News
Regulatory compliance and standard requirements
-
December 12, 2023
12
Dec'23
MoD fined after breach of Afghan staffers’ data put lives at risk
The MoD has been fined £350,000 by the ICO after an email blunder exposed data on Afghan nationals who had worked with British forces and were at risk of Taliban reprisals
-
December 12, 2023
12
Dec'23
Top IT predictions in APAC in 2024
Generative AI will continue to leave its mark on many areas in business and IT, along with other trends such as sustainability, cyber security and smart factories that are expected to shape the region’s technology landscape in 2024
-
December 11, 2023
11
Dec'23
Nordic governments join forces to protect data transfers
Nordic countries deepen their cooperation over cyber security amid heightened threat from neighbouring Russia
-
December 05, 2023
05
Dec'23
Operator of Sellafield nuclear facility denies hacking claims
The operator of the Sellafield nuclear site has denied allegations that senior managers covered up a series of cyber security lapses that enabled Chinese and Russian threat actors to compromise its networks
-
December 04, 2023
04
Dec'23
Rhysida ransomware gang hits hospital holding royal family’s data
Ransomware gang boasts of having stolen data on the royal family in an attack on a private London hospital
-
December 01, 2023
01
Dec'23
Report reveals sorry state of cyber security at UK football clubs
Football clubs up and down the country are putting staff, players and fans alike at risk through outdated attitudes to cyber security, according to a report
-
December 01, 2023
01
Dec'23
Lords committee urges caution on UK use of autonomous weapons
UK government must ensure proper democratic oversight of its development and use of AI-powered weapon systems, says Lords committee
-
November 28, 2023
28
Nov'23
Meta faces GDPR complaint over processing personal data without 'free consent'
Paid-for service means data protection is only available to those who can afford it, privacy group argues in data protection complaint
-
November 28, 2023
28
Nov'23
Scope of British Library data breach widens
Personal data on British Library users has appeared for sale on the dark web following a Rhysida ransomware attack, as the scope of the still-developing incident widens again
-
November 27, 2023
27
Nov'23
NCSC publishes landmark guidelines on AI cyber security
The NCSC and its US counterpart CISA have brought together tech companies and governments to countersign a new set of guidelines aimed at promoting a secure-by-design culture in AI development
-
November 23, 2023
23
Nov'23
North Korean APTs go all in on supply chain attacks, warns NCSC
Threat actors linked to the North Korean regime are becoming more adept at targeting software supply chains in the service of their cyber attacks
-
November 23, 2023
23
Nov'23
Australia ups ante on cyber security
Australia’s new cyber security strategy will focus on building threat-blocking capabilities, protecting critical infrastructure and improving the cyber workforce, among other priorities
-
November 22, 2023
22
Nov'23
Palantir awarded NHS FDP data contract
NHS England has awarded a £330m, seven-year contract to US data specialist Palantir, prompting concerns from data privacy practitioners
-
November 20, 2023
20
Nov'23
IT not ready for AI, Pure Storage survey finds
Storage, compute and networking hardware won’t cope without upgrades, and that often means total IT infrastructure overhaul
-
November 17, 2023
17
Nov'23
Microsoft and Meta quizzed on AI copyright
Large language models are trained using vast amounts of public data – but do the hyperscalers comply with copyright laws?
-
November 16, 2023
16
Nov'23
Ransomware gang grasses up uncooperative victim to US regulator
The ALPHV/BlackCat ransomware gang has added a new tactic to its playbook, going to ever more extreme lengths in search of a pay-off
-
November 13, 2023
13
Nov'23
Rogue state-aligned actors are most critical cyber threat to UK
The prospect of rogue nation-state-aligned attackers bringing down the UK’s critical infrastructure is keeping the NCSC up at night
-
November 13, 2023
13
Nov'23
Victims’ legal action over 2015 Carphone Warehouse breach moves forward
A class action against Currys Retail over the 2015 data breach of Carphone Warehouse customers has been granted permission to move forward in the courts
-
November 13, 2023
13
Nov'23
ICO alerted after technical ‘issue’ exposed college files to student barristers
A training college for barristers has reported a data breach that left sensitive data on hundreds of current and former students accessible to other trainees
-
November 10, 2023
10
Nov'23
UN disarmament body calls for global action on autonomous weapons
UN draft resolution highlighting the dangers of autonomous weapons passes with overwhelming majority
-
November 09, 2023
09
Nov'23
The Security Interviews: Why cyber needs to integrate better
Cyber security is an intensely technical field, but we shouldn’t ignore the soft skills of communication and collaboration. Wipro’s Tony Buffomante explains why a robust security posture is dependent on a security team engaging with the wider ...
