News

Business continuity planning

• October 27, 2022 27 Oct'22

  NCSC’s Levy steps down after 20-year intelligence career

  NCSC technical director Ian Levy bids farewell, telling his successor: ‘Don’t panic’

• October 27, 2022 27 Oct'22

  NHS to get new national CISO

  The Department for Health and Social Care is seeking a new national CISO, who will be tasked with providing strategic cyber leadership, direction and expertise across DHSC and the wider NHS

• October 24, 2022 24 Oct'22

  Half of staff might quit after a cyber attack, report says

  Findings from a survey of CISOs, IT leaders and staffers reveal how experiencing a cyber incident may take a larger-than-thought toll on employee retention

• October 20, 2022 20 Oct'22

  The Security Interviews: Why now for ZTNA 2.0?

  With organisations facing escalating online threats, security teams need to improve their defences using zero-trust network access to preserve the integrity of their systems. Palo Alto Networks’ Simon Crocker shares his views on zero-trust network ...

• October 20, 2022 20 Oct'22

  Cyber professional shortfall hits 3.4 million

  Shortage of cyber security professionals continues to grow and shows no signs of abating, says report

• October 19, 2022 19 Oct'22

  Ransomware crews regrouping as LockBit rise continues

  Overall ransomware activity dropped off in the third quarter of 2022, but increasing attack volumes in September may herald a difficult few months ahead

• October 19, 2022 19 Oct'22

  Treat cyber crime as a ‘strategic threat’, UK businesses told

  The government’s new National Cyber Advisory Board aims to help elevate cyber discussion and spur action in the business community

• October 14, 2022 14 Oct'22

  Annual costs of Hackney ransomware attack exceed £12m

  Hackney Council reveals new insight into the ongoing cost of a ransomware attack that devastated its systems two years ago

• October 14, 2022 14 Oct'22

  Advanced: Healthcare data was stolen in LockBit 3.0 attack

  Advanced has revealed a total of 16 of its health and social care sector customers had their data exfiltrated in a recent ransomware attack

• October 13, 2022 13 Oct'22

  Gartner: Remote work, zero trust, cloud still driving cyber spend

  Security leaders are eager to spend on categories including remote and hybrid cyber offerings, zero-trust network access, and cloud

• October 12, 2022 12 Oct'22

  NCSC urges organisations to secure supply chains

  NCSC’s latest guidance package centres supply chain security, helping medium to large organisations assess and mitigate cyber risks from suppliers

• October 12, 2022 12 Oct'22

  Microsoft fixes lone zero-day on October Patch Tuesday

  Microsoft patched a solitary zero-day vulnerability in its latest monthly drop, but fixes for two others disclosed in the past few weeks are nowhere to be seen

• October 10, 2022 10 Oct'22

  Ukraine and EU explore deeper cyber collaboration

  A Ukrainian delegation has met with officials from the EU’s ENISA cyber agency to explore deeper cooperation on cyber security issues

• September 29, 2022 29 Sep'22

  Failure of Russia’s cyber attacks on Ukraine is most important lesson for NCSC

  Russia has so far failed in its attempts to destabilise Ukraine through cyber attacks due to strength of Ukrainian, security industry and international efforts

• September 22, 2022 22 Sep'22

  Nordic private equity firms pursue cyber security acquisitions

  Increasing interest in the security sector from Nordic private equity firms is a reflection of growing threats and increasing enterprise security budgets

• September 22, 2022 22 Sep'22

  Dr Martens goes feetfirst into cloud-to-cloud backup

  Iconic bootmaker laces up for a strategy to move all applications to the cloud, beginning with cloud-to-cloud backup for Microsoft 365 apps plus on-site VMware operations

• September 21, 2022 21 Sep'22

  ANZ organisations using antiquated backup and recovery systems

  Nearly half of ANZ organisations are still using backup and recovery systems from over a decade ago, hampering their ability to protect their data assets and recover from ransomware attacks

• September 20, 2022 20 Sep'22

  Thousands of customers affected in Revolut data breach

  Digital challenger bank has warned its customers to be vigilant after their data was exposed in a cyber attack

• September 16, 2022 16 Sep'22

  Six new vulnerabilities added to CISA catalogue

  CISA adds six new vulnerabilities to its most-wanted list, including one that dates back to 2010

• September 15, 2022 15 Sep'22

  Nominations closing soon for annual cyber awards

  Nominations for the annual Security Serious Unsung Heroes Awards closes 16 September

• September 15, 2022 15 Sep'22

  New player pioneers ‘active cyber insurance’ for UK market

  Arrival of US-based insurer Coalition in London will supposedly offer SMEs more options when it comes to cyber security insurance

• September 15, 2022 15 Sep'22

  Organisations failing to account for digital trust

  The vast majority of businesses are well aware of the importance of digital trust, yet very few have a dedicated staff role responsible for it, report finds

• September 14, 2022 14 Sep'22

  FormBook knocks Emotet off top of malware chart

  FormBook emerged as the most widely seen malware in August, according to Check Point’s latest data

• September 14, 2022 14 Sep'22

  Ex-CISA head Krebs: Disrupt ransomware support networks to win the war

  Speaking at an event hosted by data protection specialist Rubrik, former CISA director Chris Krebs calls for the security community to work collectively to kick out the supports from under ransomware gangs

