News

Business continuity planning

• July 16, 2025 16 Jul'25

  Scattered Spider playbook evolving fast, says Microsoft

  Microsoft warns users over notable evolutions in Scattered Spider’s attack playbook, and beefs up some of the defensive capabilities it offers to customers in response

• July 15, 2025 15 Jul'25

  Current approaches to patching unsustainable, report says

  Organisations are struggling to prioritise vulnerability patching appropriately, leading to situations where everything is a crisis, which helps nobody, according to a report

• July 15, 2025 15 Jul'25

  Datadog doubles down on APAC, targets faster growth

  The observability tools supplier is executing a multi-year growth plan for Asia-Pacific and Japan, focusing on data residency, localisation and AI-driven observability to grow its market share

• July 14, 2025 14 Jul'25

  Brits clinging to Windows 10 face heightened risk, says NCSC

  Businesses and consumers alike may not feel the need to upgrade to Windows 11 as its predecessor approaches end-of-life, but they are putting their own security at risk, says the NCSC

• July 11, 2025 11 Jul'25

  MoD supply chain cyber scheme gets up and running

  The Ministry of Defence and IASME have launched a certification scheme for organisations working in the UK defence supply chain, with construction firm Morgan Sindall the first business to achieve compliance

• July 10, 2025 10 Jul'25

  Government funding to help SMEs protect their IP

  Scheme will see SMEs and innovative startups working in sensitive sectors receive advice on enhancing cyber and physical security measures to protect their valuable intellectual property

• July 09, 2025 09 Jul'25

  Qantas details impact of data breach on 5.7 million customers

  Australian flag carrier begins notifying millions of individuals after a cyber attack on a call centre, confirming that while financial and passport details are safe, a significant volume of other personal information was compromised

• July 08, 2025 08 Jul'25

  SEC and SolarWinds to settle lawsuit over 2020 breach

  The US SEC and SolarWinds have reached a settlement in principle to resolve litigation over alleged security failings that led to the 2020 compromise of the supplier’s Orion platform by Russian cyber spies

• July 07, 2025 07 Jul'25

  Digital warfare is blurring civilian front lines

  Singapore’s defence cyber chief warns that the traditional lines between military conflict and civilian life are blurring, with adversaries now targeting civilian systems and using AI to put the threat landscape on steroids

• July 02, 2025 02 Jul'25

  US CISA agency extends Iran cyber alert, warns of CNI threat

  The US Cybersecurity and Infrastructure Security Agency reiterates guidance for operators of critical national infrastructure as it eyes the possibility of cyber attacks from Iran

• July 02, 2025 02 Jul'25

  Dutch study uncovers cognitive biases undermining cyber security board decisions

  Dutch research reveals how cognitive biases can lead to catastrophic security decisions

• June 27, 2025 27 Jun'25

  Citrix Bleed 2 under active attack, reports suggest

  Days after news emerged of a Citrix NetScaler flaw comparable in its scope and severity to 2023’s infamous Citrix Bleed, there are already clear indicators that threat actors are taking advantage of the critical vulnerability

• June 24, 2025 24 Jun'25

  UK ransomware costs significantly outpace other countries

  UK organisations hit by ransomware attacks paid much higher ransoms than in other countries over the past 12 months, according to study

• June 23, 2025 23 Jun'25

  Widening Middle Eastern war increases cyber risk

  With the entry of the US into the widening Middle Eastern conflict, cyber risk is likely to increase across the board

• June 20, 2025 20 Jun'25

  Cyber Essentials certifications rising slowly but steadily

  The number of businesses attaining the NCSC Cyber Essentials certification continues to increase, but much more can be done to raise awareness of the scheme

• June 20, 2025 20 Jun'25

  M&S, Co-op attacks a ‘Category 2 cyber hurricane’, say UK experts

  The UK’s Cyber Monitoring Centre has published its first in-depth assessment of a major incident, reflecting on the impact of and lessons learned from Scattered Spider attacks on M&S and Co-op