-
November 08, 2023
08
Nov'23
Data-sharing management gap highlights cyber risk, says report
Organisations are struggling to secure their use of communications tools to share data with third-party partners and suppliers, and in the process are exposing themselves to heightened levels of risk, according to a report
-
November 08, 2023
08
Nov'23
King’s Speech misses the mark on cyber law reform, says campaign
A group of activists who want to reform the UK’s computer misuse laws to protect bona fide cyber pros from prosecution have been left disappointed by a lack of legislative progress
-
November 08, 2023
08
Nov'23
The Security Interviews: ISC2’s Clar Rosso on cyber diversity and policy
Computer Weekly catches up with ISC2 CEO Clar Rosso to talk about diversifying the cyber workforce and supporting cyber pros as they keep up with growing compliance and security policy demands
-
November 06, 2023
06
Nov'23
How Trellix’s CISO keeps threat actors at bay
Trellix’s chief information security officer, Harold Rivas, outlines how the company mitigates security threats through containment and by helping security analysts to respond faster to cyber incidents
-
November 02, 2023
02
Nov'23
EU digital ID reforms should be ‘actively resisted’, say experts
Over 300 cyber security experts have called for the EU to rethink its proposals for eIDAS digital identity reforms, saying some of the provisions risk damaging user privacy and security
-
November 01, 2023
01
Nov'23
Darktrace CEO Poppy Gustafsson on her AI Safety Summit goals
As the AI Safety Summit at Bletchley Park takes place, Computer Weekly caught up with Darktrace CEO Poppy Gustafsson to find out what one of the UK’s most prominent AI advocates wants from proceedings
-
October 31, 2023
31
Oct'23
British Library falls victim to cyber attack
The British Library is experiencing a major IT outage following a cyber incident of an undisclosed nature
-
October 31, 2023
31
Oct'23
SEC sues SolarWinds, alleging serious security failures
SolarWinds and its CISO have been charged with fraud and internal control failures by the US authorities amid allegations of a series of cyber security failings leading up to the 2020 Sunburst attacks
-
October 27, 2023
27
Oct'23
Domestic abuse charities surface fresh worries over NHS data sharing
With new NHS data access options coming into effect at the end of October, a group of campaigners including womens' charities and the BMA have warned that the revived GP-patient data sharing scheme risks putting vulnerable people at risk
-
October 27, 2023
27
Oct'23
Germany: European Court opinion kicks questions over EncroChat back to national courts
Germany lawfully obtained data on German EncroChat users from France, but whether the evidence is legally admissible is a matter for national courts
-
October 26, 2023
26
Oct'23
Sunak sets scene for upcoming AI Safety Summit
Prime minister Rishi Sunak has outlined how the UK will approach making AI safe, but experts say there is still too big a focus on catastrophic but speculative risks over real harms the technology is already causing
-
October 25, 2023
25
Oct'23
UK Finance paints mixed picture of fraud as losses top £500m
UK losses to fraud in the first six months of the year topped £500m, but a slight decline in overall crime rates was observed, according to UK Finance’s latest data
-
October 24, 2023
24
Oct'23
Research team tricks AI chatbots into writing usable malicious code
Researchers at the University of Sheffield have demonstrated that so-called Text-to-SQL systems can be tricked into writing malicious code for use in cyber attacks
-
October 19, 2023
19
Oct'23
Nuclear regulator raps EDF over cyber compliance
The Office for Nuclear Regulation says EDF has come up short on needed measures to improve cyber security standards at several critical UK nuclear facilities
-
October 19, 2023
19
Oct'23
Sellafield local authority unsure if data was stolen six years on from North Korea ransomware attack
Senior managers at an ‘Achilles heel’ local authority for Europe’s biggest nuclear site ‘still don’t know what was lost’ in a 2017 cyber attack, according to a council source
-
October 12, 2023
12
Oct'23
Scottish biometrics watchdog outlines police cloud concerns
Police Scotland’s response to the biometrics commissioner’s formal information notice ‘did not ameliorate’ his concerns about the sovereignty and security of the sensitive biometric information being uploaded to cloud infrastructure that is subject ...
