News

IT governance

June 27, 2025 27 Jun'25
Citrix Bleed 2 under active attack, reports suggest

Days after news emerged of a Citrix NetScaler flaw comparable in its scope and severity to 2023’s infamous Citrix Bleed, there are already clear indicators that threat actors are taking advantage of the critical vulnerability
June 27, 2025 27 Jun'25
Scattered Spider cyber gang turns fire on aviation sector

Multiple reports are emerging of cyber attacks on airlines – Google Cloud’s Mandiant believes them to be linked
June 27, 2025 27 Jun'25
Over 2 million affected by US supermarket breach

Belgian-Dutch supermarket operator Ahold Delhaize reveals that more than two million people, including employees, had their data compromised following a November 2024 ransomware attack
June 27, 2025 27 Jun'25
MPs propose ban on predictive policing

MPs are attempting to amend the UK government’s forthcoming Crime and Policing Bill so that it prohibits the use of controversial predictive policing systems

June 27, 2025 27 Jun'25
Silicon Valley execs sworn in to US Army reserves specialist unit

Four technology executives are brought into the military to make the armed forces ‘more lethal’, reflecting softening attitudes throughout the sector towards ‘the business of inflicting violence’
June 26, 2025 26 Jun'25
British hacker IntelBroker faces years in a US prison cell

US authorities have unsealed charges against 25-year-old hacker Kai West, aka IntelBroker, accusing him of being behind multiple cyber attacks
June 26, 2025 26 Jun'25
Glasgow Council services remain offline a week after cyber attack

Disruption continues a week after core services at Glasgow City Council were forced offline following a cyber attack on a third-party IT services provider
June 25, 2025 25 Jun'25
Latest Citrix vulnerability could be every bit as bad as Citrix Bleed

A Citrix NetScaler flaw that was quietly patched earlier in June is gathering widespread attention after experts noted strong similarities to the Citrix Bleed vulnerability that caused chaos in late 2023
June 24, 2025 24 Jun'25
UK ransomware costs significantly outpace other countries

UK organisations hit by ransomware attacks paid much higher ransoms than in other countries over the past 12 months, according to study
June 24, 2025 24 Jun'25
CMA consults on Google’s search dominance

The Competition and Markets Authority is consulting on whether Google should be designated with strategic market status

June 23, 2025 23 Jun'25
Widening Middle Eastern war increases cyber risk

With the entry of the US into the widening Middle Eastern conflict, cyber risk is likely to increase across the board
June 23, 2025 23 Jun'25
Police to gain powers to grab online data when they seize phones and laptops

Academics and civil liberties experts say that proposed ‘authoritarian’ powers to allow police to trawl online and cloud services used by owners of seized devices should require approval from a judge
June 20, 2025 20 Jun'25
Cyber Essentials certifications rising slowly but steadily

The number of businesses attaining the NCSC Cyber Essentials certification continues to increase, but much more can be done to raise awareness of the scheme
June 20, 2025 20 Jun'25
M&S, Co-op attacks a ‘Category 2 cyber hurricane’, say UK experts

The UK’s Cyber Monitoring Centre has published its first in-depth assessment of a major incident, reflecting on the impact of and lessons learned from Scattered Spider attacks on M&S and Co-op
June 20, 2025 20 Jun'25
UK data reforms become law

UK passes wide-ranging data protection reforms to ‘simplify’ organisations’ sharing and processing of data, but questions remain whether changes will be accepted by European Commission when renewing UK data adequacy
June 20, 2025 20 Jun'25
Dutch cloud pioneers face the hard limits of digital sovereignty

The Netherlands’ ambitious talk of digital independence meets the unforgiving economics of global cloud dominance
June 17, 2025 17 Jun'25
Cyber action plan kicks off to ‘supercharge’ UK security sector

UK government says its cyber growth action plan will provide a large boost to Britain’s security industry as it sets out to create a roadmap for future growth
June 17, 2025 17 Jun'25
Scattered Spider widens web to target insurance sector

Following a series of high-profile attacks on prominent retailers and consumer brands, the Scattered Spider cyber crime collective appears to be expanding its targeting to the insurance sector
June 11, 2025 11 Jun'25
NHS IT the big winner in Reeves’ Spending Review

The chancellor of the exchequer has significantly upped spending on digital and technology initiatives in the current Spending Review period, with the NHS receiving a 50% tech funding increase
June 11, 2025 11 Jun'25
Cyber Bill at risk of becoming a missed opportunity, say MPs

An APPG report warns that the government’s flagship cyber security legislation is too narrow in its scope and risks missing opportunities to embed resilience at the heart of the British economy
June 10, 2025 10 Jun'25
Open source a ‘force multiplier’ for AI innovation

From powerful large language models to the next wave of AI agents, the open-source community is driving innovation and setting the agenda for the entire field, according to leaders at KubeCon + CloudNativeCon China
June 10, 2025 10 Jun'25
Third-party security weaknesses threaten Europe’s big banks

Security breaches via third parties increased by 25% at Europe’s largest finance firms
June 06, 2025 06 Jun'25
UK ICO publishes AI and biometrics strategy

The UK data regulator has outlined how it will approach the regulation of artificial intelligence and biometric technologies, which will focus in particular on automated decision-making systems and police facial recognition
June 05, 2025 05 Jun'25
HMRC phishing breach wholly avoidable, but hard to stop

A breach at HMRC saw innocent taxpayers tricked into letting scammers impersonate them through simple phishing attacks leading to account takeover. Such attacks are avoidable, but hard to stop
June 05, 2025 05 Jun'25
UK’s error-prone eVisa system is ‘anxiety-inducing’