• September 13, 2022 13 Sep'22

  Cloud compromise a doddle for threat actors as victims attest

  Two separate studies into the state of public cloud security reveal insight into the ease with which threat actors can compromise vast numbers of targets, and some of the challenges security teams are facing in the cloud

• September 12, 2022 12 Sep'22

  Mandiant floats off into Google Cloud

  As planned, the acquisition of Mandiant will see the threat intel and incident response giant become a part of Google’s Cloud business

• September 12, 2022 12 Sep'22

  CISOs should spend on critical apps, cloud, zero-trust, in 2023

  Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts

• September 08, 2022 08 Sep'22

  NCSC CyberUK event heads to Belfast in 2023

  National Cyber Security Centre’s annual CyberUK roadshow is crossing the Irish Sea to Belfast in April 2023

• September 08, 2022 08 Sep'22

  Dutch cyber security organisations to join forces

  Cyber security organisations in the Netherlands are going to merge into a single central expertise centre and information hub, which all organisations in the country will soon be able to tap into

• September 07, 2022 07 Sep'22

  Prince’s Trust teams with threat management specialist in skills push

  Prince’s Trust hopes to address shortfall in cyber professionals and improve diversity in the industry

• September 07, 2022 07 Sep'22

  Cyber threats to Europe’s grid: Utilities rethink strategy

  The separation of operational and information technology at utilities across Europe is opening doors for cyber criminals

• September 06, 2022 06 Sep'22

  Saudi Arabian organisations choose to outsource to improve cyber security posture

  Overwhelmed by rising threats and a growing number of government mandates, many organisations in Saudi Arabia are looking for outside help to take care of cyber security

• September 01, 2022 01 Sep'22

  Local authorities experience 10,000 attempted cyber attacks every day

  Local authorities across the UK face a daily deluge of cyber incidents, with phishing and DDoS attacks the most prevalent, according to an insurance broker

• August 31, 2022 31 Aug'22

  NHS staff fall further behind amid ransomware attack

  While some NHS bodies are now recovering their services after the ransomware attack on a crucial software supplier, others are still being forced to rely on pen and paper, and some will be waiting months to recover

• August 30, 2022 30 Aug'22

  UK government presses on with new cyber rules for telcos

  Government has finalised new security rules for telecoms companies and will move to make them binding in the near future

• August 23, 2022 23 Aug'22

  NCSC shares cyber guidance for large infrastructure builds

  Balfour Beatty and McAlpine are among the large construction firms to have input into latest NCSC guidance for ensuring the security of major infrastructure projects

• August 22, 2022 22 Aug'22

  Lloyd’s to end insurance coverage for state cyber attacks

  Lloyd’s of London has instructed its members to exclude nation state cyber attacks from insurance policies beginning in 2023, saying they pose unacceptable levels of risk

• August 18, 2022 18 Aug'22

  It takes a breach to force boards to take notice of cyber, says UK government

  Too often, it takes a major incident for business leadership to pay attention to cyber issues, according to a government-commissioned study of victims

• August 16, 2022 16 Aug'22

  South Staffs Water is victim of botched Clop attack

  South Staffordshire Water moves to reassure customers that their supplies remain safe after its attackers screw up their initial assault

• August 16, 2022 16 Aug'22

  Why organisations need to harmonise their CIO and CISO roles

  Unless properly managed, conflicting responsibilities between the chief information officer and the chief information security officer can cause project delays and budget overruns, says Netskope’s Mike Anderson

• August 12, 2022 12 Aug'22

  Microsoft doles out $13.7m in bug bounties

  Microsoft’s Bug Bounty programme has paid a total of $13.7m to more than 300 researchers in almost 50 countries

• August 12, 2022 12 Aug'22

  How critical infrastructure operators can secure OT data

  Cohesity’s CISO discusses the challenges of securing data in operational technology systems and what can be done to mitigate security threats

• August 11, 2022 11 Aug'22

  NHS may take a month to recover from supply chain attack

  Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations

• August 10, 2022 10 Aug'22

  Microsoft fixes two-year-old MSDT vulnerability in August update

  August’s Patch Tuesday drop fixes more than 120 CVEs, including another MSDT RCE zero-day that is being actively exploited.

• August 10, 2022 10 Aug'22

  ‘Coopetition’ a growing trend among ransomware gangs

  Sophos shares data from its new X-Ops unit at Black Hat in Las Vegas, revealing a growing number of ransomware victims being attacked by multiple gangs at the same time

• August 09, 2022 09 Aug'22

  Cyber insurance getting harder to obtain

  Organisations looking to shore up their security postures face more and more barriers to obtaining cyber insurance

• August 08, 2022 08 Aug'22

  NHS recovering key services after attack on supplier

  Incident at software provider Advanced took out multiple NHS services before the weekend, including the 111 advice service

• August 05, 2022 05 Aug'22

  Reliance on PSN may have exacerbated cyber attack impact

  As it seeks a new supplier to reinvigorate the migration away from the Public Services Network, the Cabinet Office says relying on the legacy network may be putting public sector bodies at heightened risk in cyber attacks

• August 04, 2022 04 Aug'22

  SBRC to administer NCSC training across Scotland

  The Scottish Business Resilience Centre has been awarded a £500,000 contract to extend cyber resilience training across more than 250 at-risk organisations

• August 03, 2022 03 Aug'22

  DrayTek patches SOHO router bug that left thousands exposed

  Network hardware supplier has fixed an unauthenticated RCE vulnerability in multiple routers in its Vigor line, after being alerted by Trellix researchers