News
IT risk management
-
July 24, 2025
24
Jul'25
Monzo’s £21m fine highlights banks’ cyber security failures
Monzo’s recent fine over failings in its customer verification processes highlights wider security and privacy shortcomings in the personal finance world
-
July 22, 2025
22
Jul'25
Microsoft confirms China link to SharePoint hacks
Microsoft confirms two known China-nexus threat actors, and one other suspected state-backed hacking group, are exploiting vulnerabilities in SharePoint Server
-
July 22, 2025
22
Jul'25
Interview: How OpenAI is making ChatGPT public and private sector-ready
We speak to OpenAI’s solution engineering lead, Matt Weaver, about enterprise adoption and making ChatGPT secure
-
July 21, 2025
21
Jul'25
UK may be seeking to pull back from Apple encryption row with US
UK government officials say that attempts by the Home Office to require Apple to introduce ‘backdoors’ to its secure encrypted storage service will cross US red lines
-
July 21, 2025
21
Jul'25
The Security Interviews: Jason Nurse, University of Kent
Jason Nurse, reader in cyber security at the University of Kent, discusses the psychological side of cyber and online safety, why placing blame on users as ‘the weakest link’ is wrong – and why security pros should think about user needs more
-
July 21, 2025
21
Jul'25
Singapore under ongoing cyber attack from APT group
Nation-state actor UNC3886 is actively targeting Singapore’s critical national infrastructure in a sophisticated espionage and disruption campaign, with the country mounting a whole-of-government response
-
July 18, 2025
18
Jul'25
DWP accused of shielding AI deployments from public scrutiny
Amnesty International and Big Brother Watch say Department for Work and Pensions’ ‘unchecked’ and opaque use of AI in the UK benefits system treats claimants as suspicious and is shielded from public scrutiny
-
July 17, 2025
17
Jul'25
Estimated 96% of EMEA financial services sector not ready for DORA
Research from data backup provider Veeam indicates that vast majority of European financial services firms do not feel ready to meet the resiliency requirements of the EU’s DORA act
-
July 17, 2025
17
Jul'25
Terrorist potential of generative AI ‘purely theoretical’
UK terror legislation advisor takes stock of the potential for generative artificial intelligence systems to be adopted by terrorists, particularly for propaganda and attack planning purposes, but acknowledges the impact may be limited
-
July 16, 2025
16
Jul'25
Hackbots biggest cloud security risk, slashing attack times to minutes
With cyber criminals using automated tools to steal data in minutes, organisations must focus on runtime protection and automated responses to combat the rising threat from AI and misconfigured cloud assets
-
July 16, 2025
16
Jul'25
Forrester urges IT leaders to dump technical debt
IT needs to invest in innovative technologies and outsource legacy IT management to tackle volatile global markets, says Forrester
-
July 16, 2025
16
Jul'25
Securonix tackles security data deluge with AI-driven platform
As security data volumes grow and security budgets tighten, Securonix is betting on its AI-driven platform to help businesses manage threats cost-effectively, says its CEO
-
July 15, 2025
15
Jul'25
Current approaches to patching unsustainable, report says
Organisations are struggling to prioritise vulnerability patching appropriately, leading to situations where everything is a crisis, which helps nobody, according to a report
-
July 15, 2025
15
Jul'25
Ada Lovelace: using market forces to professionalise AI assurance
The Ada Lovelace Institute examines how ‘market forces’ can be used to drive the professionalisation of artificial intelligence assurance in the context of a wider political shift towards deregulation
-
July 15, 2025
15
Jul'25
Datadog doubles down on APAC, targets faster growth
The observability tools supplier is executing a multi-year growth plan for Asia-Pacific and Japan, focusing on data residency, localisation and AI-driven observability to grow its market share
-
July 14, 2025
14
Jul'25
Brits clinging to Windows 10 face heightened risk, says NCSC
Businesses and consumers alike may not feel the need to upgrade to Windows 11 as its predecessor approaches end-of-life, but they are putting their own security at risk, says the NCSC
-
July 14, 2025
14
Jul'25
AI adoption grows amid falling trust in AI outputs
