News

IT governance

• September 26, 2025 26 Sep'25

  Okta CEO: AI security and identity security are one and the same

  At Oktane 2025 in Las Vegas, Okta CEO Todd McKinnon describes AI security and identity security as inseparable as he tees up a series of agentic security innovations

• September 24, 2025 24 Sep'25

  Internet shutdowns in Africa on upward trajectory

  A comparative analysis of internet shutdowns in African countries highlights how the tactic is increasingly used to repress dissent and political opposition, depriving millions of people and businesses access to vital digital tools that sustain ...

• September 24, 2025 24 Sep'25

  Oktane 2025: Okta takes aim at agentic AI governance gap

  Identity specialist Okta is laying the groundwork for a number of incoming announcements designed to help its customers get to grips with the challenge of securing non-human, agentic identities.

• September 23, 2025 23 Sep'25

  SolarWinds warns over dangerous RCE flaw

  A newly uncovered RCE flaw in SolarWinds’ helpdesk product bypasses two previously issued fixes, and users should prioritise updates as exploitation is likely to occur

• September 23, 2025 23 Sep'25

  ‘Our worst day’: The untold story of the Electoral Commission cyber attack

  As head of digital at The Electoral Commission, Andrew Simpson’s mettle was tested when threat actors gained access to the regulator’s email systems and accessed sensitive voter data. Three years on, he tells his story to Computer Weekly

• September 22, 2025 22 Sep'25

  Cyber attack that downed airport systems confirmed as ransomware

  Authorities in Europe say the cyber attack that caused disruption to passenger-facing services at multiple airports, including Heathrow, was the result of ransomware, as investigations continue

• September 19, 2025 19 Sep'25

  Government meets with car parts suppliers amid JLR cyber crisis

  Government officials have met with the Society of Motor Manufacturers and Traders to discuss the challenges they are facing amid disrupted production at Jaguar Land Rover

• September 19, 2025 19 Sep'25

  UK cyber action plan lays out path to resilience

  A report produced for the government by academics at Imperial College London and the University of Bristol sets out nine recommendations to strengthen the UK’s cyber sector

• September 17, 2025 17 Sep'25

  Heightened global risk pushes interest in data sovereignty

  Survey finds all those questioned have looked at data location, with most recognising the need to plan for data sovereignty or risk severe damage to reputation and customer trust

• September 17, 2025 17 Sep'25

  Microsoft scores win against Office 365 credential thieves

  Microsoft’s Digital Crimes Unit disrupts a major phishing-as-a-service operation that targeted and stole Office 365 usernames and credentials

• September 17, 2025 17 Sep'25

  NCC: How RaaS team-ups help Scattered Spider enhance its attacks

  Scattered Spider’s alliances with ransomware-as-a-service gangs act as a force multiplier for the scope, and number, of its cyber attacks, according to NCC Group analysts

• September 15, 2025 15 Sep'25

  ShinyHunters linked to breach of French luxury goods house

  Kering, the parent group of fashion houses including Balenciaga and Gucci, becomes the latest organisation to allegedly fall victim to ShinyHunters

• September 15, 2025 15 Sep'25

  Arqit to support NCSC’s post-quantum cryptography pilot

  Quantum specialist Arqit will provide specialised post-quantum migration planning services to organisations preparing to address the imminent risks to traditional cryptography

• September 15, 2025 15 Sep'25

  Forrester Technology & Innovation Summit preview: Digital sovereignty in the public cloud

  We look at how IT leaders need to balance data access, data residency and data sovereignty

• September 12, 2025 12 Sep'25

  GDS publishes guidance on AI coding assistants

  Government software engineers are being encouraged to use tools such as GitHub Copilot to speed up software development

• September 11, 2025 11 Sep'25

  M&S parts ways with CTO after cyber attack

  M&S chief digital and technology officer Rachel Higham steps back from her role in the wake of the April 2025 cyber attack on the retailer’s systems

