News
IT risk management
-
August 06, 2025
06
Aug'25
NCSC updates CNI Cyber Assessment Framework
Updates to the NCSC’s Cyber Assessment Framework are designed to help providers of critical services better manage their risk profiles
-
August 06, 2025
06
Aug'25
Australian scaleup to bring AI-led data protection to the MoD
The UK’s Ministry of Defence is embracing AI-led data protection in the wake of a major privacy breach, enlisting Australian cyber firm Castlepoint Systems to oversee sensitive records
-
August 05, 2025
05
Aug'25
Attacker could defeat Dell firmware flaws with a vegetable
Cisco Talos discloses five vulnerabilities in cyber security firmware used on Dell Latitude and Precision devices, including one that could enable an attacker to log on with a spring onion
-
August 04, 2025
04
Aug'25
Black Hat USA: Halcyon and Sophos tag-team ransomware fightback
Ransomware experts Halcyon and Sophos are to pool their expertise in ransomware, working together to enhance data- and intelligence-sharing and bringing more comprehensive protection to customers
-
August 01, 2025
01
Aug'25
Met Police to double facial recognition use amid budget cuts
The UK’s largest police force is massively expanding its use of live facial recognition technology as it prepares to lose 1,700 officers and staff
-
July 31, 2025
31
Jul'25
Palo Alto Networks to acquire CyberArk for $25bn
The deal marks Palo Alto Networks’ entry into the identity and access management space amid the growing need to secure human, machine and emerging AI agent identities
-
July 30, 2025
30
Jul'25
Scattered Spider tactics continue to evolve, warn cyber cops
CISA, the FBI, NCSC and others have clubbed together to update previous guidance on Scattered Spider's playbook, warning of new social engineering tactics and exploitation of legitimate tools, among other things
-
July 30, 2025
30
Jul'25
MS Authenticator users face passkey crunch time
The deadline for moving to passkeys in Microsoft Authenticator is rapidly approaching, and users are advised to take action now
-
July 30, 2025
30
Jul'25
AI-enabled security pushes down breach costs for UK organisations
Organisations that are incorporating AI and automation into their cyber security practice are seeing improved outcomes when incidents occur, according to an IBM study
-
July 30, 2025
30
Jul'25
Industry experts warn crypto infrastructure is ‘creaking’
A report from experts at HSBC, Thales and InfoSec Global claims decades-old cryptographic systems are failing, putting businesses at risk from current vulnerabilities and the threat from quantum computing
-
July 30, 2025
30
Jul'25
International AI Alignment effort tackles unpredictability
Given AI systems are probabilistic, a group of international experts are collaborating to ensure such systems operate in the best interest of society
-
July 29, 2025
29
Jul'25
Austrian government faces likely legal challenge over state spyware
Civil society groups are talking to opposition MPs about bringing a legal challenge to the Austrian constitutional court over ‘state trojan’ law
-
July 29, 2025
29
Jul'25
European Commission ignores calls to reassess Israel data adequacy
The European Commission is ignoring calls to reassess Israel’s data adequacy status in spite of concerns raised about its data protection framework and use of personal data in ‘repressive practices’
-
July 29, 2025
29
Jul'25
Global cyber spend will top $200bn this year, says Gartner
Worldwide spending on cyber security will hit another record high in 2025, and will go higher still next year
-
July 28, 2025
28
Jul'25
Data resilience critical as ransomware attacks target backups
With more threat actors targeting backup repositories to ensure a payday, Veeam urges organisations to treat data resilience as a competitive advantage, not just an insurance policy
-
July 25, 2025
25
Jul'25
Interview: Cambridge Consultants CEO Monty Barlow scans for tech surprises
Cambridge Consultants is a technology and consulting business unit of Capgemini. Its chief executive, Monty Barlow, talks about its heritage and vision for the future of digital technology
-
July 24, 2025
24
Jul'25
Dutch researchers use heartbeat detection to unmask deepfakes
Dutch method to counter deepfakes analyses blood flow patterns in faces that current deepfake generation tools cannot yet replicate
-
July 24, 2025
24
Jul'25
Monzo’s £21m fine highlights banks’ cyber security failures
