News

IT governance

• June 16, 2021 16 Jun'21

  Organisations cannot rely on cyber insurance to cover losses

  Ransomware attacks have become a big driver of cyber insurance claims, but insurance must not be relied upon as a failsafe, says a report

• June 15, 2021 15 Jun'21

  NHS Test and Trace picks Risk Ledger to secure supply chain

  Risk Ledger’s technology promises ‘unparalleled’ visibility into NHS Test and Trace’s supply chain

• June 15, 2021 15 Jun'21

  Privacy pro salaries rise throughout pandemic, but at a cost

  Data from the IAPP’s latest salary survey reveals some insight into how the pandemic impacted the privacy profession

• June 15, 2021 15 Jun'21

  Ransomware most insidious cyber threat facing UK

  NCSC CEO urges organisations to do more to prepare for ransomware attacks

• June 15, 2021 15 Jun'21

  The Security Interviews: How to build a government model to ‘hack for good’

  Kyle Hanslovan started Huntress to give back after a career in the intelligence sector. After US authorities took action to help people hit by the Microsoft Exchange attacks, we discussed how governments can ‘hack for good’

• June 11, 2021 11 Jun'21

  CMA secures commitments from Google on future of cookies

  The Competition and Markets Authority is opening a consultation on commitments offered to it by Google to ensure its Privacy Sandbox proposals do not harm digital advertising markets

• June 11, 2021 11 Jun'21

  UK promises tougher line on cyber crime

  Speaking ahead of the G7 Summit, foreign secretary Dominic Raab says the UK is ready to take on cyber criminals and other malicious actors wherever they may be

• June 10, 2021 10 Jun'21

  Risk data shows UK energy sector most vulnerable to cyber attack

  New report compiled by insurance firm Hiscox reveals the state of cyber preparedness in the UK and beyond

• June 09, 2021 09 Jun'21

  FBI arrests distributors accused of selling An0m encrypted phones to crime groups

  Working with overseas law enforcement, the FBI has arrested eight people and named a further 13 accused of distributing An0m phones to organised crime groups

• June 09, 2021 09 Jun'21

  RSA spins out fraud and risk unit as Outseer

  RSA Security is transitioning its fraud and risk intelligence work into a new business to be called Outseer

• June 09, 2021 09 Jun'21

  Microsoft fixes seven zero-days on its Patch Tuesday rounds

  Fixes for six actively-exploited – and one yet-to-be-exploited – zero-day bugs are released in the June 2021 Patch Tuesday update

• June 09, 2021 09 Jun'21

  Colonial Pipeline ransom seizure is a win, but don’t relax yet

  The security community is enthusiastic about the US authorities’ recovery of a significant part of the Colonial Pipeline ransomware payment, but this positivity should perhaps be somewhat tempered

• June 08, 2021 08 Jun'21

  NHS Digital delays data collection plans until September

  NHS Digital has postponed its proposed collection of GP data for two months, to allow more time for the public to understand the process and opt out if wanted

• June 08, 2021 08 Jun'21

  National data guardian calls for dialogue on NHS Digital GP plans

  The UK’s national data guardian says it is important the public has clarity on how their confidential medical information will be used and kept secure under NHS data-sharing plans

• June 07, 2021 07 Jun'21

  EU privacy chief investigates use of US cloud services

  Use of Amazon and Microsoft’s cloud services by public sector bodies in the European Union is being scrutinised by the bloc’s privacy watchdog

• June 07, 2021 07 Jun'21

  Siloscape malware a risk to Windows containers, Kubernetes

  Palo Alto’s Unit 42 reports on what appears to be the first-recorded malware targeting Kubernetes clusters through Windows containers

• June 07, 2021 07 Jun'21

  NCSC updates schools ransomware guidance amid surge

  The National Cyber Security Centre says it is dealing with a renewed surge of ransomware attacks targeting schools, colleges and universities

• June 07, 2021 07 Jun'21

  IBM pushes back against US government data requests

  Technology giant IBM says the US government has ‘no jurisdiction’ to request data from its European entities

• June 07, 2021 07 Jun'21

  Campaigners plan legal action over NHS data sharing

  Privacy coalition aims to force NHS Digital to push back its plans to scrape medical information on millions of patients into a central database

• June 04, 2021 04 Jun'21

  UK immigration exemption in Data Protection Act found unlawful

  Court of Appeal rules immigration exemption unlawful, but further hearings will follow to decide what remedies must be put in place

• June 04, 2021 04 Jun'21

  BCS: Lack of communication over NHS GPDPR ‘astonishing’

  The Chartered Institute for IT has warned that millions of people are not being properly informed of NHS Digital plans to harvest their data

• June 04, 2021 04 Jun'21

  Government action on ransomware epidemic gathers pace

  The US government steps up action against ransomware operators, while the UK’s NCSC publishes guidance on preparing to deal with a ransomware attack

• June 03, 2021 03 Jun'21

  Tories fined over email data protection breaches

  The Conservative Party broke the law by failing to properly keep records of who had unsubscribed from its mailing list

• June 03, 2021 03 Jun'21

  Pandemic a ‘once-in-a-lifetime’ chance to reshape security

  The volume of remote working has made it hard to paint an accurate picture of the true state of enterprise cyber security, but it presents an opportunity to change things up