People experiencing technical errors with the Home Office’s electronic visa system explain the psychological toll of not being able to reliably prove their immigration status in the face of a hostile and unresponsive bureaucracy
June 04, 2025 04 Jun'25
Put ROCs before SOCs, Qualys tells public sector

Putting risk operations before security operations may help government agencies and other public sector bodies better manage the myriad threats they face, and make better decisions for the security of all
June 04, 2025 04 Jun'25
NCSC sets out how to build cyber safe cultures

The UK’s National Cyber Security Centre has published guidance for security teams and leaders on how to foster accessible and appropriate cyber security cultures in their organisations
June 04, 2025 04 Jun'25
SXSW London: Risk of AI removing choice

The modern era, where AI speeds up day-to-day chores, is undermining creativity and the ability to make choices
June 04, 2025 04 Jun'25
Microsoft outlines three-pronged European cyber strategy

Microsoft chair Brad Smith outlines an expansive cyber programme targeting governments across Europe with enhanced threat intelligence and support
June 04, 2025 04 Jun'25
European Commission should rescind UK data adequacy

Civil society organisations have urged the European Commissioner to not renew the UK’s data adequacy, given the country’s growing divergence from European data protection standards
June 04, 2025 04 Jun'25
Open source adoption faces reality checks

Industry leaders lauded the power of open source to drive innovation but warned that its adoption requires significant effort, due diligence and a clear understanding of inherent complexities and licensing challenges
June 03, 2025 03 Jun'25
SailPoint charts course for AI-driven identity security

SailPoint is driving the use of agentic AI in identity security with its Harbor Pilot offering while preparing to help enterprises govern and secure AI agents
June 02, 2025 02 Jun'25
US cyber agency CISA faces stiff budget cuts

CISA is one of several US agencies facing drastic budget cuts under the Trump administration
June 02, 2025 02 Jun'25
Cyber and digital get over £1bn to enhance UK’s national security

The government has set out plans to spend over a billion pounds on digital and cyber warfare capabilities to enhance the UK’s ability to defend itself and fight offensive wars
June 02, 2025 02 Jun'25
AI should be used to improve boardroom efficiency

Artificial intelligence is not just for business efficiency. Company boards should deploy the technology to support their own processes
May 28, 2025 28 May'25
UK biometric surveillance exists in ‘legal grey area’

The rapid proliferation of ‘biometric mass surveillance technologies’ throughout the UK’s public and private sectors is taking place without legal certainty or adequate safeguards for the public
May 28, 2025 28 May'25
ANZ firms spending more on data management

Nearly nine in 10 organisations in Australia and New Zealand increased their overall spend on data management last year to cope with higher data volumes and growing use of artificial intelligence, study finds
May 27, 2025 27 May'25
US makes fresh indictments over DanaBot, Qakbot malwares

US charges the operators of two malwares, DanaBot and Qakbot, whose actions led to millions of dollars worth of cyber theft and fraud
May 27, 2025 27 May'25
Armed forces charity steps in to address cyber mental health crisis

CIISec and military charity PTSD Resolution hope to address a gathering mental health crisis among frontline cyber professionals
May 23, 2025 23 May'25
Essex Police discloses ‘incoherent’ facial recognition assessment

An equality impact assessment of Essex Police live facial recognition deployments is plagued by inconsistencies and poor methodology, undermining the force’s claim that its use of the technology will not be discriminatory
May 22, 2025 22 May'25
DSIT makes £5.5m of funding available to new projects

The government is focusing on easing the regulatory burden that can often hamper the introduction of innovative technologies in the public sector
May 22, 2025 22 May'25
How to tackle your infrastructure technical debt

Gartner analysts explain how infrastructure and operations teams can address the accumulation of outdated systems and make a compelling business case for upgrades
May 21, 2025 21 May'25
M&S cyber attack disruption likely to last until July

M&S says it has moved into recovery mode after a ransomware attack, but expects some disruption to persist throughout the coming weeks
May 21, 2025 21 May'25
NCSC: Russia’s Fancy Bear targeting logistics, tech organisations

The NCSC and its partner agencies have blown the whistle on an extensive campaign of malicious cyber attacks orchestrated by the Russian state Fancy Bear operation
May 21, 2025 21 May'25
Interview: Rom Kosla, CIO, Hewlett Packard Enterprise

The IT chief of one of the world’s biggest tech companies still has to get the technology right – and he’s building on cloud, application consolidation and data to bring new capabilities in AI to his users
May 21, 2025 21 May'25
Capital One pushes out data tokenisation

Organisations using the Databricks and Snowflake platforms will be able to use Capital One’s Databolt tool to secure their data
May 21, 2025 21 May'25
Ransomware attacks dropped by a third last month

Reported ransomware attacks eased off during April following a dramatic spike in the first quarter of 2025
May 21, 2025 21 May'25
Strong fintech security posture at risk via third-party weak links

Despite having a strong security posture, the financial technology sector could be open to attack via third parties
May 20, 2025 20 May'25
Retail cyber attacks hit food distributor Peter Green Chilled

Cold chain services provider Peter Green Chilled, which supplies the likes of Aldi, Sainsbury’s and Tesco, has been forced to halt operations after succumbing to a ransomware attack
May 20, 2025 20 May'25
Rio Tinto overhauls IT operations with platform model

Rio Tinto’s head of technology platforms outlines the mining giant’s move to an IT platform model designed to escape a reactive cycle of critical incidents and improve service quality for internal and external customers