• September 11, 2025 11 Sep'25

  Students an increasing source of cyber threat in UK schools

  Insider threats arising from student activity now appears to be the chief cause of notifiable cyber or data breach incidents in Britain’s schools

• September 10, 2025 10 Sep'25

  Splunk.conf: Cisco and Splunk expand agentic SOC vision

  The arrival of agentic AI in the security operations centre heralds an era of simplification for security professionals, Splunk claims

• September 09, 2025 09 Sep'25

  Splunk.conf: Splunk urges users to eat their ‘cyber veggies’

  The dawn of AI-enabled cyber attacks makes it even more important for defenders to bring their A-game, particularly when it comes to getting the basics right

• September 05, 2025 05 Sep'25

  US politicians ponder Wimwig cyber intel sharing law

  US cyber data sharing legislation is set to replace an Obama-era law, but time is running out to get it over the line, with global ramifications for the security industry, and intelligence and law enforcement communities

• September 04, 2025 04 Sep'25

  UK sets out plans for AI assurance leadership

  Labour wants the UK to become the world leader in artificial intelligence assurance

• September 03, 2025 03 Sep'25

  European court upholds EU-US Data Privacy Framework data-sharing agreement

  EU General Court upholds EU-US Data Privacy Framework, bringing certainty to businesses that exchange data with the US – for now. An appeal may be in the offing

• August 29, 2025 29 Aug'25

  ICO publishes summary of police facial recognition audit

  The UK data regulator has released a summary of its facial recognition audit of two police forces

• August 28, 2025 28 Aug'25

  Microsoft refuses to divulge data flows to Police Scotland

  Tech giant Microsoft is declining to share key information with Police Scotland about where the sensitive data it uploads to Office 365 will be processed, leaving the force unable to comply with UK-wide data protection laws

• August 27, 2025 27 Aug'25

  Incident response planning cuts the risk of claiming on cyber security insurance

  Proper attention to incident response planning is emerging as a core cyber control when it comes to reducing the risk of having to claim on cyber security insurance, according to a report

• August 27, 2025 27 Aug'25

  PDS confirms ‘strategic restructuring’ with series of interim senior leadership hires

  The Police Digital Service has seemingly streamlined and revamped its senior leadership team, more than a year after two of its staff were arrested for suspected misconduct in public office

• August 26, 2025 26 Aug'25

  Three new Citrix NetScaler zero-days under active exploitation

  Citrix patches three new vulnerabilities in its NetScaler lines warning of active zero-day exploitation by an undisclosed threat actor

• August 26, 2025 26 Aug'25

  Okta makes AI identity play with Axiom acquisition

  Okta says Axiom Security’s technology will reinforce its own offerings in privileged access management, especially when it comes to the growing number of non-human identities

• August 25, 2025 25 Aug'25

  Ransomware attack volumes up nearly three times on 2024

  During the first six months of 2025, the number of observed and tracked ransomware attacks far outpaced the volume seen in 2024

• August 21, 2025 21 Aug'25

  Moscow exploiting seven-year-old Cisco flaw, says FBI

  US authorities warn of an uptick in state-sponsored exploitation of a seven-year-old vulnerability in Cisco's operating system software

• August 21, 2025 21 Aug'25

  Scale of MoD Afghan data breaches widens dramatically

  Many more data breaches at the MoD's Arap programme to relocate at-risk Afghan citizens to Britain have emerged following an FoI request by BBC journalists

• August 21, 2025 21 Aug'25

  Apple iOS update fixes new iPhone zero-day flaw

  Latest Apple zero-day found in the ImageIO framework opens the door for targeted zero-click attacks on iPhone users

• August 21, 2025 21 Aug'25

  UK equality watchdog: Met Police facial recognition unlawful

  The UK’s equality watchdog has been granted permission to intervene in a judicial review of the Met Police’s live facial-recognition (LFR) technology use, which it claims is being deployed unlawfully

• August 21, 2025 21 Aug'25

  Judge throws out NHS whistleblower’s challenge to ruling on deletion of 90,000 emails