• June 02, 2021 02 Jun'21

  Scottish businesses missing out on Cyber Essentials benefits

  More than a third of Scottish businesses do not believe they are adequately prepared to deal with a cyber security incident

• June 01, 2021 01 Jun'21

  Ex-IT manager stole over £800,000 from NHS trust

  A former senior IT manager at an Essex NHS trust has pleaded guilty to defrauding his employer out of more than £800,000

• May 28, 2021 28 May'21

  Privacy experts concerned over NHS data collection plans

  Security and data privacy experts warn NHS Digital that its data collection plans could increase risk and cause a public backlash

• May 27, 2021 27 May'21

  Loss of 150,000 police records made worse by management failures

  The loss of 150,000 records from a number of national policing systems was caused by a human coding error, but made worse by process and management failures

• May 27, 2021 27 May'21

  MP-backed push to stop tech giants claiming super-deduction tax relief thwarted

  Move to prevent the likes of Amazon using the government's new super-deduction policy to minimise their UK tax liabilities even further fails to win support in the House of Commons

• May 27, 2021 27 May'21

  NGOs file complaints against Clearview AI in five countries

  Privacy and human rights organisations have asked data protection regulators in the UK, France, Austria, Italy and Greece to investigate controversial facial recognition company Clearview AI

• May 26, 2021 26 May'21

  More data stolen in January 2021 than in all of 2017, says report

  The volume of data being stolen through breaches is growing steadily and shows no sign of slowing, according to a report from Imperva

• May 26, 2021 26 May'21

  Millions of pounds lost to crypto fraud on social media

  More than £63m has been lost nationally by victims of investment fraud via a social media platform, says Action Fraud

• May 26, 2021 26 May'21

  Nordic CIO interview: Tommi Tuovila, Neste

  Former Olympian talks to Computer Weekly about the challenges facing CIOs in a rapidly changing world

• May 25, 2021 25 May'21

  Threat of group GDPR legal action haunts CISOs

  The vast majority of security leaders questioned for a new report say they are concerned about the possibility of group legal settlements against them following a serious data breach

• May 25, 2021 25 May'21

  McAfee to change terms of auto-renewing consumer plans

  Consumers who found their McAfee antivirus contracts auto-renewed will be able to get out of their contracts and get their money back

• May 25, 2021 25 May'21

  Industry reflects on three years of GDPR

  Looking back on 12 tumultuous months, we assess how GDPR has weathered the effects of the Covid-19 pandemic and Brexit, and consider what the coming year may hold for data protection

• May 25, 2021 25 May'21

  Legacy vulnerabilities may be biggest enterprise cyber risk

  While high-profile cyber attacks and zero-days grab headlines, statistics gathered by network security specialists Cato suggest CISOs should be addressing legacy threats

• May 24, 2021 24 May'21

  Air India is latest victim of Sita hack

  Data on millions of people who flew with Air India between 2011 and 2021 appears to have been compromised in the recent Sita supply chain attack

• May 21, 2021 21 May'21

  Lack of developer attention to cloud security prompts alerts

  The personal data of over 100 million Android users may have been put at risk through a variety of cloud service misconfigurations

• May 20, 2021 20 May'21

  UK regulators commit to closer cooperation on digital economy

  Two UK regulators have issued a joint statement and signed a memorandum of understanding on the need for closer collaboration on digital markets

• May 20, 2021 20 May'21

  Pandemic tech use heightens consumer privacy fears

  Report on consumer attitudes to privacy finds evidence of a “heightened sense of fear” as digital footprints expand inexorably

• May 20, 2021 20 May'21

  Malicious scans for at-risk systems start minutes after disclosure

  Statistics collated by Palo Alto Networks reveal malicious actors begin scanning the internet for systems at risk of new CVEs within minutes

• May 20, 2021 20 May'21

  UK government publishes framework on automated decision-making

  The framework focuses on making the use of algorithms and automated decision-making systems within the public sector more ethical, transparent and accountable

• May 19, 2021 19 May'21

  ‘Nothing off the table’ in statutory Post Office scandal inquiry

  The government confirmed that the inquiry into the Post Office Horizon IT scandal will be given statutory status and wider scope

• May 19, 2021 19 May'21

  Reports of stolen Irish health service data being leaked online

  Leaking of deeply confidential and personal information on patient healthcare marks a new low for the criminal Conti gang

• May 18, 2021 18 May'21

  Microsoft EU Data Boundary dubbed ‘smoke and mirrors’

  Data protection experts claim Microsoft’s decision to create an EU Data Boundary is a tacit admission that it routinely transfers and processes the personal data of European citizens outside the bloc

• May 18, 2021 18 May'21

  Irish High Court dismisses legal bid by Facebook over EU-US data transfers

  Latest twist in long-running legal battle sees Facebook lose legal bid to prevent the Irish Data Protection Commissioner suspending its transfer of data about European citizens to the US

• May 17, 2021 17 May'21

  Conti ransomware syndicate behind attack on Irish health service

  More details continue to emerge of the significant ransomware attack on Ireland’s HSE

• May 17, 2021 17 May'21

  Government seeks input on supply chain security

  Amid concerns that too few companies are addressing vulnerabilities in their supply chain, DCMS is opening a consultation on new measures to enhance security

• May 14, 2021 14 May'21

  Colonial Pipeline paid $5m ransom, reports say

  Colonial Pipeline may have paid a significant ransom within hours of being attacked, it has emerged, but it’s unlikely the story ends here