News

IT risk management

• March 20, 2026 20 Mar'26

  Essex Police halts live facial recognition over bias and accuracy risks

  LFR deployments by Essex Police will not continue until risks associated with bias and inaccuracy have been reduced

• March 20, 2026 20 Mar'26

  UK Cyber Monitoring Centre plans expansion in US amid risk of Category 5 attack

  Organisations lulled into a false sense of security after Russian invasion of Ukraine are still at risk of a Category 5 attack in 2026

• March 19, 2026 19 Mar'26

  AI makes debut in Bridewell cyber security in CNI report

  Regulation has superseded cyber threats as the main driver of cyber security spending, and AI has made its debut for attack and defence, according to a CNI-focused report from Bridewell

• March 19, 2026 19 Mar'26

  Gartner: Ditch ‘big transformation’ cyber strategies for continuous improvement

  As artificial intelligence reshapes the enterprise, CISOs must abandon risky big bang security transformation initiatives in favour of incremental changes to build cyber resilience

• March 18, 2026 18 Mar'26

  UK MoD awards more than two dozen contracts for AI targeting systems

  The UK Ministry of Defence is ramping up its investment into military artificial intelligence in a bid to increase the ‘lethality’ of the British armed forces

• March 17, 2026 17 Mar'26

  Digital IDs edge closer to practical reality for UK businesses

  Industries and policymakers are strongly aligned on the need for digital company IDs for UK businesses, as progress is made towards the implementation of a practical standard

• March 17, 2026 17 Mar'26

  Contactless payment limit removal will happen overnight, but change won’t

  Banks will be able to set their own contactless card payment limits from 19 March, following rule change by Financial Conduct Authority

• March 17, 2026 17 Mar'26

  Health workers call for Palantir to be booted from NHS contracts

  Health justice charity Medact warns that Palantir’s involvement in NHS data systems is a threat to patients and healthcare organisations

• March 17, 2026 17 Mar'26

  Interview: D360 Bank redefines cyber security for Saudi Arabia’s cashless future

  Muath Alhomoud, director of cyber security at D360 Bank, discusses payment security, cloud resilience and the responsible use of AI in a hyper-connected financial ecosystem

• March 13, 2026 13 Mar'26

  UK falls behind on supercomputing amid slow investment, NAO warns

  While UKRI has improved its oversight of research and innovation, funding remains fragmented and has been too slow to replace supercomputers

• March 11, 2026 11 Mar'26

  Iran war a melting pot for other cyber threats

  State-backed cyber threat actors from non-combatant states are taking advantage of the Israeli-US war on Iran to fulfil their own goals, according to Proofpoint analysts

• March 11, 2026 11 Mar'26

  Child rapist could have profiled victims through unaudited access to NHS databases

  NHS analyst’s conviction for child sexual abuse offences raises concerns over unaudited access to patient data

• March 11, 2026 11 Mar'26

  CISOs on alert: Strengthening cyber resilience amid geopolitical tensions in the Middle East

  As regional uncertainty rises, security leaders across the Gulf focus on resilience, faster incident response and deeper threat intelligence to protect critical systems and data

• March 10, 2026 10 Mar'26

  Microsoft patches zero-days in .NET and SQL Server

  Zero-days in .NET and SQL Server, and a handful of critical RCE bugs, form the nucleus of Microsoft’s March Patch Tuesday update

• March 10, 2026 10 Mar'26

  Met Police to ‘trial’ handheld facial recognition tech

  London Mayor Sadiq Khan reveals in a scrutiny session with London Assembly members that the Met is set to trial a facial recognition phone app for police officers

• March 10, 2026 10 Mar'26

  AI chooses nuclear escalation in 95% of simulated crises

  With artificial intelligence increasingly deployed in analysis and decision-making in armed conflict, research shows AI systems will not naturally default to ‘safe’ outcomes in nuclear crises

• March 10, 2026 10 Mar'26

  WA auditor general flags weak Microsoft 365 security controls across state entities

  Western Australia’s Office of the Auditor General has uncovered weaknesses in M365 configurations across seven government agencies, leading to compromised accounts and data breaches

