investment in public education, including programs for students, women in tech, and the broader community, part of a strategy stretching from 2020 to 2030. However, our study shows that this confidence does not always translate into deeper understanding or preparedness. Many employees may recognise the signs of a potential attack but feel uncertain about what to do next. This gap reveals that current training approaches are still too focused on awareness rather than action. To close this gap, organisations need to evolve their training methods. It is no longer enough to explain what phishing or ransomware is in theory. What works best is practical, scenario-based training that prepares employees to respond under pressure. When individuals know exactly what steps to take and feel confident doing so, they become active contributors to the organisation's defence. It is about building the confidence to act, not just the ability to identify. One of the more striking insights is that fear of blame and confusion delays incident reporting. What steps can companies take to foster a culture of psychological safety and quick escalation in cybersecurity? Johnny Karam: This is one of the most human yet critical findings from our research. In the UAE, 46 percent of employees who hesitated to report a threat said it was because they feared blame or were unsure whether their concern would be taken seriously. That hesitation can be costly. In cybersecurity, delays can make the difference between containment and escalation. It's like spotting a fire in your office — no one hesitates to raise the alarm. That's the level of instinctive response we need when it comes to cybersecurity threats. Organisations need to address this by creating a culture of psychological safety, where reporting is always encouraged and never penalised, and this is where leadership plays a vital role in reinforcing that message. Employees must feel supported, and clear reporting channels should be made visible and simple to follow. Even if an alert turns out to be a false alarm, flagging it is always the right move. Encouraging early reporting and removing the stigma around it helps create a stronger, faster-responding organisation. It's also about cultural maturity. Just as the UAE focused early on education, the next phase is building psychological safety into company cultures, where 'see it, say it, sort it' becomes second nature. Ransomware continues to evolve, yet your data shows that nearly one in four employees does not fully understand it. How can organisations move from theoretical awareness to scenario-based, hands-on preparedness? Mark Molyneux: Ransomware is no longer a rare or abstract threat. It is one of the most pressing challenges facing organisations today. The fact that 86% of employees in the UAE understand what ransomware is and how it spreads shows that awareness is extremely is extremely high, which is largely due to the UAE Cyber Security Council's approach to increasing security awareness across the Emirates. But to reach the step of cyber-resilience, we need to move beyond surface-level awareness. Scenario-based training, such as simulated attacks and role-playing exercises, is far more effective in preparing employees to respond confidently and quickly. In addition, organisations can benefit from expert-led incident simulations or even partnerships with external response teams, like our Cohesity Cyber Event Response Team (CERT), to build muscle memory in high-pressure scenarios. When people are familiar with the pressure of a real-time incident, they are more likely to take the right action. Awareness is important, but preparedness is what ultimately determines whether an organisation can contain an incident or fall victim to it. What are some examples of human-centric cybersecurity training that have worked particularly well in the UAE or broader Middle East region? Johnny Karam: In this region, the most effective training approaches are those that account for cultural context and local realities. We have seen companies run phishing simulations, real-time cyber escape rooms, and role-specific drills that make the training highly engaging and memorable. These methods encourage active participation and help employees internalise what to do in the face of a threat. The strongest results come when training is localised, conducted in Arabic where relevant, aligned with regional threat trends, and inclusive of leadership participation. When executives lead by example, it reinforces the idea that cybersecurity is everyone's responsibility. We are seeing a clear shift across sectors like banking and healthcare, where security awareness is being embedded not just as a requirement, but as a core part of organisational culture. Cybercriminals are constantly evolving — how does Cohesity stay ahead of the curve? Johnny Karam: Cybersecurity is an arms race, and staying ahead takes relentless innovation. At Cohesity, we invest double the R&D of our closest competitor. That allows us to anticipate threats like AI-generated phishing and craft real-time responses, from behaviour-based access controls to early threat detection. But it's not just about tech — we work with a network of cybersecurity partners and an expert advisory board to stay on top of tomorrow's risks, today. How do these findings align with the UAE Cybersecurity Council's broader goals, and how is Cohesity engaging