News

IT governance

• October 31, 2025 31 Oct'25

  Cyber agencies co-sign Exchange Server security guide

  US and allied cyber agencies team up to try to nudge users to pay more attention to securing Microsoft Exchange Server

• October 30, 2025 30 Oct'25

  US senators seek to prohibit minors from using AI chatbots

  Two US senators have proposed legislation that would require AI chatbot companies to verify the ages of people using their chatbots, in attempt to limit their harmful effects on children

• October 30, 2025 30 Oct'25

  Microsoft CEO speaks of global cloud factory as Azure stalls

  Alongside Microsoft's posted cloud revenue of $49bn was a configuration error that caused a global outage affecting many customers

• October 29, 2025 29 Oct'25

  Rapid7: Cyber defences stuck in the 1980s as threats mount

  The company’s chief product officer notes that many defence tactics are still stuck in the past, urging organisations to adopt AI-driven security platforms to improve threat detection and response

• October 29, 2025 29 Oct'25

  Scope of US state-level privacy laws expands rapidly in 2025

  Nine state-level data protection laws have come into force in the US this year, and three more are slated for January 2026. Navigating this complex landscape is becoming a challenge

• October 28, 2025 28 Oct'25

  Effective cyber sanctions require a joined-up approach, says Rusi

  Calling out and sanctioning cyber threat actors can be an effective tool, but is not a universal panacea, and needs to be considered as part of a wider, strategic approach, say Rusi think tank analysts

• October 27, 2025 27 Oct'25

  LockBit 5.0 expands targeting amid ransomware escalation

  The LockBit RaaS operation is back in action, with technical features and expanded targeting, and is contributing to a steadily growing number of ransomware attacks

• October 24, 2025 24 Oct'25

  UK ramps up ransomware fightback with supply chain security guide

  Multinational guidance, developed by the UK and Singapore, is designed to help organisations reinforce their supply chain against ransomware attacks

• October 23, 2025 23 Oct'25

  Bereaved families call for public inquiry over suicide forum

  The Molly Rose Foundation and families bereaved by suicide claim Ofcom and government departments have not taken effective action to deal with a forum promoting suicide

• October 23, 2025 23 Oct'25

  Amid CISA cuts, US state launches first VDP

  Legislators in Annapolis, Maryland, have teamed up with Bugcrowd to launch a statewide vulnerability disclosure programme

• October 23, 2025 23 Oct'25

  Ministry of Justice’s OpenAI deal paves way to sovereign AI

  OpenAI has been busy signing deals with the UK government to bolster UK artificial intelligence. It’s now launching data residency for UK customers

• October 23, 2025 23 Oct'25

  Business leaders raise concerns over public cloud data sovereignty

  The unpredictable geopolitical climate is having an impact on IT strategies, a report from Kyndryl has found

• October 22, 2025 22 Oct'25

  Singapore unveils efforts to govern agentic AI, prepare for post-quantum era

  Guidelines and tools will help organisations in the city-state manage risks from AI agents and prepare for a future where quantum computers could break current encryption

• October 22, 2025 22 Oct'25

  Jaguar Land Rover attack to cost UK £1.9bn, say cyber monitors

  The UK's Cyber Monitoring Centre calculates the overall cost of the Jaguar Land Rover cyber attack will be almost two billion pounds

• October 20, 2025 20 Oct'25

  Microsoft admonished for role in facilitating Gaza genocide

  Following credible allegations that Microsoft Azure was being used to facilitate mass surveillance and lethal force against Palestinians, which prompted the company to suspend services to the Israeli military unit responsible, human rights ...