• June 17, 2025 17 Jun'25

  Cyber action plan kicks off to ‘supercharge’ UK security sector

  UK government says its cyber growth action plan will provide a large boost to Britain’s security industry as it sets out to create a roadmap for future growth

• June 17, 2025 17 Jun'25

  Scattered Spider widens web to target insurance sector

  Following a series of high-profile attacks on prominent retailers and consumer brands, the Scattered Spider cyber crime collective appears to be expanding its targeting to the insurance sector

• June 11, 2025 11 Jun'25

  NHS IT the big winner in Reeves’ Spending Review

  The chancellor of the exchequer has significantly upped spending on digital and technology initiatives in the current Spending Review period, with the NHS receiving a 50% tech funding increase

• June 11, 2025 11 Jun'25

  June Patch Tuesday brings a lighter load for defenders

  Barely 70 vulnerabilities make the cut for Microsoft’s monthly security update, but an RCE flaw in WEBDAV and an EoP issue in Windows SMB Client still warrant close attention

• June 11, 2025 11 Jun'25

  Cyber Bill at risk of becoming a missed opportunity, say MPs

  An APPG report warns that the government’s flagship cyber security legislation is too narrow in its scope and risks missing opportunities to embed resilience at the heart of the British economy

• June 04, 2025 04 Jun'25

  Put ROCs before SOCs, Qualys tells public sector

  Putting risk operations before security operations may help government agencies and other public sector bodies better manage the myriad threats they face, and make better decisions for the security of all

• June 04, 2025 04 Jun'25

  NCSC sets out how to build cyber safe cultures

  The UK’s National Cyber Security Centre has published guidance for security teams and leaders on how to foster accessible and appropriate cyber security cultures in their organisations

• June 04, 2025 04 Jun'25

  Microsoft outlines three-pronged European cyber strategy

  Microsoft chair Brad Smith outlines an expansive cyber programme targeting governments across Europe with enhanced threat intelligence and support

• June 04, 2025 04 Jun'25

  Infosecurity 2025: SMEs feel on their own in the face of cyber attacks

  Project findings to be presented at Infosecurity Europe 2025 highlight vulnerability of SMEs to cyber attack

• May 30, 2025 30 May'25

  Dutch businesses lag behind in cyber resilience as threats escalate

  The Netherlands is facing a growing cyber security crisis, with a staggering 66% of Dutch businesses lacking adequate cyber resilience, according to academic research.  

• May 21, 2025 21 May'25

  M&S cyber attack disruption likely to last until July

  M&S says it has moved into recovery mode after a ransomware attack, but expects some disruption to persist throughout the coming weeks

• May 21, 2025 21 May'25

  NCSC: Russia’s Fancy Bear targeting logistics, tech organisations

  The NCSC and its partner agencies have blown the whistle on an extensive campaign of malicious cyber attacks orchestrated by the Russian state Fancy Bear operation

• May 21, 2025 21 May'25

  Ransomware attacks dropped by a third last month

  Reported ransomware attacks eased off during April following a dramatic spike in the first quarter of 2025

• May 20, 2025 20 May'25

  Retail cyber attacks hit food distributor Peter Green Chilled

  Cold chain services provider Peter Green Chilled, which supplies the likes of Aldi, Sainsbury’s and Tesco, has been forced to halt operations after succumbing to a ransomware attack

• May 16, 2025 16 May'25

  The Security Interviews: David Faugno, 1Password

  David Faugno, co-CEO of 1Password, discusses how his background led to him joining the company and why maintaining profitability is a key factor in overcoming the challenges of switching markets.