-
October 10, 2023
10
Oct'23
MGM faces £100m loss from cyber attack on its casinos
MGM Resorts has provided further details on the fallout of the hack targeting its casinos in early September, confirming that a range of personal information has been stolen and that it will likely cost the firm around $100m
-
October 05, 2023
05
Oct'23
Policing minister wants to use UK passport data in facial recognition
The policing minister’s plans to integrate the UK’s passport database with police facial-recognition systems have been met with criticism from campaigners, academics, and the biometrics commissioner for England and Wales
-
October 04, 2023
04
Oct'23
Lloyds Bank launches digital identity app
Lloyds Bank has launched a digital identity app with tech startup Yoti, after it invested £10m in the firm
-
October 03, 2023
03
Oct'23
Cyber experts urge EU to rethink vulnerability disclosure plans
The European Union’s proposed cyber security vulnerability disclosure measures are well-intentioned but ultimately counterproductive, as making unmitigated vulnerabilities public knowledge increases the risk of their exploitation by various actors, ...
-
October 03, 2023
03
Oct'23
CIISec scores DSIT funding to expand successful CyberEPQ scheme
DSIT has committed to enhanced funding to expand CIISec’s CyberEPQ education programme after recording excellent results to date
-
September 28, 2023
28
Sep'23
Strasbourg court condemns Turkey for jailing teacher for using ByLock encrypted messaging app
The case is expected to have implications for the use of digital evidence in prosecutions against users of other encrypted phone apps
-
September 28, 2023
28
Sep'23
Yahoo picks Intigriti to run crowdsourced bug bounty programme
Digital media brand Yahoo is setting up a crowdsourced bug bounty programme with ethical hacking specialist Intigriti, and is reaching out to the Capture the Flag community to participate
-
September 26, 2023
26
Sep'23
Cover-ups still the norm in the wake of a cyber incident
Almost half of organisations that have experienced a cyber incident did not report it to the appropriate authorities, according to a report
-
September 22, 2023
22
Sep'23
UK-US data bridge to open to traffic on 12 October
Government forges ahead with the implementation of the UK-US data bridge, which will come into effect for real just under three weeks from now
-
September 21, 2023
21
Sep'23
Poor digital experience a blocker for cyber resilience
Organisations that neglect the digital employee experience are not only vulnerable to employee attrition, but putting themselves at increased cyber risk, an Ivanti report finds
-
September 20, 2023
20
Sep'23
Parliament passes sweeping Online Safety Bill but tech companies still concerned over encryption
Ofcom will consult on standards to enforce new powers, but tech companies remain concerned about the impact of the bill’s ‘spy clause’, which could require them to scan encrypted messages
-
September 19, 2023
19
Sep'23
Braverman puts pressure on Meta to pause end-to-end encryption plans
The home secretary is calling on Meta to halt its plans to introduce encrypted messaging services on Facebook and Instagram until the company puts measures in place to detect abuse
-
September 19, 2023
19
Sep'23
New revelations from the Snowden archive surface
A decade after Snowden exposed NSA’s mass surveillance in cooperation with the British GCHQ, only about 1% of the documents have been published – but three major facts can finally be revealed thanks to a doctoral thesis in applied cryptography by ...