News

IT risk management

• March 13, 2025 13 Mar'25

  Driving licence data could be used for police facial recognition

  The government’s Crime and Policing Bill could allow police to access the UK driving licence database for use in facial recognition watchlists, but the Home Office denies biometric data would be repurposed in this way

• March 11, 2025 11 Mar'25

  March Patch Tuesday brings 57 fixes, multiple zero-days

  The third Patch Tuesday of 2025 brings fixes for 57 flaws and a hefty number of zero-days

• March 11, 2025 11 Mar'25

  Perimeter security appliances source of most ransomware hits

  Perimeter security appliances and devices, particularly VPNs, prove to be the most popular entry points into victim networks for financially motivated ransomware gangs, according to reports

• March 11, 2025 11 Mar'25

  Dutch police disrupt half of ransomware operations, finds embedded PHD student

  Dutch PhD study reveals the impact of centralised intelligence and strategic interventions in the fight against ransomware

• March 11, 2025 11 Mar'25

  UK government under-prepared for catastrophic cyber attack, hears PAC

  The Commons Public Accounts Committee heard government IT leaders respond to recent National Audit Office findings that the government’s cyber resilience is under par

• March 11, 2025 11 Mar'25

  Singapore IT leaders boost AI security defences

  Study reveals a surge in perceived importance of artificial intelligence for cyber security in Singapore, but declining investment in traditional measures raises concerns as sophisticated cyber attacks intensify

• March 10, 2025 10 Mar'25

  How CISOs are tackling cyber security challenges

  Security chiefs at the recent Gartner Security and Risk Management Summit in Sydney share insights on navigating board communication, organisational resilience and the importance of understanding business needs

• March 07, 2025 07 Mar'25

  Managing security in the AI age

  Gartner experts offer guidance on harnessing AI’s power while mitigating its risks, from managing shadow AI to implementing security controls and policies

• March 06, 2025 06 Mar'25

  UK cyber security damaged by ‘clumsy Home Office political censorship’

  Britain’s National Cyber Security Centre secretly censors computer security guidance and drops references to encryption

• March 06, 2025 06 Mar'25

  Going beyond search: Elastic’s observability and security play

  Elastic’s chief product officer Ken Exner talks up the company’s expansion into observability and security and how it balances innovation with community contributions and monetisation

• March 05, 2025 05 Mar'25

  Apple IPT appeal against backdoor encryption order is test case for bigger targets

  The Home Office decision to target Apple with an order requiring access to users’ encrypted data is widely seen as a ‘stalking horse’ for attacks against encrypted messaging services WhatsApp, Telegram and Signal

• March 05, 2025 05 Mar'25

  NHS investigating how API flaw exposed patient data

  NHS patient data was left vulnerable by a flaw in an application programming interface used at online healthcare provider Medefer

• March 04, 2025 04 Mar'25

  Aussie businesses ramp up security spending

  Australian organisations are set to spend A$6.2bn on security and risk management in 2025, a 14.4% jump from the previous year, driven by the rise of AI and a growing threat landscape

• March 03, 2025 03 Mar'25

  Singapore’s HomeTeamNS hit by ransomware attack

  The non-profit organisation suffered a ransomware attack that affected some servers containing employee and member data, prompting an investigation and enhanced security measures

• February 28, 2025 28 Feb'25

  France pushes for law enforcement access to Signal, WhatsApp and encrypted email 

  Proposals to be discussed in the French Parliament will require tech companies to hand over decrypted messages and email or face huge fines 

• February 28, 2025 28 Feb'25

  NHS staff lack confidence in health service cyber measures

  NHS staff understand their role in protecting the health service from cyber threats and the public backs them in this aim, but legacy tech and a lack of training are hindering efforts, according to BT

• February 27, 2025 27 Feb'25

  CVE volumes head towards 50,000 in 2025, analysts claim

  Many trends, notably a big shift to open source tools, are behind an expected boom in the number of disclosed vulnerabilities

