News

IT governance

• August 06, 2025 06 Aug'25

  Companies House ID verification to start in November 2025

  Companies House plans to start vetting director identities from mid-November, but its reliance on the troubled One Login digital identity service may be cause for concern

• August 06, 2025 06 Aug'25

  NCSC updates CNI Cyber Assessment Framework

  Updates to the NCSC’s Cyber Assessment Framework are designed to help providers of critical services better manage their risk profiles

• August 06, 2025 06 Aug'25

  Australian scaleup to bring AI-led data protection to the MoD

  The UK’s Ministry of Defence is embracing AI-led data protection in the wake of a major privacy breach, enlisting Australian cyber firm Castlepoint Systems to oversee sensitive records

• August 05, 2025 05 Aug'25

  Attacker could defeat Dell firmware flaws with a vegetable

  Cisco Talos discloses five vulnerabilities in cyber security firmware used on Dell Latitude and Precision devices, including one that could enable an attacker to log on with a spring onion

• August 05, 2025 05 Aug'25

  How StanChart balances AI-powered innovation with security

  Alvaro Garrido, Standard Chartered’s technology and security chief, explains how multi-layered defences and its approach to data protection allows the bank to embrace artificial intelligence without compromising on security

• August 04, 2025 04 Aug'25

  Black Hat USA: Halcyon and Sophos tag-team ransomware fightback

  Ransomware experts Halcyon and Sophos are to pool their expertise in ransomware, working together to enhance data- and intelligence-sharing and bringing more comprehensive protection to customers

• August 04, 2025 04 Aug'25

  Proliferation of on-premise GenAI platforms is widening security risks

  Research finds increased adoption of unsanctioned generative artificial intelligence platforms is magnifying risk and causing a headache for security teams

• August 01, 2025 01 Aug'25

  Met Police to double facial recognition use amid budget cuts

  The UK’s largest police force is massively expanding its use of live facial recognition technology as it prepares to lose 1,700 officers and staff

• August 01, 2025 01 Aug'25

  Securing agentic identities focus of Palo Alto’s CyberArk buy

  Palo Alto Networks is entering the identity security space with a multibillion-dollar acquisition, and plans to address growing concerns around protecting identities associated with AI agents

• August 01, 2025 01 Aug'25

  Microsoft, DISG launch AI agent accelerator programme

  Microsoft and DISG’s programme will provide cloud credits, training and tools to local businesses as part of a national push to create ‘frontier firms’ where humans work alongside autonomous AI agents

• July 31, 2025 31 Jul'25

  ServiceNow targets ‘data hell’, eyes BI play

  The workflow giant is building a data foundation for agentic AI and eyeing a slice of the business intelligence and analytics market

• July 30, 2025 30 Jul'25

  UK flights suspended after air traffic control outage

  Flights arriving and departing from the UK were disrupted by an outage affecting technical systems at air traffic control body NATS’ Swanwick facility

• July 30, 2025 30 Jul'25

  Scattered Spider tactics continue to evolve, warn cyber cops

  CISA, the FBI, NCSC and others have clubbed together to update previous guidance on Scattered Spider's playbook, warning of new social engineering tactics and exploitation of legitimate tools, among other things

• July 30, 2025 30 Jul'25

  MS Authenticator users face passkey crunch time

  The deadline for moving to passkeys in Microsoft Authenticator is rapidly approaching, and users are advised to take action now

• July 30, 2025 30 Jul'25

  AI-enabled security pushes down breach costs for UK organisations

  Organisations that are incorporating AI and automation into their cyber security practice are seeing improved outcomes when incidents occur, according to an IBM study

• July 30, 2025 30 Jul'25

  International AI Alignment effort tackles unpredictability

  Given AI systems are probabilistic, a group of international experts are collaborating to ensure such systems operate in the best interest of society

• July 29, 2025 29 Jul'25

  European Commission ignores calls to reassess Israel data adequacy

  The European Commission is ignoring calls to reassess Israel’s data adequacy status in spite of concerns raised about its data protection framework and use of personal data in ‘repressive practices’