Monzo’s recent fine over failings in its customer verification processes highlights wider security and privacy shortcomings in the personal finance world
-
July 22, 2025
22
Jul'25
Microsoft confirms China link to SharePoint hacks
Microsoft confirms two known China-nexus threat actors, and one other suspected state-backed hacking group, are exploiting vulnerabilities in SharePoint Server
-
July 22, 2025
22
Jul'25
Interview: How OpenAI is making ChatGPT public and private sector-ready
We speak to OpenAI’s solution engineering lead, Matt Weaver, about enterprise adoption and making ChatGPT secure
-
July 21, 2025
21
Jul'25
UK may be seeking to pull back from Apple encryption row with US
UK government officials say that attempts by the Home Office to require Apple to introduce ‘backdoors’ to its secure encrypted storage service will cross US red lines
-
July 21, 2025
21
Jul'25
The Security Interviews: Jason Nurse, University of Kent
Jason Nurse, reader in cyber security at the University of Kent, discusses the psychological side of cyber and online safety, why placing blame on users as ‘the weakest link’ is wrong – and why security pros should think about user needs more
-
July 21, 2025
21
Jul'25
Singapore under ongoing cyber attack from APT group
Nation-state actor UNC3886 is actively targeting Singapore’s critical national infrastructure in a sophisticated espionage and disruption campaign, with the country mounting a whole-of-government response
-
July 18, 2025
18
Jul'25
DWP accused of shielding AI deployments from public scrutiny
Amnesty International and Big Brother Watch say Department for Work and Pensions’ ‘unchecked’ and opaque use of AI in the UK benefits system treats claimants as suspicious and is shielded from public scrutiny
-
July 17, 2025
17
Jul'25
Estimated 96% of EMEA financial services sector not ready for DORA
Research from data backup provider Veeam indicates that vast majority of European financial services firms do not feel ready to meet the resiliency requirements of the EU’s DORA act
-
July 17, 2025
17
Jul'25
Terrorist potential of generative AI ‘purely theoretical’
UK terror legislation advisor takes stock of the potential for generative artificial intelligence systems to be adopted by terrorists, particularly for propaganda and attack planning purposes, but acknowledges the impact may be limited
-
July 16, 2025
16
Jul'25
Hackbots biggest cloud security risk, slashing attack times to minutes
With cyber criminals using automated tools to steal data in minutes, organisations must focus on runtime protection and automated responses to combat the rising threat from AI and misconfigured cloud assets
-
July 16, 2025
16
Jul'25
Forrester urges IT leaders to dump technical debt
IT needs to invest in innovative technologies and outsource legacy IT management to tackle volatile global markets, says Forrester
-
July 16, 2025
16
Jul'25
Securonix tackles security data deluge with AI-driven platform
As security data volumes grow and security budgets tighten, Securonix is betting on its AI-driven platform to help businesses manage threats cost-effectively, says its CEO
-
July 15, 2025
15
Jul'25
Current approaches to patching unsustainable, report says
Organisations are struggling to prioritise vulnerability patching appropriately, leading to situations where everything is a crisis, which helps nobody, according to a report
-
July 15, 2025
15
Jul'25
Ada Lovelace: using market forces to professionalise AI assurance
The Ada Lovelace Institute examines how ‘market forces’ can be used to drive the professionalisation of artificial intelligence assurance in the context of a wider political shift towards deregulation
-
July 15, 2025
15
Jul'25
Datadog doubles down on APAC, targets faster growth
The observability tools supplier is executing a multi-year growth plan for Asia-Pacific and Japan, focusing on data residency, localisation and AI-driven observability to grow its market share
-
July 14, 2025
14
Jul'25
Brits clinging to Windows 10 face heightened risk, says NCSC
Businesses and consumers alike may not feel the need to upgrade to Windows 11 as its predecessor approaches end-of-life, but they are putting their own security at risk, says the NCSC
-
July 14, 2025
14
Jul'25
AI adoption grows amid falling trust in AI outputs
