News

IT governance

November 18, 2022 18 Nov'22
CyberPeace Institute helps NGOs improve their security resilience

Adrien Ogée of the CyberPeace Institute talks about his work supporting NGOs and humanitarian organisations, and how the security community at large can help protect the world’s most vulnerable people
November 17, 2022 17 Nov'22
Brexit deregulation will make UK next Silicon Valley, vows Hunt

Chancellor vows to revolutionise how the IT industry is regulated to spur competition, investment and innovation in a technological ‘Big Bang’
November 17, 2022 17 Nov'22
Another Log4Shell warning after Iranian attack on US government

The breach of a US federal body by an Iranian threat actor exploiting the Adobe Log4j Log4Shell vulnerability has prompted a fresh flurry of patching
November 17, 2022 17 Nov'22
NHS Digital confirms final settlement of £3.95m with HMRC following conclusion of IR35 investigation

The health service’s digital arm has paid HMRC £3.95m in unpaid tax to cover the cost of its IR35 compliance errors

November 16, 2022 16 Nov'22
Global network fragmentation a source of increasing risk

Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures
November 15, 2022 15 Nov'22
APP fraud volumes expected to double by 2026, says report

Losses to authorised push payment fraud in the UK are expected to climb to over $1.5bn in the next four years. Meanwhile, the NAO accuses the Home Office of lagging on progress to tackle the issue
November 15, 2022 15 Nov'22
Met Police removes nearly two-thirds of people from gangs matrix

Legal action by human rights group Liberty forces Met Police to overhaul its gangs violence matrix database
November 14, 2022 14 Nov'22
Sadiq Khan launches Data for London Advisory Board

Board will look at how to join up and share data between public and private London organisations in an effort to build a stronger data economy and improve public services
November 11, 2022 11 Nov'22
Volume of self-reported breaches to ICO jumps 30%

The number of self-reported breaches to the UK’s Information Commissioner’s Office soared by nearly 30% in the 12 months to 30 June 2022
November 11, 2022 11 Nov'22
MoD recruits Immersive Labs to bolster cyber resilience

UK’s Ministry of Defence will run cyber drills and address its security talent gap with Immersive Labs’ CyberPro, Cyber Crisis Simulator and Application Security products

November 10, 2022 10 Nov'22
Scrutinising AI requires holistic, end-to-end system audits

Understanding the full impacts of artificial intelligence requires organisations to conduct end-to-end social and technical audits of their systems, but the process comes with a number of challenges
November 10, 2022 10 Nov'22
Cyber criminals have World Cup Qatar 2022 in their sights

Volumes of malicious cyber activity around the upcoming FIFA World Cup are already starting to tick upwards and are likely to continue to do so
November 09, 2022 09 Nov'22
UK’s National Cyber Advisory Board convenes for first time

Government convenes National Cyber Advisory Board to further its goals of making the UK one of the safest places to live and work online
November 09, 2022 09 Nov'22
Microsoft serves smorgasbord of six zero-days

November’s Patch Tuesday fixes significantly fewer vulnerabilities of late, but includes six actively-exploited zero-days, three of them of critical severity
November 09, 2022 09 Nov'22
Fujitsu expert witness in subpostmaster trial ‘manoeuvred’ into role, public inquiry told

A former Fujitsu technology expert who defended the Horizon system’s robustness in court was unhappy after being ‘manoeuvred’ into acting as an expert witness, public inquiry hears
November 08, 2022 08 Nov'22
Six subpostmaster convictions referred for appeal in Scotland

Six former subpostmasters in Scotland will have appeals against criminal convictions heard after being referred by Scotland’s Criminal Cases Review Commission
November 07, 2022 07 Nov'22
Public sector IT projects need ethical data practices from start

Data ethics needs to be integrated into public sector IT projects from the very start, and considered throughout every stage of the process, to be effective
November 07, 2022 07 Nov'22
Department for Education escapes £10m fine over data misuse

Department entrusted data on 28 million children to a company called Trustopia, which turned out to be anything but trustworthy, but has escaped a £10m fine under new rules
November 04, 2022 04 Nov'22
Microsoft: Nation-state cyber attacks became increasingly destructive in 2022

The willingness of nation-state actors to conduct destructive cyber attacks is a source of grave concern, as Microsoft’s latest annual Digital Defence Report lays bare
November 03, 2022 03 Nov'22
Confirmation bias led Post Office to prosecute subpostmasters without investigation, inquiry told

Former Post Office tech leader tells public inquiry that confirmation bias led to hundreds of subpostmasters being prosecuted for financial crimes without proper investigation
November 03, 2022 03 Nov'22
Automated threats biggest source of cyber risk for retailers

Threat actors targeting retailers during the coming holiday season are increasingly turning to automated forms of cyber attack, according to a report
November 03, 2022 03 Nov'22
Global coalition reaffirms commitment to fight ransomware

Representatives of 36 countries, as well as the EU, attended the second International Counter Ransomware Initiative Summit in Washington DC
November 02, 2022 02 Nov'22
Shadow digital secretary outlines Labour’s tech priorities

Labour’s digital and technology plans focus on reining in the power of the tech giants, boosting connectivity across the UK, and improving online safety
November 02, 2022 02 Nov'22
Dropbox code compromised in phishing attack

Cloud storage service says malicious actors successfully accessed some of its code within GitHub, but insists customer data is secure
November 02, 2022 02 Nov'22
UK spent £6.4m on secret cyber package for Ukraine