• July 29, 2025 29 Jul'25

  Global cyber spend will top $200bn this year, says Gartner

  Worldwide spending on cyber security will hit another record high in 2025, and will go higher still next year

• July 24, 2025 24 Jul'25

  US seeks ‘unquestioned’ AI dominance

  US AI action plan sets out aims to expand American dominance in the world of artificial intelligence

• July 24, 2025 24 Jul'25

  SharePoint users hit by Warlock ransomware, says Microsoft

  Microsoft’s security analysts confirm a number of cyber attacks on on-premise SharePoint Server users involve ransomware

• July 24, 2025 24 Jul'25

  Scattered Spider victim Clorox sues helpdesk provider

  Cleaning products manufacturer Clorox fell victim to a Scattered Spider social engineering attack two years ago – it blames its IT helpdesk provider, Cognizant

• July 24, 2025 24 Jul'25

  Monzo’s £21m fine highlights banks’ cyber security failures

  Monzo’s recent fine over failings in its customer verification processes highlights wider security and privacy shortcomings in the personal finance world

• July 24, 2025 24 Jul'25

  ServiceNow tackles ‘sidecar AI’ chaos with agentic workforce strategy

  ServiceNow unveils agentic workforce strategy to orchestrate autonomous AI agents across business processes to help organisations avoid the complexity and problems with managing disconnected applications

• July 22, 2025 22 Jul'25

  Microsoft confirms China link to SharePoint hacks

  Microsoft confirms two known China-nexus threat actors, and one other suspected state-backed hacking group, are exploiting vulnerabilities in SharePoint Server

• July 22, 2025 22 Jul'25

  Chinese cyber spies among those linked to SharePoint attacks

  Exploitation of the ToolShell RCE zero-day in Microsoft SharePoint continues to gather pace, with evidence emerging of exploitation by nation state-backed threat actors

• July 22, 2025 22 Jul'25

  UK government to bring in ransomware payment ban

  Critical infrastructure operators, hospitals, local councils and schools will be among those banned from giving in to cyber criminal demands as the UK moves forward with proposals to address the scourge of ransomware

• July 22, 2025 22 Jul'25

  Interview: How OpenAI is making ChatGPT public and private sector-ready

  We speak to OpenAI’s solution engineering lead, Matt Weaver, about enterprise adoption and making ChatGPT secure

• July 22, 2025 22 Jul'25

  The Bank of England’s quiet ‘Big Bang’

  The Bank of England has completed its generational project to replace part of the UK’s critical infrastructure, which went unnoticed beyond the sector it underpins

• July 21, 2025 21 Jul'25

  Darktrace buys network visibility specialist Mira

  AI cyber giant Darktrace buys network security firm Mira for an undisclosed sum, seeking to enhance the tech stack it offers to highly regulated sectors

• July 21, 2025 21 Jul'25

  Patch ToolShell SharePoint zero-day immediately, says Microsoft

  The active exploitation of a dangerous zero-day vulnerability chain in Microsoft SharePoint – which was disclosed over the weekend – is underway. Immediate action is advised

• July 21, 2025 21 Jul'25

  The Security Interviews: Jason Nurse, University of Kent

  Jason Nurse, reader in cyber security at the University of Kent, discusses the psychological side of cyber and online safety, why placing blame on users as ‘the weakest link’ is wrong – and why security pros should think about user needs more

• July 18, 2025 18 Jul'25

  NCSC exposes Fancy Bear's Authentic Antics malware attacks

  Amid a new round of UK government sanctions targeting Moscow's intelligence apparatus, the NCSC has formally attributed attacks orchestrated with a cleverly-designed malware to the GRU's Fancy Bear cyber unit

• July 18, 2025 18 Jul'25

  DWP accused of shielding AI deployments from public scrutiny

  Amnesty International and Big Brother Watch say Department for Work and Pensions’ ‘unchecked’ and opaque use of AI in the UK benefits system treats claimants as suspicious and is shielded from public scrutiny

