News

IT governance

• November 19, 2025 19 Nov'25

  Cloudflare contrite after worst outage since 2019

  Cloudflare CEO Matthew Prince apologises for the firm’s worst outage in years and shares details of how a change to database system permissions caused a cascading effect that brought down some of the web’s biggest names

• November 19, 2025 19 Nov'25

  EU sets out plans to cut red tape on digital

  Changes have been proposed to simplify AI Act compliance for smaller businesses, easier cyber security reporting and tweaks to GDPR

• November 18, 2025 18 Nov'25

  Ransomware resilience may be improving in the health sector

  A Sophos report on ransomware highlights resilience improvements among healthcare organisations but warns that the wider threat is still live and growing

• November 16, 2025 16 Nov'25

  Australia lags regional peers in AI adoption

  Report finds governance gaps, a lack of training and fear of risks as key reasons for the nation’s slow uptake of artificial intelligence compared with regional peers

• November 14, 2025 14 Nov'25

  Cl0p claims ransomware hit on NHS

  Ransomware gangsters claim to have attacked the NHS, but clarity on the nature of the incident is yet to emerge

• November 13, 2025 13 Nov'25

  Two-thirds of finance firms use suppliers for AI agent development

  Survey finds more banks and insurers are working with suppliers rather than going it alone when developing artificial intelligence agents

• November 12, 2025 12 Nov'25

  Hungry for data: Inside Europol’s secretive AI programme

  The EU’s law enforcement agency has been quietly amassing data to feed an ambitious but secretive artificial intelligence development programme that could have far-reaching privacy implications for people across the bloc

• November 12, 2025 12 Nov'25

  US cyber intel sharing law set for temporary extension

  The CISA 2015 cyber intelligence sharing law, which lapsed just over a month ago amid a wider shutdown, will receive a temporary lease of life should attempts to reopen the federal government succeed

• November 12, 2025 12 Nov'25

  Microsoft users warned over privilege elevation flaw

  An elevation of privilege vulnerability in Windows Kernel tops the list of issues to address in the latest monthly Patch Tuesday update

• November 12, 2025 12 Nov'25

  Synnovis to notify NHS of data breach after nearly 18 months

  Synnovis, the pathology lab services provider hit by a Qilin ransomware attack in 2024, is notifying its NHS partners that their patient data was compromised, following a lengthy investigation

• November 11, 2025 11 Nov'25

  Most Singapore SMEs yet to start their sustainability journey

  Lack of funds, skills and time are the barriers faced by Singapore’s small and medium-sized enterprises in the green transition, according to a study by Gprnt and PwC

• November 10, 2025 10 Nov'25

  UK’s ‘deregulatory’ AI approach won’t protect human rights

  Expert witnesses called before Parliament’s Joint Committee on Human Rights have told MPs and Lords that the UK’s current approach to artificial intelligence regulation will fail to effectively protect people’s rights

• November 07, 2025 07 Nov'25

  Popular LLMs dangerously vulnerable to iterative attacks, says Cisco

  Cisco researchers probed some of the most widely used public GenAI LLMs and found many of them were dangerously susceptible to so-called multi-turn cyber attacks producing undesirable outputs

• November 05, 2025 05 Nov'25

  US indicts three cyber pros who moonlit for ransomware gang

  US prosecutors indict three men who allegedly attacked multiple victims with ALPHV/BlackCat ransomware while working as professional cyber incident responders

• November 05, 2025 05 Nov'25

  M&S profits tumble after cyber attack

  M&S profits fall by over 90% in the wake of the spring 2025 cyber attack that crippled the retailer’s systems for weeks

• November 05, 2025 05 Nov'25

  Most developers in Southeast Asia and India use AI tools

  Study finds that 95% of developers in Southeast Asia and India use AI tools, but many of their employers lack formal AI policies, leaving them to forge their own paths in upskilling and governance