Westminster has revealed for the first time the existence of a previously top-secret security programme that has been helping Ukraine fend off Russian cyber attacks
November 01, 2022 01 Nov'22
A third of UK cyber leaders want to quit, report says

Nearly a third of UK security leaders are considering leaving their current role, and more than half are struggling to keep on top of their workload
November 01, 2022 01 Nov'22
NCSC looks back on year of ‘profound change’ for cyber

The NCSC ramped up its support for UK plc in the past 12 months, but it was events beyond the UK’s borders that proved the most impactful
October 31, 2022 31 Oct'22
Prepare today for potentially high-impact OpenSSL bug

OpenSSL trailed a critical vulnerability patch last week, which will be only the second such flaw ever found in the open source encryption project. Unfortunately, the first was Heartbleed
October 28, 2022 28 Oct'22
Post Office warned of Horizon software-induced ‘tragedy’ in 1999

Problems experienced during live trials of the Post Office Horizon system predicted the ‘tragedy’ that unfolded
October 27, 2022 27 Oct'22
Government ups cyber support for elderly, vulnerable web users

DCMS announces a funding boost to help the elderly, disabled and other vulnerable groups stay safe online and avoid being misled by disinformation
October 27, 2022 27 Oct'22
NHS to get new national CISO

The Department for Health and Social Care is seeking a new national CISO, who will be tasked with providing strategic cyber leadership, direction and expertise across DHSC and the wider NHS
October 27, 2022 27 Oct'22
LinkedIn adds new features to safeguard user privacy, security

Social media platform is adding a number of features and systems designed to protect legitimate users from inauthentic profiles and activity
October 27, 2022 27 Oct'22
Santander calls for cooperation to tackle APP fraud

New report puts forward key recommendations that the banking sector, government and other industries could take to tackle authorised push payment fraud
October 26, 2022 26 Oct'22
ICO warns against using biometrics for ‘emotional analysis’

ICO warning highlights risk of ‘systemic bias’ and discrimination associated with organisations using biometric data and technologies for emotion analysis
October 25, 2022 25 Oct'22
One in five tech workers subject to workplace surveillance

Digital surveillance is now a common feature of the UK’s post-pandemic economy, says Prospect Union, adding to growing calls for workers to be given a greater say over how technologies are deployed in the workplace
October 25, 2022 25 Oct'22
US authorities charge two Chinese spies over telco security probe

Two Chinese nationals have been charged with attempting to obstruct the criminal prosecution of a prominent Chinese telecoms firm
October 25, 2022 25 Oct'22
Germany: European Court of Justice asked to rule on legality of hacked EncroChat phone evidence

Berlin’s Regional Court has asked the European Court of Justice to answer questions about whether the use of hacked EncroChat phone evidence complies with European law
October 25, 2022 25 Oct'22
Digital-first businesses more willing to accept some fraud

Companies founded in the past 20 years appear more willing to accept higher levels of fraudulent activity during the customer onboarding process, according to a report
October 24, 2022 24 Oct'22
Complacency biggest cyber risk to UK plc, says ICO

Information commissioner John Edwards warns against complacency as his office issues a multimillion-pound fine to a building company that failed to prevent a ransomware attack
October 20, 2022 20 Oct'22
The Security Interviews: Why now for ZTNA 2.0?

With organisations facing escalating online threats, security teams need to improve their defences using zero-trust network access to preserve the integrity of their systems. Palo Alto Networks’ Simon Crocker shares his views on zero-trust network ...
October 20, 2022 20 Oct'22
Parliamentary committee launches inquiry into AI governance

MPs will examine the impacts of artificial intelligence throughout the UK economy and how governance of the technology can be improved ahead of the government publishing its formal regulatory proposals
October 19, 2022 19 Oct'22
Ransomware crews regrouping as LockBit rise continues

Overall ransomware activity dropped off in the third quarter of 2022, but increasing attack volumes in September may herald a difficult few months ahead
October 19, 2022 19 Oct'22
Treat cyber crime as a ‘strategic threat’, UK businesses told

The government’s new National Cyber Advisory Board aims to help elevate cyber discussion and spur action in the business community
October 18, 2022 18 Oct'22
Virtually all vulnerable open source downloads are avoidable

Some 96% of known vulnerable open source downloads could have been avoided altogether, according to a report
October 17, 2022 17 Oct'22
Biden ramps up China chip sanctions

The war of words between China and the US has ramifications across the high-tech sector. We report on the latest developments
October 14, 2022 14 Oct'22
Annual costs of Hackney ransomware attack exceed £12m

Hackney Council reveals new insight into the ongoing cost of a ransomware attack that devastated its systems two years ago
October 14, 2022 14 Oct'22
Office 365 email encryption flaw could pose risk to user privacy

A vulnerability in Microsoft Office 365 Message Encryption could leave the contents of emails dangerously exposed, but with no fix coming it’s up to users to decide how at risk they are
October 14, 2022 14 Oct'22
Advanced: Healthcare data was stolen in LockBit 3.0 attack

Advanced has revealed a total of 16 of its health and social care sector customers had their data exfiltrated in a recent ransomware attack
October 13, 2022 13 Oct'22
Perpetrators of subpostmaster suffering in Horizon scandal must face public inquiry

Victims demand that the perpetrators of the Post Office Horizon IT scandal face the public inquiry
October 12, 2022 12 Oct'22
Microsoft fixes lone zero-day on October Patch Tuesday

Microsoft patched a solitary zero-day vulnerability in its latest monthly drop, but fixes for two others disclosed in the past few weeks are nowhere to be seen