• July 17, 2025 17 Jul'25

  European cyber cops target NoName057(16) DDoS network

  A Europol operation has succeeded in disrupting a pro-Russian hacktivist network accused of conducting DDoS cyber attacks on targets in Ukraine and Europe

• July 17, 2025 17 Jul'25

  Terrorist potential of generative AI ‘purely theoretical’

  UK terror legislation advisor takes stock of the potential for generative artificial intelligence systems to be adopted by terrorists, particularly for propaganda and attack planning purposes, but acknowledges the impact may be limited

• July 16, 2025 16 Jul'25

  Co-op chief ‘incredibly sorry’ for theft of 6.5m members’ data

  Co-op chief executive Shirine Khoury-Haq has revealed that all the personal data of all 6.5 million of its members was compromised in the April 2025 cyber attack on its systems

• July 16, 2025 16 Jul'25

  Scattered Spider playbook evolving fast, says Microsoft

  Microsoft warns users over notable evolutions in Scattered Spider’s attack playbook, and beefs up some of the defensive capabilities it offers to customers in response

• July 16, 2025 16 Jul'25

  Forrester urges IT leaders to dump technical debt

  IT needs to invest in innovative technologies and outsource legacy IT management to tackle volatile global markets, says Forrester

• July 15, 2025 15 Jul'25

  UKtech50 2025: The most influential people in UK technology

  Computer Weekly has announced the 15th annual UKtech50 – our definitive list of the movers and shakers in the UK tech sector

• July 15, 2025 15 Jul'25

  Current approaches to patching unsustainable, report says

  Organisations are struggling to prioritise vulnerability patching appropriately, leading to situations where everything is a crisis, which helps nobody, according to a report

• July 15, 2025 15 Jul'25

  MoD cyber breach put thousands of Afghan lives at risk

  More than 18,000 Afghan citizens eligible to relocate to the UK under a government programme to protect them from the Taliban were put at risk in a heretofore unreportable data breach

• July 15, 2025 15 Jul'25

  NCSC sets up Vulnerability Research Initiative

  The NCSC is expanding its vulnerability research project to draw in external expertise

• July 15, 2025 15 Jul'25

  Ada Lovelace: using market forces to professionalise AI assurance

  The Ada Lovelace Institute examines how ‘market forces’ can be used to drive the professionalisation of artificial intelligence assurance in the context of a wider political shift towards deregulation

• July 14, 2025 14 Jul'25

  Brits clinging to Windows 10 face heightened risk, says NCSC

  Businesses and consumers alike may not feel the need to upgrade to Windows 11 as its predecessor approaches end-of-life, but they are putting their own security at risk, says the NCSC

• July 14, 2025 14 Jul'25

  Luxury retailer LVMH says UK customer data was stolen in cyber attack

  French luxury goods retailer LVMH has disclosed multiple cyber attacks in 2025 so far, and their impact is now spreading to the UK as a new incident affecting Louis Vuitton comes to light

• July 14, 2025 14 Jul'25

  AI adoption grows amid falling trust in AI outputs

  As organisations move from AI hype to reality, a decline in trust for AI outputs is not a sign of failure, but a signal of market maturity, according to Bhavya Kapoor, Avanade's Asia-Pacific president

• July 11, 2025 11 Jul'25

  MoD supply chain cyber scheme gets up and running

  The Ministry of Defence and IASME have launched a certification scheme for organisations working in the UK defence supply chain, with construction firm Morgan Sindall the first business to achieve compliance

• July 11, 2025 11 Jul'25

  UK to create ‘governance framework’ for police facial recognition

  Home secretary Yvette Cooper has confirmed UK will regulate police facial recognition, citing police reticence to deploy systems without proper governance, but declined to say if any new framework will be statutory

• July 11, 2025 11 Jul'25

  UK online safety regime ineffective on misinformation, MPs say

  A report from the Commons Science, Innovation and Technology Committee outlines how the Online Safety Act fails to deal with the algorithmic amplification of ‘legal but harmful’ misinformation

• July 11, 2025 11 Jul'25

  European Commission accused of rigging data watchdog appointment

  The European Commission has been accused of rigging the selection process for the next European Data Protection supervisor