• November 04, 2025 04 Nov'25

  Ryt Bank taps agentic AI for conversational banking

  Malaysia’s Ryt Bank is using its own LLM and agentic AI framework to allow customers to perform banking transactions in natural language, replacing traditional menus and buttons

• November 04, 2025 04 Nov'25

  The Security Interviews: Colin Mahony, CEO, Recorded Future

  Recorded Future’s CEO talks threat intelligence, AI in cyber security and the ever-changing cyber threat landscape

• November 03, 2025 03 Nov'25

  How Zoom is approaching agentic AI

  Zoom CTO Xuedong Huang explains how AI Companion 3.0’s agentic AI capabilities can help turn conversations into completed actions using long-term memory and deep reasoning

• October 31, 2025 31 Oct'25

  Cyber agencies co-sign Exchange Server security guide

  US and allied cyber agencies team up to try to nudge users to pay more attention to securing Microsoft Exchange Server

• October 30, 2025 30 Oct'25

  US senators seek to prohibit minors from using AI chatbots

  Two US senators have proposed legislation that would require AI chatbot companies to verify the ages of people using their chatbots, in attempt to limit their harmful effects on children

• October 30, 2025 30 Oct'25

  Microsoft CEO speaks of global cloud factory as Azure stalls

  Alongside Microsoft's posted cloud revenue of $49bn was a configuration error that caused a global outage affecting many customers

• October 29, 2025 29 Oct'25

  Rapid7: Cyber defences stuck in the 1980s as threats mount

  The company’s chief product officer notes that many defence tactics are still stuck in the past, urging organisations to adopt AI-driven security platforms to improve threat detection and response

• October 29, 2025 29 Oct'25

  Scope of US state-level privacy laws expands rapidly in 2025

  Nine state-level data protection laws have come into force in the US this year, and three more are slated for January 2026. Navigating this complex landscape is becoming a challenge

• October 28, 2025 28 Oct'25

  Effective cyber sanctions require a joined-up approach, says Rusi

  Calling out and sanctioning cyber threat actors can be an effective tool, but is not a universal panacea, and needs to be considered as part of a wider, strategic approach, say Rusi think tank analysts

• October 27, 2025 27 Oct'25

  LockBit 5.0 expands targeting amid ransomware escalation

  The LockBit RaaS operation is back in action, with technical features and expanded targeting, and is contributing to a steadily growing number of ransomware attacks

• October 24, 2025 24 Oct'25

  UK ramps up ransomware fightback with supply chain security guide

  Multinational guidance, developed by the UK and Singapore, is designed to help organisations reinforce their supply chain against ransomware attacks

• October 23, 2025 23 Oct'25

  Bereaved families call for public inquiry over suicide forum

  The Molly Rose Foundation and families bereaved by suicide claim Ofcom and government departments have not taken effective action to deal with a forum promoting suicide

• October 23, 2025 23 Oct'25

  Amid CISA cuts, US state launches first VDP

  Legislators in Annapolis, Maryland, have teamed up with Bugcrowd to launch a statewide vulnerability disclosure programme

• October 23, 2025 23 Oct'25

  Ministry of Justice’s OpenAI deal paves way to sovereign AI

  OpenAI has been busy signing deals with the UK government to bolster UK artificial intelligence. It’s now launching data residency for UK customers

• October 23, 2025 23 Oct'25

  Business leaders raise concerns over public cloud data sovereignty

  The unpredictable geopolitical climate is having an impact on IT strategies, a report from Kyndryl has found

• October 22, 2025 22 Oct'25

  Singapore unveils efforts to govern agentic AI, prepare for post-quantum era

  Guidelines and tools will help organisations in the city-state manage risks from AI agents and prepare for a future where quantum computers could break current encryption

• October 22, 2025 22 Oct'25

  Jaguar Land Rover attack to cost UK £1.9bn, say cyber monitors

  The UK's Cyber Monitoring Centre calculates the overall cost of the Jaguar Land Rover cyber attack will be almost two billion pounds

• October 20, 2025 20 Oct'25

  Microsoft admonished for role in facilitating Gaza genocide

  Following credible allegations that Microsoft Azure was being used to facilitate mass surveillance and lethal force against Palestinians, which prompted the company to suspend services to the Israeli military unit responsible, human rights ...