• October 16, 2025 16 Oct'25

  Microsoft identifies boardroom cyber awareness as a top priority

  Digital security report urges IT leaders to convince company boards that cyber security is a board-level problem

• October 15, 2025 15 Oct'25

  AI World: Oracle brings agents to bear on world of finance

  Oracle AI World has seen a host of new introductions, among them agentic capabilities for customer finance teams

• October 15, 2025 15 Oct'25

  Patch Tuesday: Windows 10 end of life pain for IT departments

  Windows 10 is no longer supported, but that does not mean it is not impacted by the latest Patch Tuesday update

• October 15, 2025 15 Oct'25

  China responsible for rising cyber attacks, says NCSC

  Ministers write to business leaders urging them to step up cyber security in wake of threats from ransomware and nation state-sponsored hackers

• October 09, 2025 09 Oct'25

  Warlock ransomware may be linked to Chinese state

  The operators of Warlock ransomware who exploited a set of SharePoint Server vulnerabilities earlier this year likely have some kind of link to the Chinese government, researchers claim

• October 08, 2025 08 Oct'25

  Teens arrested over Kido nursery hack

  London’s Met Police arrested two teenage boys in Hertfordshire on suspicion of involvement in the recent Kido nursery hack that saw the personal data of infants stolen and leaked

• October 08, 2025 08 Oct'25

  Qilin gang claims cyber attack on Japanese brewing giant

  The Qilin ransomware gang has claimed responsibility for a cyber attack that has halted brewing at Asahi Group Holdings, causing Japanese retailers to run low on beer

• October 07, 2025 07 Oct'25

  Alert over Medusa ransomware attacks targeting Fortra MFT

  Microsoft warns it is seeing potential mass exploitation of a Fortra GoAnywhere vulnerability by a threat actor linked to the Medusa ransomware-as-a-service operation.

• October 07, 2025 07 Oct'25

  The Security Interviews: David Bradbury, CSO, Okta

  Okta’s chief security officer talks security by default and explains why he thinks time is running out for the shared responsibility model

• October 06, 2025 06 Oct'25

  Oracle patches E-Business suite targeted by Cl0p ransomware

  Oracle pushes a patch for a dangerous zero-day under active exploitation by one of the most notorious ransomware gangs around

• October 06, 2025 06 Oct'25

  Police facial recognition trials show little evidence of benefits

  In-the-wild testing of police facial recognition systems has failed to generate clear evidence of the technology’s benefits, or to assess the full range of socio-technical impacts

• October 06, 2025 06 Oct'25

  Gartner: IT leaders need to prepare for GenAI legal issues

  GenAI is being embedded into enterprise software. This has implications for governance and regulatory compliance

• October 06, 2025 06 Oct'25

  UK government to consult on police live facial recognition use

  The UK’s policing minister has confirmed the government will consult on the use of live facial recognition by law enforcement before expanding its use throughout England, but so far, the technology has been deployed with minimal public debate or ...

• October 02, 2025 02 Oct'25

  Interview: Chris Belasco, chief data officer, City of Pittsburgh

  Building data pipelines – the ‘connective tissue’ – is helping to improve operations and deliver better public services in the City of Pittsburgh

• October 01, 2025 01 Oct'25

  US government shutdown stalls cyber intel sharing

  A key US law covering cyber security intelligence sharing has expired without an extension or replacement amid a total shutdown of the federal government, putting global security collaboration at risk.

• September 30, 2025 30 Sep'25

  Apple’s first iOS 26 security update fixes memory corruption flaw

  Apple issues an update for its brand new iOS 26 mobile operating system, fixing a potentially dangerous vulnerability affecting iPhones, iPads and other Mac devices

• September 30, 2025 30 Sep'25

  Cloud provider publishes ‘tech sovereignty’ plan for UK

  In the face of mounting data sovereignty concerns across Europe, UK cloud provider Civo lays out high-level plan for how the government can retain control and access of its data should the geopolitical situation sour

• September 30, 2025 30 Sep'25

  Harrods hackers start contacting customers

  Retailer Harrods has revealed that a number of customers whose data was stolen in a cyber attack have been contacted by the perpetrators

• September 29, 2025 29 Sep'25

  Harrods hit by second cyber attack in six months

  Data on approximately 430,000 Harrods shoppers was stolen in a third-party breach, but the cyber attack is not related to an earlier Scattered Spider incident, says the retailer