As organisations move from AI hype to reality, a decline in trust for AI outputs is not a sign of failure, but a signal of market maturity, according to Bhavya Kapoor, Avanade's Asia-Pacific president
-
July 11, 2025
11
Jul'25
MoD supply chain cyber scheme gets up and running
The Ministry of Defence and IASME have launched a certification scheme for organisations working in the UK defence supply chain, with construction firm Morgan Sindall the first business to achieve compliance
-
July 11, 2025
11
Jul'25
UK to create ‘governance framework’ for police facial recognition
Home secretary Yvette Cooper has confirmed UK will regulate police facial recognition, citing police reticence to deploy systems without proper governance, but declined to say if any new framework will be statutory
-
July 11, 2025
11
Jul'25
AWS bolsters security tools to help customers manage AI risks
Amazon Web Services has unveiled new and updated security services, including container-level threat detection and a unified command centre, to help organisations build and secure artificial intelligence applications
-
July 10, 2025
10
Jul'25
Government funding to help SMEs protect their IP
Scheme will see SMEs and innovative startups working in sensitive sectors receive advice on enhancing cyber and physical security measures to protect their valuable intellectual property
-
July 09, 2025
09
Jul'25
Qantas details impact of data breach on 5.7 million customers
Australian flag carrier begins notifying millions of individuals after a cyber attack on a call centre, confirming that while financial and passport details are safe, a significant volume of other personal information was compromised
-
July 08, 2025
08
Jul'25
AI for Good: Signal president warns of agentic AI security flaw
Secure by design is a mantra of the tech sector, but not if it’s agentic AI, which wants ‘root’ access to everything
-
July 08, 2025
08
Jul'25
NHS trust accused of ‘at best cavalier, at worst deceitful’ behaviour after deleting emails
A London hospital trust faces allegations it withheld key evidence from a tribunal hearing after one of its directors attempted to destroy more than 90,000 emails
-
July 08, 2025
08
Jul'25
Proofpoint bets on APAC growth amid spike in AI-driven threats
With cyber attacks spiking in non-English-speaking markets such as Japan, the security firm is boosting its regional presence to combat a wave of AI-generated threats
-
July 07, 2025
07
Jul'25
Digital warfare is blurring civilian front lines
Singapore’s defence cyber chief warns that the traditional lines between military conflict and civilian life are blurring, with adversaries now targeting civilian systems and using AI to put the threat landscape on steroids
-
July 03, 2025
03
Jul'25
Fine-tuning to deliver business AI value
Foundation AI models offer knowledge that spans the internet, but they generally lack an understanding of proprietary business data and processes
-
July 02, 2025
02
Jul'25
US CISA agency extends Iran cyber alert, warns of CNI threat
The US Cybersecurity and Infrastructure Security Agency reiterates guidance for operators of critical national infrastructure as it eyes the possibility of cyber attacks from Iran
-
July 02, 2025
02
Jul'25
Dutch study uncovers cognitive biases undermining cyber security board decisions
Dutch research reveals how cognitive biases can lead to catastrophic security decisions
-
July 02, 2025
02
Jul'25
Qantas customer data exposed in contact centre breach
Australian flag carrier is investigating significant data theft of personal information for up to six million customers after a third-party platform used by its call centre was compromised
-
June 27, 2025
27
Jun'25
Citrix Bleed 2 under active attack, reports suggest
Days after news emerged of a Citrix NetScaler flaw comparable in its scope and severity to 2023’s infamous Citrix Bleed, there are already clear indicators that threat actors are taking advantage of the critical vulnerability
-
June 27, 2025
27
Jun'25
Ciaran Martin: AI might disturb attacker-defender security balance
The founder of the National Cyber Security Centre spoke with Computer Weekly at Infosecurity Europe 2025 about how artificial intelligence might disturb the attacker-defender security equilibrium
-
June 27, 2025
27
Jun'25
MPs propose ban on predictive policing
MPs are attempting to amend the UK government’s forthcoming Crime and Policing Bill so that it prohibits the use of controversial predictive policing systems