• February 26, 2025 26 Feb'25

  CISOs spending more on insider risk

  Insider risk management budgets have more than doubled in the past 12 months and look set to grow further still in 2025, according to a report

• February 26, 2025 26 Feb'25

  Scottish police fail to record ethnicity in DNA database

  Scottish policing bodies are failing to properly record and publish data on the ethnicity of arrested people, making it impossible to determine whether they are discriminating against certain sections of the population

• February 25, 2025 25 Feb'25

  Singapore rolls out guidelines to bolster cloud and datacentre resilience

  New advisory guidelines to enhance resilience and security of cloud services and datacentres in Singapore amid potential service disruptions and growing cyber threats

• February 24, 2025 24 Feb'25

  European Union calls for more cyber data-sharing with Nato

  Updates to the EU’s Cyber Blueprint, establishing best practice for multilateral security incident response in Europe, include calls for more collaboration with Nato member states, as the geopolitical environment becomes ever more fractious

• February 23, 2025 23 Feb'25

  Check Point co-founder on AI, quantum and independence

  Gil Shwed, Check Point’s co-founder and executive chairman, discusses the company’s focus on artificial intelligence-driven security and his commitment to remaining an independent force in the cyber security market

• February 21, 2025 21 Feb'25

  UK police forces ‘supercharging racism’ with predictive policing

  Amnesty International says predictive policing systems are ‘supercharging racism’ in the UK by taking historically biased data to further target poor and racialised communities

• February 20, 2025 20 Feb'25

  Watchdog approves Sellafield physical security, but warns about cyber

  The Office for Nuclear Regulation has taken Sellafield out of special measures for physical security, but harbours cyber security concerns

• February 19, 2025 19 Feb'25

  Warning over privacy of encrypted messages as Russia targets Signal Messenger

  Russia is using phishing attacks to compromise encrypted Signal Messenger services used by targets in the Ukraine. Experts warn that other encrypted app users are at risk

• February 18, 2025 18 Feb'25

  EY: Industrial companies worldwide stunted in emerging technology use

  Businesses globally are spending more on emerging technologies year-on-year, but struggle to expand experimental use cases, finds EY’s sixth annual Reimagining Industry Futures study

• February 18, 2025 18 Feb'25

  Cyber Monitoring Centre develops hurricane scale to count cost of cyber attacks

  A non-profit company aims to measure the impact of cyber events on the economy using a 1 to 5 scale borrowed from hurricane classification

• February 18, 2025 18 Feb'25

  MSP cuts costs with Scality pay-as-you-go anti-ransomware storage

  Autodata gets Scality as-a-service for on-site immutable storage via Artesca, to allow customers to rapidly recover from ransomware and at the same cost per terabyte no matter the volume

• February 18, 2025 18 Feb'25

  CPX 2025: Check Point CEO talks up hybrid mesh security

  At CPX 2025 in Bangkok, Check Point CEO Nadav Zafrir outlined a vision for network security centred on hybrid mesh architecture and AI-powered capabilities

• February 17, 2025 17 Feb'25

  The Security Interviews: Yevgeny Dibrov, Armis

  Armis CEO Yevgeny Dibrov talks about how his military service and intelligence work opened the door into the world of cyber security entrepreneurship

• February 14, 2025 14 Feb'25

  Lenovo CSO: AI adoption fuels security paranoia

  Doug Fisher, Lenovo’s chief security officer, outlines the company’s approach to security and AI governance, and the importance of having a strong security culture to combat cyber threats amplified by the use of AI

• February 12, 2025 12 Feb'25

  Forrester: AI and cyber security drive up IT spending

  Despite artificial intelligence and cyber security increasing investment, technical debt remains a significant drain on IT budgets

• February 10, 2025 10 Feb'25

  Apple: British techies to advise on ‘devastating’ UK global crypto power grab

  A hitherto unknown British organisation – which even the government may have forgotten about – is about to be drawn into a global technical and financial battle, facing threats from Apple to pull out of the UK

