News

IT risk management

• August 06, 2025 06 Aug'25

  NCSC updates CNI Cyber Assessment Framework

  Updates to the NCSC’s Cyber Assessment Framework are designed to help providers of critical services better manage their risk profiles

• August 06, 2025 06 Aug'25

  Australian scaleup to bring AI-led data protection to the MoD

  The UK’s Ministry of Defence is embracing AI-led data protection in the wake of a major privacy breach, enlisting Australian cyber firm Castlepoint Systems to oversee sensitive records

• August 05, 2025 05 Aug'25

  Attacker could defeat Dell firmware flaws with a vegetable

  Cisco Talos discloses five vulnerabilities in cyber security firmware used on Dell Latitude and Precision devices, including one that could enable an attacker to log on with a spring onion

• August 04, 2025 04 Aug'25

  Black Hat USA: Halcyon and Sophos tag-team ransomware fightback

  Ransomware experts Halcyon and Sophos are to pool their expertise in ransomware, working together to enhance data- and intelligence-sharing and bringing more comprehensive protection to customers

• August 01, 2025 01 Aug'25

  Met Police to double facial recognition use amid budget cuts

  The UK’s largest police force is massively expanding its use of live facial recognition technology as it prepares to lose 1,700 officers and staff

• July 31, 2025 31 Jul'25

  Palo Alto Networks to acquire CyberArk for $25bn

  The deal marks Palo Alto Networks’ entry into the identity and access management space amid the growing need to secure human, machine and emerging AI agent identities

• July 30, 2025 30 Jul'25

  Scattered Spider tactics continue to evolve, warn cyber cops

  CISA, the FBI, NCSC and others have clubbed together to update previous guidance on Scattered Spider's playbook, warning of new social engineering tactics and exploitation of legitimate tools, among other things

• July 30, 2025 30 Jul'25

  MS Authenticator users face passkey crunch time

  The deadline for moving to passkeys in Microsoft Authenticator is rapidly approaching, and users are advised to take action now

• July 30, 2025 30 Jul'25

  AI-enabled security pushes down breach costs for UK organisations

  Organisations that are incorporating AI and automation into their cyber security practice are seeing improved outcomes when incidents occur, according to an IBM study

• July 30, 2025 30 Jul'25

  Industry experts warn crypto infrastructure is ‘creaking’

  A report from experts at HSBC, Thales and InfoSec Global claims decades-old cryptographic systems are failing, putting businesses at risk from current vulnerabilities and the threat from quantum computing

• July 30, 2025 30 Jul'25

  International AI Alignment effort tackles unpredictability

  Given AI systems are probabilistic, a group of international experts are collaborating to ensure such systems operate in the best interest of society

• July 29, 2025 29 Jul'25

  Austrian government faces likely legal challenge over state spyware

  Civil society groups are talking to opposition MPs about bringing a legal challenge to the Austrian constitutional court over ‘state trojan’ law

• July 29, 2025 29 Jul'25

  European Commission ignores calls to reassess Israel data adequacy

  The European Commission is ignoring calls to reassess Israel’s data adequacy status in spite of concerns raised about its data protection framework and use of personal data in ‘repressive practices’

• July 29, 2025 29 Jul'25

  Global cyber spend will top $200bn this year, says Gartner

  Worldwide spending on cyber security will hit another record high in 2025, and will go higher still next year

• July 28, 2025 28 Jul'25

  Data resilience critical as ransomware attacks target backups

  With more threat actors targeting backup repositories to ensure a payday, Veeam urges organisations to treat data resilience as a competitive advantage, not just an insurance policy

• July 25, 2025 25 Jul'25

  Interview: Cambridge Consultants CEO Monty Barlow scans for tech surprises

  Cambridge Consultants is a technology and consulting business unit of Capgemini. Its chief executive, Monty Barlow, talks about its heritage and vision for the future of digital technology

• July 24, 2025 24 Jul'25

  Dutch researchers use heartbeat detection to unmask deepfakes

  Dutch method to counter deepfakes analyses blood flow patterns in faces that current deepfake generation tools cannot yet replicate