• May 15, 2025 15 May'25

  NHS asks suppliers to sign up to cyber covenant

  NHS digital and security leaders call on their suppliers to commit to a cyber security charter as the health service works to improve its resilience in the face of growing threat levels

• May 14, 2025 14 May'25

  Scattered Spider retail attacks spreading to US, says Google

  Google’s threat intel analysts are aware of a number of in-progress cyber attacks against US retailers linked to the same Scattered Spider gang that supposedly attacked M&S and Co-op in the UK

• May 13, 2025 13 May'25

  May Patch Tuesday brings five exploited zero-days to fix

  Microsoft fixes five exploited, and two publicly disclosed, zero-days in the fifth Patch Tuesday update of 2025

• May 13, 2025 13 May'25

  M&S forces customer password resets after data breach

  M&S is instructing all of its customers to change their account passwords after a significant amount of data was stolen in a DragonForce ransomware attack

• May 08, 2025 08 May'25

  Government will miss cyber resiliency targets, MPs warn

  A Public Accounts Committee report on government cyber resilience finds that the Cabinet Office has been working hard to improve, but is likely to miss targets and needs a fundamentally different approach

• May 08, 2025 08 May'25

  US tells CNI orgs to stop connecting OT kit to the web

  US authorities have released guidance for owners of critical national infrastructure in the face of an undisclosed number of cyber incidents

• May 07, 2025 07 May'25

  Europe leads shift from cyber security ‘headcount gap’ to skills-based hiring

  Research from Sans Institute reveals European organisations are leading a global shift in hiring priorities, driven by regional regulatory frameworks

• May 07, 2025 07 May'25

  Oxford Uni adds cyber resilience module to MBA programme

  Oxford University’s Saïd Business School is working with cyber response specialist Sygnia to help future business leaders get on top of security

• May 02, 2025 02 May'25

  Retail cyber crime spree a ‘wake-up call’, says NCSC CEO

  The National Cyber Security Centre confirms it is providing assistance to M&S, Co-op and Harrods as concerns grow among UK retailers

• May 01, 2025 01 May'25

  Co-op instructs staff to be wary of lurking hackers

  Co-op tells staff to stop using their VPNs and be wary that their communications channels may be being monitored, as a cyber attack on the organisation continues to develop

• April 30, 2025 30 Apr'25

  Current SaaS delivery model a risk management nightmare, says CISO

  JPMorgan Chase security chief Patrick Opet laments the state of SaaS security in an open letter to the industry and calls on software providers to do more to enhance resilience

• April 30, 2025 30 Apr'25

  Co-op shuts off IT systems to contain cyber attack

  A developing cyber incident at Co-op has forced the retailer to pull the plug on some of its IT systems as it works to contain the attack

• April 24, 2025 24 Apr'25

  Data breach class action costs mount up

  Organisations exposed to the US market paid out over $150m in class action settlements in just six months. Security leaders must do more to address cyber gaps, respond better to incidents and demonstrate compliance

• April 24, 2025 24 Apr'25

  March ransomware slowdown probably a red herring

  An apparent slowdown in ransomware attack volumes is raising eyebrows, but the statistics never tell the full story

• April 23, 2025 23 Apr'25

  Financially motivated cyber crime remains biggest threat source

  Mandiant’s latest annual threat report reveals data on how financially motivated cyber criminals, such as ransomware gangs, dominate the cyber security landscape

• April 23, 2025 23 Apr'25

  Amid uncertainty, Armis becomes newest CVE numbering authority

  Amid an uncertain future for vulnerability research, exposure management company Armis has been given the authority to assign CVE IDs to newly discovered vulnerabilities

• April 22, 2025 22 Apr'25

  Cyber ‘agony aunts’ launch guidebook for women in security

  Cyber ‘agony aunts’ Amelia Hewitt and Rebecca Taylor are launching a book aimed at empowering women in their cyber security careers

• April 17, 2025 17 Apr'25

  Tariff turmoil is making supply chain security riskier

  Many businesses around the world are taking the decision to alter their supplier mix in the face of tariff uncertainty, but in doing so are creating more cyber risks for themselves, according to a report

• April 16, 2025 16 Apr'25

  CISA extends Mitre CVE contract at last moment

  The US Cybersecurity and Infrastructure Security Agency has ridden to the rescue of the under-threat Mitre CVE Programme, approving a last-minute, 11-month contract extension to preserve the project’s vital security vulnerability work