• October 16, 2025 16 Oct'25

  Microsoft identifies boardroom cyber awareness as a top priority

  Digital security report urges IT leaders to convince company boards that cyber security is a board-level problem

• October 15, 2025 15 Oct'25

  AI World: Oracle brings agents to bear on world of finance

  Oracle AI World has seen a host of new introductions, among them agentic capabilities for customer finance teams

• October 15, 2025 15 Oct'25

  Patch Tuesday: Windows 10 end of life pain for IT departments

  Windows 10 is no longer supported, but that does not mean it is not impacted by the latest Patch Tuesday update

• October 15, 2025 15 Oct'25

  China responsible for rising cyber attacks, says NCSC

  Ministers write to business leaders urging them to step up cyber security in wake of threats from ransomware and nation state-sponsored hackers

• October 09, 2025 09 Oct'25

  Warlock ransomware may be linked to Chinese state

  The operators of Warlock ransomware who exploited a set of SharePoint Server vulnerabilities earlier this year likely have some kind of link to the Chinese government, researchers claim

• October 08, 2025 08 Oct'25

  Teens arrested over Kido nursery hack

  London’s Met Police arrested two teenage boys in Hertfordshire on suspicion of involvement in the recent Kido nursery hack that saw the personal data of infants stolen and leaked

• October 08, 2025 08 Oct'25

  Qilin gang claims cyber attack on Japanese brewing giant

  The Qilin ransomware gang has claimed responsibility for a cyber attack that has halted brewing at Asahi Group Holdings, causing Japanese retailers to run low on beer

• October 07, 2025 07 Oct'25

  Alert over Medusa ransomware attacks targeting Fortra MFT

  Microsoft warns it is seeing potential mass exploitation of a Fortra GoAnywhere vulnerability by a threat actor linked to the Medusa ransomware-as-a-service operation.

• October 07, 2025 07 Oct'25

  The Security Interviews: David Bradbury, CSO, Okta

  Okta’s chief security officer talks security by default and explains why he thinks time is running out for the shared responsibility model

• October 06, 2025 06 Oct'25

  Oracle patches E-Business suite targeted by Cl0p ransomware

  Oracle pushes a patch for a dangerous zero-day under active exploitation by one of the most notorious ransomware gangs around

• October 06, 2025 06 Oct'25

  Police facial recognition trials show little evidence of benefits

  In-the-wild testing of police facial recognition systems has failed to generate clear evidence of the technology’s benefits, or to assess the full range of socio-technical impacts

• October 06, 2025 06 Oct'25

  Gartner: IT leaders need to prepare for GenAI legal issues

  GenAI is being embedded into enterprise software. This has implications for governance and regulatory compliance

• October 06, 2025 06 Oct'25

  UK government to consult on police live facial recognition use

  The UK’s policing minister has confirmed the government will consult on the use of live facial recognition by law enforcement before expanding its use throughout England, but so far, the technology has been deployed with minimal public debate or ...

• October 02, 2025 02 Oct'25

  Interview: Chris Belasco, chief data officer, City of Pittsburgh

  Building data pipelines – the ‘connective tissue’ – is helping to improve operations and deliver better public services in the City of Pittsburgh

• October 01, 2025 01 Oct'25

  US government shutdown stalls cyber intel sharing

  A key US law covering cyber security intelligence sharing has expired without an extension or replacement amid a total shutdown of the federal government, putting global security collaboration at risk.

• September 30, 2025 30 Sep'25

  Apple’s first iOS 26 security update fixes memory corruption flaw

  Apple issues an update for its brand new iOS 26 mobile operating system, fixing a potentially dangerous vulnerability affecting iPhones, iPads and other Mac devices