with regulators or national stakeholders to support these priorities? Johnny Karam: The UAE Cybersecurity Council has taken decisive steps to strengthen national cyber resilience. The emphasis on public-private collaboration and secure digital transformation aligns closely with what we are seeing in the field. Our findings reflect this momentum, for example, 67 percent of UAE employees say they would report suspicious activity directly to cybersecurity teams, which is a strong indicator of engagement and awareness. We work closely with government entities and industry stakeholders, participating in briefings, knowledge-sharing sessions, and collaborative initiatives to build operational readiness. Our AI-powered platform is aligned with the UAE's focus on proactive defence and digital trust. True resilience depends on both technology and people, and we are committed to supporting both dimensions. With hybrid work environments and increasing digital transformation across sectors, how is Cohesity helping clients in the region build not just secure infrastructure but a more cyber-aware workforce? Mark Molyneux: The shift to hybrid work has broadened the attack surface for organisations, making it even more critical to adopt an integrated approach to security. At Cohesity, we not only help our clients protect data across all environments, from on-premise systems to the cloud and edge, but we also work with them to build awareness and confidence within their teams. Our research shows that 89 percent of UAE employees trust their organisation's ability to recover from attacks, and 66 percent have received cybersecurity training in the past year. These are positive indicators. However, we aim to go further by supporting secure decision-making across every level of the organisation. This includes simplifying processes, integrating automation where possible, and ensuring that employees have both the tools and the understanding needed to respond quickly. Cyber resilience is not a department; it is a culture, and we help our clients embed it across their workforce. Tell us about Cohesity's offerings. Mark Molyneux: Cohesity is a global leader in data security and resilience, trusted by more than 13,600 organisations worldwide, including over 85 of the Fortune 100. Following our integration with Veritas' enterprise data protection business, we now offer one of the most comprehensive platforms available, capable of protecting, managing, and recovering data whether it is stored on-premise, in the cloud, or at the edge. What makes us different is how we combine advanced threat detection and rapid recovery with simplicity and ease of use. Our AI-powered solutions help organisations identify threats early, isolate incidents, and recover quickly, all while reducing complexity. In today's environment, where cyberattacks are becoming more frequent and more sophisticated, speed and reliability are essential. But we also recognise that technology alone is not enough. That is why we work closely with our customers to build security awareness, support their teams, and align with their long-term resilience goals. Cybersecurity is ultimately about protecting people, operations, and trust, and Cohesity is here to help organisations do exactly that.
FF News
11-07-2025
- Business
- FF News
Accenture and Microsoft Expand GenAI Cybersecurity Solutions
According to Accenture's State of Cyber Resilience 2025 report, the majority (90%) of organizations are not ready to protect against AI-augmented cyber threats. By combining Accenture's cybersecurity services, AI transformation expertise and industry experience with Microsoft's advanced security technologies, the companies are helping organizations protect against advanced threats through innovative cybersecurity offerings across four key areas. These include security operation center (SOC) modernization, automated data and AI security, security-centric cyber migration and consolidation, and enhanced identity and access management (IAM). 'Global cyber threats, now leveraging AI, are intensifying in speed, sophistication and scale. By adopting automation and gen AI solutions, organizations can reimagine their SecOps and outpace rising adversarial cyber threats,' said Paolo Dal Cin, global lead, Accenture Security. 'The combined power of Accenture and Microsoft will help clients future-proof against potential cyber threats, keep critical data secure and enhance business resilience. This expanded relationship signals to the industry that we can be stronger together.' The partnership combines Accenture's cyber skills with Microsoft's Security Copilot to make defences that can grow and learn across all industries. Accenture and Microsoft successfully completed a project with Nationwide Building Society (Nationwide), the world's largest building society with over 17 million customers in the UK, to build on its cybersecurity operations. Through a large-scale migration to Microsoft Sentinel, Nationwide achieved a streamlined, unified security infrastructure that accelerates cyber threat detection. Nationwide benefited from a gen AI security information and event management capability, co-developed by Accenture and Microsoft, that accelerated the migration of hundreds of terabytes of data. David Boda, chief security & resilience officer at Nationwide, said, 'In a dynamic and complex threat environment, it's important that we continue to build on