• February 07, 2025 07 Feb'25

  Tech companies brace after UK demands back door access to Apple cloud

  The UK has served a notice on Apple demanding back door access to encrypted data stored by users anywhere in the world on Apple’s cloud service

• February 07, 2025 07 Feb'25

  US lawmakers move to ban DeepSeek AI tool

  US politicians have introduced a bill seeking to ban the use of the DeepSeek AI tool on government-owned devices, citing national security concerns due to its alleged links to the Chinese state

• February 07, 2025 07 Feb'25

  Ransomware payment value fell over 30% in 2024

  Several factors, including the impact of law enforcement operations disrupting cyber criminal gangs and better preparedness among users, may be behind a significant drop in the total value of ransomware payments

• February 06, 2025 06 Feb'25

  UK’s Cyber Monitoring Centre begins incident classification work

  The Cyber Monitoring Centre will work to categorise major incidents against a newly developed scale to help organisations better understand the nature of systemic cyber attacks and learn from their impact

• February 05, 2025 05 Feb'25

  Youth activists protest Meta over mental health impacts

  Protest outside Meta’s London offices marks launch of Mad Youth Campaign, an effort by activists to challenge the ways in which corporate power negatively shapes the conditions young people live under

• February 05, 2025 05 Feb'25

  MoD set to develop £50m data analytics platform with Kainos

  The Ministry of Defence has chosen IT services provider Kainos to develop its £50m data analytics platform across all armed services, over a three-year programme

• February 03, 2025 03 Feb'25

  New Relic extends observability to DeepSeek

  The observability tools supplier now offers enhanced monitoring for DeepSeek models to help businesses reduce the costs and risks of generative AI development

• February 03, 2025 03 Feb'25

  Government sets out cyber security practice code to stoke AI growth

  The government has set out a cyber security code of practice for developers to follow when building AI products

• February 03, 2025 03 Feb'25

  DeepSeek-R1 more readily generates dangerous content than other large language models

  Research scientists at cyber firm Enkrypt AI publish concerning findings from a red team exercise conducted against DeepSeek, the hot new generative AI tool

• January 31, 2025 31 Jan'25

  Barclays hit by major IT outage on HMRC deadline day

  Customers of Barclays Bank are left unable to access web app and online banking following a significant IT outage that seems to have come at the worst possible time

• January 31, 2025 31 Jan'25

  AI jailbreaking techniques prove highly effective against DeepSeek

  Researchers at Palo Alto have shown how novel jailbreaking techniques were able to fool breakout GenAI model DeepSeek into helping to create keylogging tools, steal data, and make a Molotov cocktail

• January 31, 2025 31 Jan'25

  DeepSeek API, chat log exposure a ‘rookie’ cyber error

  Security researchers at Wiz find a trove of DeepSeek data including API secrets and chat logs publicly exposed via an open source database management tool, raising questions about the fast-growing service’s approach to security

• January 30, 2025 30 Jan'25

  First international AI safety report published

  A global cohort of nearly 100 artificial intelligence experts publish first international AI safety report ahead of the third AI summit, outlining an array of challenges posed by the technology that will be used to inform upcoming discussions

• January 29, 2025 29 Jan'25

  How government hackers are trying to exploit Google Gemini AI

  Google’s threat intel squad has shared information on how nation state threat actors are attempting to exploit its Gemini AI tool for nefarious ends

• January 29, 2025 29 Jan'25

  Vallance rejects latest charge to reform UK hacking laws

  Science minister Patrick Vallance rejects proposed amendments to the Computer Misuse Act, arguing that they could create a loophole for cyber criminals to exploit

• January 28, 2025 28 Jan'25

  NAO: UK government cyber resilience weak in face of mounting threats

  The National Audit Office has found UK government cyber resilience wanting, weakened by legacy IT and skills shortages, and facing mounting threats

• January 27, 2025 27 Jan'25

  Cyber incident that closed British Museum was inside job

  An IT incident that disrupted visitor access to the British Museum last week was the work of a disgruntled contractor who had been let go