• July 24, 2025 24 Jul'25

  Monzo’s £21m fine highlights banks’ cyber security failures

  Monzo’s recent fine over failings in its customer verification processes highlights wider security and privacy shortcomings in the personal finance world

• July 22, 2025 22 Jul'25

  Microsoft confirms China link to SharePoint hacks

  Microsoft confirms two known China-nexus threat actors, and one other suspected state-backed hacking group, are exploiting vulnerabilities in SharePoint Server

• July 22, 2025 22 Jul'25

  Interview: How OpenAI is making ChatGPT public and private sector-ready

  We speak to OpenAI’s solution engineering lead, Matt Weaver, about enterprise adoption and making ChatGPT secure

• July 21, 2025 21 Jul'25

  UK may be seeking to pull back from Apple encryption row with US

  UK government officials say that attempts by the Home Office to require Apple to introduce ‘backdoors’ to its secure encrypted storage service will cross US red lines

• July 21, 2025 21 Jul'25

  The Security Interviews: Jason Nurse, University of Kent

  Jason Nurse, reader in cyber security at the University of Kent, discusses the psychological side of cyber and online safety, why placing blame on users as ‘the weakest link’ is wrong – and why security pros should think about user needs more

• July 21, 2025 21 Jul'25

  Singapore under ongoing cyber attack from APT group

  Nation-state actor UNC3886 is actively targeting Singapore’s critical national infrastructure in a sophisticated espionage and disruption campaign, with the country mounting a whole-of-government response

• July 18, 2025 18 Jul'25

  DWP accused of shielding AI deployments from public scrutiny

  Amnesty International and Big Brother Watch say Department for Work and Pensions’ ‘unchecked’ and opaque use of AI in the UK benefits system treats claimants as suspicious and is shielded from public scrutiny

• July 17, 2025 17 Jul'25

  Estimated 96% of EMEA financial services sector not ready for DORA

  Research from data backup provider Veeam indicates that vast majority of European financial services firms do not feel ready to meet the resiliency requirements of the EU’s DORA act

• July 17, 2025 17 Jul'25

  Terrorist potential of generative AI ‘purely theoretical’

  UK terror legislation advisor takes stock of the potential for generative artificial intelligence systems to be adopted by terrorists, particularly for propaganda and attack planning purposes, but acknowledges the impact may be limited

• July 16, 2025 16 Jul'25

  Hackbots biggest cloud security risk, slashing attack times to minutes

  With cyber criminals using automated tools to steal data in minutes, organisations must focus on runtime protection and automated responses to combat the rising threat from AI and misconfigured cloud assets

• July 16, 2025 16 Jul'25

  Forrester urges IT leaders to dump technical debt

  IT needs to invest in innovative technologies and outsource legacy IT management to tackle volatile global markets, says Forrester

• July 16, 2025 16 Jul'25

  Securonix tackles security data deluge with AI-driven platform

  As security data volumes grow and security budgets tighten, Securonix is betting on its AI-driven platform to help businesses manage threats cost-effectively, says its CEO

• July 15, 2025 15 Jul'25

  Current approaches to patching unsustainable, report says

  Organisations are struggling to prioritise vulnerability patching appropriately, leading to situations where everything is a crisis, which helps nobody, according to a report

• July 15, 2025 15 Jul'25

  Ada Lovelace: using market forces to professionalise AI assurance

  The Ada Lovelace Institute examines how ‘market forces’ can be used to drive the professionalisation of artificial intelligence assurance in the context of a wider political shift towards deregulation

• July 15, 2025 15 Jul'25

  Datadog doubles down on APAC, targets faster growth

  The observability tools supplier is executing a multi-year growth plan for Asia-Pacific and Japan, focusing on data residency, localisation and AI-driven observability to grow its market share

• July 14, 2025 14 Jul'25

  Brits clinging to Windows 10 face heightened risk, says NCSC

  Businesses and consumers alike may not feel the need to upgrade to Windows 11 as its predecessor approaches end-of-life, but they are putting their own security at risk, says the NCSC