As organisations move from AI hype to reality, a decline in trust for AI outputs is not a sign of failure, but a signal of market maturity, according to Bhavya Kapoor, Avanade's Asia-Pacific president
-
July 11, 2025
11
Jul'25
MoD supply chain cyber scheme gets up and running
The Ministry of Defence and IASME have launched a certification scheme for organisations working in the UK defence supply chain, with construction firm Morgan Sindall the first business to achieve compliance
-
July 11, 2025
11
Jul'25
UK to create ‘governance framework’ for police facial recognition
Home secretary Yvette Cooper has confirmed UK will regulate police facial recognition, citing police reticence to deploy systems without proper governance, but declined to say if any new framework will be statutory
-
July 11, 2025
11
Jul'25
AWS bolsters security tools to help customers manage AI risks
Amazon Web Services has unveiled new and updated security services, including container-level threat detection and a unified command centre, to help organisations build and secure artificial intelligence applications
-
July 10, 2025
10
Jul'25
Government funding to help SMEs protect their IP
Scheme will see SMEs and innovative startups working in sensitive sectors receive advice on enhancing cyber and physical security measures to protect their valuable intellectual property
-
July 09, 2025
09
Jul'25
Qantas details impact of data breach on 5.7 million customers
Australian flag carrier begins notifying millions of individuals after a cyber attack on a call centre, confirming that while financial and passport details are safe, a significant volume of other personal information was compromised
-
July 08, 2025
08
Jul'25
AI for Good: Signal president warns of agentic AI security flaw
Secure by design is a mantra of the tech sector, but not if it’s agentic AI, which wants ‘root’ access to everything
-
July 08, 2025
08
Jul'25
NHS trust accused of ‘at best cavalier, at worst deceitful’ behaviour after deleting emails
A London hospital trust faces allegations it withheld key evidence from a tribunal hearing after one of its directors attempted to destroy more than 90,000 emails
-
July 08, 2025
08
Jul'25
Proofpoint bets on APAC growth amid spike in AI-driven threats
With cyber attacks spiking in non-English-speaking markets such as Japan, the security firm is boosting its regional presence to combat a wave of AI-generated threats
-
July 07, 2025
07
Jul'25
Digital warfare is blurring civilian front lines
Singapore’s defence cyber chief warns that the traditional lines between military conflict and civilian life are blurring, with adversaries now targeting civilian systems and using AI to put the threat landscape on steroids
-
July 03, 2025
03
Jul'25
Fine-tuning to deliver business AI value
Foundation AI models offer knowledge that spans the internet, but they generally lack an understanding of proprietary business data and processes
-
July 02, 2025
02
Jul'25
US CISA agency extends Iran cyber alert, warns of CNI threat
The US Cybersecurity and Infrastructure Security Agency reiterates guidance for operators of critical national infrastructure as it eyes the possibility of cyber attacks from Iran
-
July 02, 2025
02
Jul'25
Dutch study uncovers cognitive biases undermining cyber security board decisions
Dutch research reveals how cognitive biases can lead to catastrophic security decisions
-
July 02, 2025
02
Jul'25
Qantas customer data exposed in contact centre breach
Australian flag carrier is investigating significant data theft of personal information for up to six million customers after a third-party platform used by its call centre was compromised
-
June 27, 2025
27
Jun'25
Citrix Bleed 2 under active attack, reports suggest
Days after news emerged of a Citrix NetScaler flaw comparable in its scope and severity to 2023’s infamous Citrix Bleed, there are already clear indicators that threat actors are taking advantage of the critical vulnerability
-
June 27, 2025
27
Jun'25
Ciaran Martin: AI might disturb attacker-defender security balance
The founder of the National Cyber Security Centre spoke with Computer Weekly at Infosecurity Europe 2025 about how artificial intelligence might disturb the attacker-defender security equilibrium
-
June 27, 2025
27
Jun'25
MPs propose ban on predictive policing