• September 29, 2025 29 Sep'25

  Interview: GitLab CTO on freeing developers for innovation with AI

  Sabrina Farmer explains how GitLab’s platform for the software development lifecycle is using artificial intelligence to help eliminate developer toil and drive innovation

• September 26, 2025 26 Sep'25

  Microsoft hides key data flow information in plain sight

  Microsoft’s own documentation confirms that data hosted in its hyperscale cloud architecture routinely traverses the globe, but the tech giant is actively obfuscating this vital information from its UK law enforcement customers

• September 26, 2025 26 Sep'25

  Okta CEO: AI security and identity security are one and the same

  At Oktane 2025 in Las Vegas, Okta CEO Todd McKinnon describes AI security and identity security as inseparable as he tees up a series of agentic security innovations

• September 24, 2025 24 Sep'25

  Internet shutdowns in Africa on upward trajectory

  A comparative analysis of internet shutdowns in African countries highlights how the tactic is increasingly used to repress dissent and political opposition, depriving millions of people and businesses access to vital digital tools that sustain ...

• September 24, 2025 24 Sep'25

  Oktane 2025: Okta takes aim at agentic AI governance gap

  Identity specialist Okta is laying the groundwork for a number of incoming announcements designed to help its customers get to grips with the challenge of securing non-human, agentic identities.

• September 23, 2025 23 Sep'25

  SolarWinds warns over dangerous RCE flaw

  A newly uncovered RCE flaw in SolarWinds’ helpdesk product bypasses two previously issued fixes, and users should prioritise updates as exploitation is likely to occur

• September 23, 2025 23 Sep'25

  ‘Our worst day’: The untold story of the Electoral Commission cyber attack

  As head of digital at The Electoral Commission, Andrew Simpson’s mettle was tested when threat actors gained access to the regulator’s email systems and accessed sensitive voter data. Three years on, he tells his story to Computer Weekly

• September 22, 2025 22 Sep'25

  Cyber attack that downed airport systems confirmed as ransomware

  Authorities in Europe say the cyber attack that caused disruption to passenger-facing services at multiple airports, including Heathrow, was the result of ransomware, as investigations continue

• September 19, 2025 19 Sep'25

  Government meets with car parts suppliers amid JLR cyber crisis

  Government officials have met with the Society of Motor Manufacturers and Traders to discuss the challenges they are facing amid disrupted production at Jaguar Land Rover

• September 19, 2025 19 Sep'25

  UK cyber action plan lays out path to resilience

  A report produced for the government by academics at Imperial College London and the University of Bristol sets out nine recommendations to strengthen the UK’s cyber sector

• September 17, 2025 17 Sep'25

  Heightened global risk pushes interest in data sovereignty

  Survey finds all those questioned have looked at data location, with most recognising the need to plan for data sovereignty or risk severe damage to reputation and customer trust

• September 17, 2025 17 Sep'25

  Microsoft scores win against Office 365 credential thieves

  Microsoft’s Digital Crimes Unit disrupts a major phishing-as-a-service operation that targeted and stole Office 365 usernames and credentials

• September 17, 2025 17 Sep'25

  NCC: How RaaS team-ups help Scattered Spider enhance its attacks

  Scattered Spider’s alliances with ransomware-as-a-service gangs act as a force multiplier for the scope, and number, of its cyber attacks, according to NCC Group analysts

• September 15, 2025 15 Sep'25

  ShinyHunters linked to breach of French luxury goods house

  Kering, the parent group of fashion houses including Balenciaga and Gucci, becomes the latest organisation to allegedly fall victim to ShinyHunters

• September 15, 2025 15 Sep'25

  Arqit to support NCSC’s post-quantum cryptography pilot

  Quantum specialist Arqit will provide specialised post-quantum migration planning services to organisations preparing to address the imminent risks to traditional cryptography

• September 15, 2025 15 Sep'25

  Forrester Technology & Innovation Summit preview: Digital sovereignty in the public cloud

  We look at how IT leaders need to balance data access, data residency and data sovereignty