• July 14, 2025 14 Jul'25

  AI adoption grows amid falling trust in AI outputs

  As organisations move from AI hype to reality, a decline in trust for AI outputs is not a sign of failure, but a signal of market maturity, according to Bhavya Kapoor, Avanade's Asia-Pacific president

• July 11, 2025 11 Jul'25

  MoD supply chain cyber scheme gets up and running

  The Ministry of Defence and IASME have launched a certification scheme for organisations working in the UK defence supply chain, with construction firm Morgan Sindall the first business to achieve compliance

• July 11, 2025 11 Jul'25

  UK to create ‘governance framework’ for police facial recognition

  Home secretary Yvette Cooper has confirmed UK will regulate police facial recognition, citing police reticence to deploy systems without proper governance, but declined to say if any new framework will be statutory

• July 11, 2025 11 Jul'25

  AWS bolsters security tools to help customers manage AI risks

  Amazon Web Services has unveiled new and updated security services, including container-level threat detection and a unified command centre, to help organisations build and secure artificial intelligence applications

• July 10, 2025 10 Jul'25

  Government funding to help SMEs protect their IP

  Scheme will see SMEs and innovative startups working in sensitive sectors receive advice on enhancing cyber and physical security measures to protect their valuable intellectual property

• July 09, 2025 09 Jul'25

  Qantas details impact of data breach on 5.7 million customers

  Australian flag carrier begins notifying millions of individuals after a cyber attack on a call centre, confirming that while financial and passport details are safe, a significant volume of other personal information was compromised

• July 08, 2025 08 Jul'25

  AI for Good: Signal president warns of agentic AI security flaw

  Secure by design is a mantra of the tech sector, but not if it’s agentic AI, which wants ‘root’ access to everything

• July 08, 2025 08 Jul'25

  NHS trust accused of ‘at best cavalier, at worst deceitful’ behaviour after deleting emails

  A London hospital trust faces allegations it withheld key evidence from a tribunal hearing after one of its directors attempted to destroy more than 90,000 emails

• July 08, 2025 08 Jul'25

  Proofpoint bets on APAC growth amid spike in AI-driven threats

  With cyber attacks spiking in non-English-speaking markets such as Japan, the security firm is boosting its regional presence to combat a wave of AI-generated threats

• July 07, 2025 07 Jul'25

  Digital warfare is blurring civilian front lines

  Singapore’s defence cyber chief warns that the traditional lines between military conflict and civilian life are blurring, with adversaries now targeting civilian systems and using AI to put the threat landscape on steroids

• July 03, 2025 03 Jul'25

  Fine-tuning to deliver business AI value

  Foundation AI models offer knowledge that spans the internet, but they generally lack an understanding of proprietary business data and processes

• July 02, 2025 02 Jul'25

  US CISA agency extends Iran cyber alert, warns of CNI threat

  The US Cybersecurity and Infrastructure Security Agency reiterates guidance for operators of critical national infrastructure as it eyes the possibility of cyber attacks from Iran

• July 02, 2025 02 Jul'25

  Dutch study uncovers cognitive biases undermining cyber security board decisions

  Dutch research reveals how cognitive biases can lead to catastrophic security decisions

• July 02, 2025 02 Jul'25

  Qantas customer data exposed in contact centre breach

  Australian flag carrier is investigating significant data theft of personal information for up to six million customers after a third-party platform used by its call centre was compromised

• June 27, 2025 27 Jun'25

  Citrix Bleed 2 under active attack, reports suggest

  Days after news emerged of a Citrix NetScaler flaw comparable in its scope and severity to 2023’s infamous Citrix Bleed, there are already clear indicators that threat actors are taking advantage of the critical vulnerability

• June 27, 2025 27 Jun'25

  Ciaran Martin: AI might disturb attacker-defender security balance

  The founder of the National Cyber Security Centre spoke with Computer Weekly at Infosecurity Europe 2025 about how artificial intelligence might disturb the attacker-defender security equilibrium

• June 27, 2025 27 Jun'25

  MPs propose ban on predictive policing

  MPs are attempting to amend the UK government’s forthcoming Crime and Policing Bill so that it prohibits the use of controversial predictive policing systems