MPs are attempting to amend the UK government’s forthcoming Crime and Policing Bill so that it prohibits the use of controversial predictive policing systems
-
June 26, 2025
26
Jun'25
Sky ECC distributor released from French custody pending trial
Canadian businessman accused of distributing Sky ECC encrypted phones has been released on bail after over four years in custody without a trial
-
June 25, 2025
25
Jun'25
Latest Citrix vulnerability could be every bit as bad as Citrix Bleed
A Citrix NetScaler flaw that was quietly patched earlier in June is gathering widespread attention after experts noted strong similarities to the Citrix Bleed vulnerability that caused chaos in late 2023
-
June 24, 2025
24
Jun'25
One year since being freed, Julian Assange still a victim of state secrecy
If the State Department’s arguments prevail in FOIA litigation, the truth about US action against Julian Assange and WikiLeaks journalists will never be known
-
June 23, 2025
23
Jun'25
Widening Middle Eastern war increases cyber risk
With the entry of the US into the widening Middle Eastern conflict, cyber risk is likely to increase across the board
-
June 20, 2025
20
Jun'25
Cyber Essentials certifications rising slowly but steadily
The number of businesses attaining the NCSC Cyber Essentials certification continues to increase, but much more can be done to raise awareness of the scheme
-
June 20, 2025
20
Jun'25
M&S, Co-op attacks a ‘Category 2 cyber hurricane’, say UK experts
The UK’s Cyber Monitoring Centre has published its first in-depth assessment of a major incident, reflecting on the impact of and lessons learned from Scattered Spider attacks on M&S and Co-op
-
June 20, 2025
20
Jun'25
UK data reforms become law
UK passes wide-ranging data protection reforms to ‘simplify’ organisations’ sharing and processing of data, but questions remain whether changes will be accepted by European Commission when renewing UK data adequacy
-
June 19, 2025
19
Jun'25
UBS employee data leaked after cyber attack on supplier
UBS and fellow Swiss bank Pictet have been affected by a cyber attack on a procurement service provider
-
June 18, 2025
18
Jun'25
Traditional fake news detection fails against AI-generated content
As generative AI produces increasingly convincing text, Dutch researchers are exploring how linguistic cues, model bias, and transparency tools can help detect fake news.
-
June 17, 2025
17
Jun'25
Scattered Spider widens web to target insurance sector
Following a series of high-profile attacks on prominent retailers and consumer brands, the Scattered Spider cyber crime collective appears to be expanding its targeting to the insurance sector
-
June 16, 2025
16
Jun'25
Intelligence sharing key to cyber security in Europe, says EU Commission cyber expert
Cyber criminals choose not to attack Europe due to its resilience and preparedness, says the EU Commission’s principal advisor for cyber security coordination, Despina Spanou
-
June 11, 2025
11
Jun'25
NHS IT the big winner in Reeves’ Spending Review
The chancellor of the exchequer has significantly upped spending on digital and technology initiatives in the current Spending Review period, with the NHS receiving a 50% tech funding increase
-
June 11, 2025
11
Jun'25
How breaking things builds resilient systems
To prevent and recover from outages in today’s complex, cloud-native world, enterprises must proactively and deliberately inject failure into their systems through chaos engineering practices
-
June 11, 2025
11
Jun'25
June Patch Tuesday brings a lighter load for defenders
Barely 70 vulnerabilities make the cut for Microsoft’s monthly security update, but an RCE flaw in WEBDAV and an EoP issue in Windows SMB Client still warrant close attention
-
June 11, 2025
11
Jun'25
Cyber Bill at risk of becoming a missed opportunity, say MPs
An APPG report warns that the government’s flagship cyber security legislation is too narrow in its scope and risks missing opportunities to embed resilience at the heart of the British economy
-
June 10, 2025
10
Jun'25
Third-party security weaknesses threaten Europe’s big banks
Security breaches via third parties increased by 25% at Europe’s largest finance firms
-
June 06, 2025
06
Jun'25
UK ICO publishes AI and biometrics strategy
The UK data regulator has outlined how it will approach the regulation of artificial intelligence and biometric technologies, which will focus in particular on automated decision-making systems and police facial recognition