• March 09, 2026 09 Mar'26

  APT36 unleashes AI-generated ‘vibeware’ to flood targets

  The Pakistani threat group has been using AI to rewrite malicious code across multiple programming languages, prioritising scale over sophistication to evade detection, security researchers have found

• March 06, 2026 06 Mar'26

  Norway braced for foreign AI cyber attacks on vital petroleum computing

  Nordic petrostate is preparing for war and turning the spotlight on vulnerabilities in its critical industries, as adversaries look for ways to damage the most important oil and gas producer to the EU

• March 05, 2026 05 Mar'26

  Government wants to build digital ID system in-house

  The Home Affairs Committee hearing on digital ID reveals consultation is due next week; there will be no central database; and while government wants to build the system in-house, it will not replace private digital ID providers

• March 04, 2026 04 Mar'26

  Iranian hacktivists muster their forces but state APTs lay low

  Hacktivist activity surrounding the Iran war is sky-high but Iran’s state-backed cyber espionage actors have yet to show their hands, giving security teams a valuable window of time to shore up their defences

• March 04, 2026 04 Mar'26

  Zero-day in Android phone chips under active attack

  Google and Qualcomm have tag-teamed a serious vulnerability in the chipsets used in Android mobile devices, which has been exploited in the wild as a zero-day

• March 04, 2026 04 Mar'26

  Tycoon2FA phishing platform dismantled in major operation

  A Europol-led sting against the infamous Tycoon2FA MFA bypass phishing service has been successful, with operations disrupted and ringleaders and cyber criminal users identified

• March 04, 2026 04 Mar'26

  Landmark legal challenge against Home Office eVisa system heard

  The UK High Court will examine whether the Home Office policy of refusing to issue alternative proof of immigration status outside of its electronic visa system is lawful

• March 03, 2026 03 Mar'26

  NCSC: No increase in cyber threat from Iran, but be prepared

  While cyber threat levels remain stable following the outbreak of war in the Middle East at the weekend, at-risk organisations in the UK should take steps to ward off potential reprisals from Iran-linked threat actors

• February 26, 2026 26 Feb'26

  US artificial intelligence developers accuse Chinese firms of stealing their data

  Artificial intelligence developers are accusing Chinese firms of stealing their intellectual property following a spate of ‘distillation attacks’, despite their own alleged theft of training data

• February 26, 2026 26 Feb'26

  CrowdStrike touts agentic SOC to tackle security woes

  By embedding AI agents across its platform, CrowdStrike is looking to help security teams automate repetitive security tasks, enabling them to focus on complex and stealthier threats that could slip under the radar

• February 25, 2026 25 Feb'26

  The UK’s proposed social media ban explained

  The UK government will use new legal powers to lay the groundwork for an under-16 social media ban after its consultation on children’s digital well-being, but opponents warn the measures being considered will only treat the symptoms of the problem ...

• February 25, 2026 25 Feb'26

  Application exploitation back in vogue, says IBM cyber unit

  IBM’s X-Force unit observes an uptick in the exploitation of vulnerable public-facing software applications

• February 25, 2026 25 Feb'26

  How AI code generation is pushing DevSecOps to machine speed

  Organisations should adopt shared platforms and automated governance to keep pace with the growing use of generative AI tools that are helping developers produce code at unprecedented volumes

• February 24, 2026 24 Feb'26

  Cyber association launches code of conduct for security pros

  ISC2’s Code of Professional Conduct will supposedly establish a worldwide framework dedicated to principled and ethical practices in the security trade

• February 23, 2026 23 Feb'26

  Why crypto agility is key to quantum readiness

  With quantum computing threatening current encryption standards, experts call for organisations to achieve crypto agility by managing the lifecycle of certificates and cryptographic keys through automation

• February 20, 2026 20 Feb'26

  What it takes to secure agentic commerce

  With AI agents increasingly acting as digital concierges for shoppers, verifying bot identities, securing the APIs they rely on and detecting anomalous behaviour will be key to safeguarding automated transactions, according to Akamai