  Appeal tribunal dismisses doctor’s bid to quash decision that cleared London hospital trust of concealing evidence through attempted destruction of electronic documents during live court proceedings

• August 21, 2025 21 Aug'25

  Interview: Simon Goodyear, chief information and technology officer, Redwood Bank

  Redwood Bank’s new IT boss is a problem solver who wants to eradicate every unnecessary Excel spreadsheet

• August 21, 2025 21 Aug'25

  Dell builds on $50m Singapore investment with new AI hub

  Dell Technologies has opened an AI innovation hub to speed artificial intelligence adoption for enterprises across Asia-Pacific and upskill 10,000 students and mid-career professionals in Singapore

• August 20, 2025 20 Aug'25

  Microsoft starts including PQC algorithms in cyber foundations

  Microsoft updates on its post-quantum cyber strategy as it continues integrating quantum-safe algorithms into some of the core foundations underpinning its products and services

• August 20, 2025 20 Aug'25

  Commvault users told to patch two RCE exploit chains

  Storage firm Commvault fixes four vulnerabilities that, when combined, create a pair of RCE exploit chains that could be used to target on-premise customers with ransomware and other nasties

• August 20, 2025 20 Aug'25

  Warlock claims more victims as cyber attacks hit Colt and Orange

  Ransomware gang Warlock is adding more victims to its data leak site as the impact of a spreading wave of cyber attacks continues to be felt

• August 19, 2025 19 Aug'25

  Google spins up agentic SOC to speed up incident management

  Google Cloud elaborates on its vision for securing artificial intelligence unveiling new protections and capabilities across its product suite

• August 19, 2025 19 Aug'25

  ISACA launches AI security management certification

  ISACA accredited security professionals can now pursue a new AI security management credential

• August 19, 2025 19 Aug'25

  Singapore board directors to get cyber crisis training

  The Singapore Institute of Directors and Ensign InfoSecurity have launched a programme to equip 1,000 board leaders with the skills to navigate high-stakes decisions during a cyber crisis

• August 18, 2025 18 Aug'25

  Workday hit in wave of social engineering attacks

  A campaign of voice-based social engineering attacks targeting users of Salesforce’s services appears to have struck HR platform Workday

• August 18, 2025 18 Aug'25

  Extremist hacker who defaced websites and stole data imprisoned

  Hacker Al-Tahery Al-Mashriky pled guilty to attacking multiple websites based on extremist political and religious ideology

• August 18, 2025 18 Aug'25

  L’Oréal to promote cyber resilience for Britain’s beauty salons

  L’Oréal UK and Ireland will work with law enforcement, cyber educators and students, and other large organisations to help thousands of small salons across the UK improve their cyber resilience practice

• August 15, 2025 15 Aug'25

  Warlock claims ransomware attack on network services firm Colt

  UK network services firm Colt is attempting to recover various customer-facing systems following a cyber attack that has been claimed by the Warlock ransomware gang and may have arisen via a SharePoint flaw

• August 15, 2025 15 Aug'25

  UK cyber leaders feel impact of Trump cutbacks

  The ripple effects of US cyber security cutbacks have reached this side of the Atlantic, according to a report

• August 15, 2025 15 Aug'25

  US trade body calls on Washington to cut cyber red tape

  The US Information Technology Industry Council has called on the White House’s Office of the National Cyber Director to cut burdensome regulations in areas such as AI and incident reporting, and to do more to build a unified security regime

• August 15, 2025 15 Aug'25

  Whitehall IT projects face complex challenges, Nista report finds

  The annual report from the National Infrastructure and Service Transformation Authority gives major police IT project ‘red’ rating, while several others are rated ‘amber’, including Gov.uk One Login and Making Tax Digital

• August 13, 2025 13 Aug'25

  Santander will make AI training mandatory for all staff in 2026

  Spanish banking giant announces mandatory AI training for staff, and collaborates with OpenAI on a ‘data and AI-first transformation’