our existing cybersecurity operations to stay ahead of the game. Accenture's support in our migration to Microsoft Sentinel has been invaluable to set us up for success. The use of generative AI to enable the migration allowed us to deliver the change more efficiently, in turn freeing up capacity for wider improvement activities.' The solutions Accenture and Microsoft are investing in co-developing include: SOC Modernization – Leveraging Microsoft Sentinel, Microsoft Defender and Accenture's Adaptive MxDR for Microsoft, this solution enhances threat visibility and strengthens response capabilities across hybrid environments. By integrating AI-driven tools like Microsoft Security Copilot, analysts can investigate threats faster, cut through alert noise and focus on what matters—reducing risk and improving SOC efficiency among security teams' limited staff and other resources. With the right combination of automation and intelligent tooling, organizations can boost SOC efficiency by up to 30% [1] , according to recent assessments. Leveraging Microsoft Sentinel, Microsoft Defender and this solution enhances threat visibility and strengthens response capabilities across hybrid environments. By integrating AI-driven tools like Microsoft Security Copilot, analysts can investigate threats faster, cut through alert noise and focus on what matters—reducing risk and improving SOC efficiency among security teams' limited staff and other resources. With the right combination of automation and intelligent tooling, organizations can boost SOC efficiency by up to 30% , according to recent assessments. Automated Data Protection and AI Security – Using Microsoft Purview and Accenture's data security framework, this solution automatically classifies and protects sensitive data across Microsoft 365—including SharePoint, Teams and Exchange. It supports regulatory compliance, reduces the risk of data exposure in generative AI use cases and enables secure collaboration at scale—critical in today's hybrid, AI-powered workplace. Using Microsoft Purview and Accenture's data security framework, this solution automatically classifies and protects sensitive data across Microsoft 365—including SharePoint, Teams and Exchange. It supports regulatory compliance, reduces the risk of data exposure in generative AI use cases and enables secure collaboration at scale—critical in today's hybrid, AI-powered workplace. Security-Centric Migration and Consolidation – Leveraging Microsoft's security suite, M365 E5 Security and integrated with Accenture's E5 Acceleration Playbook , this solution accelerates migration to modern platforms while streamlining operations and simplifying toolsets. By consolidating legacy security solutions and optimizing licensing, organizations can achieve between 35% to 50% cost savings , reduce vendor complexity and unlock the full value of Microsoft E5 [2] . Leveraging Microsoft's security suite, M365 E5 Security and integrated with , this solution accelerates migration to modern platforms while streamlining operations and simplifying toolsets. By consolidating legacy security solutions and optimizing licensing, organizations can achieve , reduce vendor complexity and unlock the full value of Microsoft E5 . Enhanced IAM – Powered by Microsoft Entra Suite, Accenture's enhanced IAM solutions accelerate the transformation of outdated Active Directory environments while augmenting workforce access management, enterprise identity governance and administration, and passwordless authentication. The result is better user experience, stronger security protection and simplified identity governance at scale, helping organizations achieve between 30% to 50% cost efficiencies through reduced infrastructure, licensing consolidation and helpdesk overhead[2]. 'We're proud to be shaping the future of cybersecurity alongside Accenture, combining their deep industry insights with the breadth and strength of Microsoft's security platform,' said Vasu Jakkal, corporate vice president of Microsoft Security. 'In today's fast-moving cyber threat landscape, organizations need solutions that simplify complexity and deliver end-to-end protection across on-premises and cloud environments. Security is a team sport–and together–Microsoft and Accenture are empowering customers with AI-driven, comprehensive solutions that help them stay ahead of evolving threats and unlock new levels of resilience.' Learn more about Accenture and Microsoft or find out more about the Nationwide project in this video here. With the Accenture Microsoft GenAI Cybersecurity expansion, both companies want to change the way businesses protect themselves from cyber threats by using smart, AI-enhanced protection.
Bloomberg
10-07-2025
- Politics
- Bloomberg
Iran Threat to Dissidents in UK on the Rise, Lawmakers Say
The threat posed by Iran to dissidents living in the UK has significantly increased in recent years, according to an influential panel of lawmakers who urged the British government to bolster cyber resilience and espionage capacity. From 2022 to August 2023, there were at least 15 attempts to murder or kidnap British nationals or UK-based individuals, Parliament's Intelligence and Security Committee warned Thursday in a key report. The panel warned that the risk of Iran carrying out physical attacks on individuals in Britain is now at its greatest level ever, and is comparable to the threat posed by Russia.