• February 19, 2026 19 Feb'26

  Bank of Ireland UK fined for late security system implementation

  The payments regulator has fined the bank nearly £4m after it missed a deadline to implement a system to check payees

• February 18, 2026 18 Feb'26

  Flaws in Google and Microsoft products added to Cisa catalogue

  Cisa has added six CVEs to its Kev catalogue this week, including newly disclosed issues in Google Chromium and Dell RecoverPoint for Virtual Machines, and some older flaws as well

• February 18, 2026 18 Feb'26

  0APT ransomware crew makes embarrassing splash

  A ransomware gang called 0APT has attracted attention, but many of its victims may not even be real, and its operators are being accused of over-egging their criminal pudding

• February 17, 2026 17 Feb'26

  Western cyber alliances risk fragmenting in new world order

  The conduct of powerful nations is causing knock-on effects in the cyber world as long-standing security frameworks appear increasingly precarious

• February 17, 2026 17 Feb'26

  Businesses may be caught by government proposals to restrict VPN use

  Labour proposals to restrict social media use to people aged 16 and under could have unintended consequences for businesses using virtual private networks

• February 17, 2026 17 Feb'26

  Government wages cyber campaign as half the UK’s SMEs are breached

  UK government says half of all small businesses have been cyber breached in the recent past as it urges them to ‘lock the door’

• February 12, 2026 12 Feb'26

  European Commission: TikTok’s addictive design breaches EU law

  In a preliminary ruling, European Commission says TikTok’s additive design features are in breach of laws designed to create safer digital spaces

• February 11, 2026 11 Feb'26

  CVE volumes may plausibly reach 100,000 this year

  The number of vulnerabilities to be disclosed in 2026 is almost certain to exceed last year's total, and may be heading towards 100,000, according to analysis

• February 11, 2026 11 Feb'26

  London Assembly member: Police should halt facial-recognition technology use

  In lieu of a full-blown ban on the technology, Green London Assembly member Zoë Garbett has called for a number of new safeguards to be implemented that she feels would protect Londoners from ‘escalating’ biometric surveillance

• February 11, 2026 11 Feb'26

  The Security Interviews: Mick Baccio, Splunk

  Mick Baccio, global security advisor at Splunk SURGe and Cisco Foundation AI, reveals how the experience of running cyber on a dime for a US presidential campaign has informed how he does security, and why the basics still matter

• February 10, 2026 10 Feb'26

  Arctic Wolf targets mid-market security gap in APAC

  Following the launch of its full portfolio in Malaysia, the SOC provider discusses the security challenges facing lean IT teams, the value of supplier neutrality, and its roadmap for AI and ransomware protection

• February 10, 2026 10 Feb'26

  February Patch Tuesday: Microsoft drops six zero-days

  Microsoft releases patches for six zero-day flaws in its latest monthly update, many of them related to security feature bypass issues

• February 10, 2026 10 Feb'26

  Second ever international AI safety report published

  More than 100 artificial intelligence experts have produced the second international AI safety report ahead of a summit in India, outlining a high degree of uncertainty about the development and risks of AI

• February 10, 2026 10 Feb'26

  Artificial intelligence now finance sector’s ‘connective tissue’

  Major study finds debate over AI adoption is over as almost every finance firm in the world is already using the technology

• February 10, 2026 10 Feb'26

  Singapore mounts largest ever cyber operation to oust APT actor

  Operation Cyber Guardian mobilised over 100 defenders to neutralise UNC3886, which infiltrated Singtel, StarHub, M1 and Simba networks, operators issue joint pledge on defence-in-depth

• February 09, 2026 09 Feb'26

  UAE’s TII challenges big tech dominance with open source Falcon AI models

  Through its Falcon models and an open, efficiency-driven research strategy, the Technology Innovation Institute is positioning the UAE as a producer of foundational AI, not merely a consumer of global platforms

• February 09, 2026 09 Feb'26

  As space gets crowded, cyber threats from jamming to stalker satellites loom large

  Experts at the inaugural CYSAT Asia in Singapore warn of the urgency of securing space assets amid growing geopolitical tensions and supply chain vulnerabilities