News

IT risk management

July 05, 2022 05 Jul'22
Prepare for long-term cyber threat from Ukraine war, says NCSC

The NCSC has published refreshed guidance on cyber preparedness as the war on Ukraine continues, urging organisations to pay attention to the state of their security teams
July 05, 2022 05 Jul'22
LogRhythm bullish on growth in APAC

LogRhythm expects its business in the region to grow by over 20% this year thanks to demand from emerging economies where cyber security investments have not kept pace with cyber threats
July 05, 2022 05 Jul'22
NCSC CEO: Why we should run towards crises to elevate cyber security

National Cyber Security Centre CEO Lindy Cameron, the 2022 Computer Weekly UKtech50 Most Influential Person in UK IT, reflects on a career immersed in crisis management, and how she is using this to elevate cyber security standards across the country
July 04, 2022 04 Jul'22
MPs call for ban on Chinese surveillance camera technology

Nearly 70 MPs have called on the government to ban Chinese camera technology that is widely used by UK government agencies despite links to human rights abuses in China

July 04, 2022 04 Jul'22
Assange appeals against Priti Patel’s extradition order

WikiLeaks founder is expected to raise concerns over the political nature of his prosecution, the likelihood of him receiving a fair trial, and the risk of a coercive plea bargain
June 30, 2022 30 Jun'22
ICO to cut back on fines for public sector data breaches

Information commissioner John Edwards sets out a revised approach to how the ICO handles data breaches in the public sector, saying fining victims risks punishing the public twice over
June 28, 2022 28 Jun'22
Avast uncovers ‘thieves’ kitchen’ of malware-writing teens

Researchers stumble across online community of 11 to 18-year-olds constructing, exchanging and spreading malware
June 27, 2022 27 Jun'22
Brexit a net negative for UK cyber, say CISOs

Six years on from the UK’s Brexit vote, the majority of security professionals say leaving the EU has raised concerns over their ability to keep their organisations safe
June 24, 2022 24 Jun'22
Black Basta ransomware crew aiming for ‘big leagues’

Emergent Black Basta ransomware gang has hit more than 50 countries since bursting onto the scene earlier this year, says Cybereason
June 24, 2022 24 Jun'22
Developers grapple with open source software security

Software developers are taking longer to fix vulnerabilities and many do not know about the dependencies of open source software components they are using, study finds

June 23, 2022 23 Jun'22
SolarWinds unveils new development model to avoid a repeat of Sunburst

SolarWinds has unveiled a new, secure-by-design software development model to protect itself from a repeat of the infamous 2020 cyber attack on its systems, and serve as a blueprint for the industry
June 22, 2022 22 Jun'22
NatWest files under whistleblower’s bed contain live customer data

Former Royal Bank of Scotland worker wants bank to take back customer files and provide an ‘adequate receipt’
June 22, 2022 22 Jun'22
How TDCX is building a people-centric business

Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez
June 21, 2022 21 Jun'22
CNI leaders’ attitude to ransomware lackadaisical at best

A survey of security decision-makers in sectors regarded as critical national infrastructure reveals a disappointing attitude to ransomware threats
June 21, 2022 21 Jun'22
Microsoft Office 365 has ability to ‘spy’ on workers

Microsoft faces calls for ‘transparency’ over tools in Office 365 that allow employers to read staff emails and monitor their computer use at work
June 20, 2022 20 Jun'22
Lords move to protect cyber researchers from prosecution

A cross-party group in the House of Lords has proposed an amendment to the Product Security and Telecommunications Infrastructure Bill that would address concerns about security researchers or ethical hackers being prosecuted in the course of their ...
June 20, 2022 20 Jun'22
Complex Russian cyber threat requires we go back to basics

The situation in Russia is anything but simple, but it is the fundamentals of cyber security hygiene that pose the best defence against the country’s digital threat, as Mandiant’s Jamie Collier explains
June 19, 2022 19 Jun'22
Aussie mobile users most vulnerable to security threats

Australia has the highest percentage of mobile app threats detected on a per-device basis, with iPhone users more likely to download a risky app than an Android user, study finds
June 17, 2022 17 Jun'22
Government responds to Data Reform Bill consultation

Westminster claims its new data laws will boost British benefits, protect consumers, and seize the ‘benefits’ of Brexit
June 13, 2022 13 Jun'22
UK, US prepare to launch PET project

A transatlantic prize challenge to accelerate development of privacy-enhancing technologies is set to begin
June 13, 2022 13 Jun'22
Government recommits to UK’s cyber future in Digital Strategy

New strategy leans heavily on cyber security but stops short of announcing any initiatives that have not already been launched or heavily trailed
June 13, 2022 13 Jun'22
Qatar bolsters cyber security in preparation for World Cup

With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness
June 10, 2022 10 Jun'22
Snake Keylogger climbing malware charts, says Check Point

Cyber criminals behind Snake Keylogger campaigns have been switching up their tactics in the past few weeks, say researchers
June 10, 2022 10 Jun'22
Commercialising open source

Most software developed today takes advantage of open source, but there are still gaps in understanding what open source means in business
June 09, 2022 09 Jun'22
SolarWinds CEO offers to commit staffers to government cyber agencies

A new proposal from SolarWinds’ outspoken CEO, Sudhakar Ramakrishna, could see software companies commit key staff to work with government cyber agencies to improve cooperation and incident response
June 08, 2022 08 Jun'22
ProxyLogon, ProxyShell may have driven increase in dwell times

The median network intruder dwell time was up 36% to 15 days last year, thanks to massive exploitation of the ProxyLogon and ProxyShell vulnerabilities by IABs, according to new Sophos data
June 07, 2022 07 Jun'22
Weak IT and SecOps collaboration in ANZ opens doors to cyber attacks

The weak collaboration between IT and security teams in Australia and New Zealand is exposing their organisations to data loss, business disruption and other potential consequences of cyber attacks
May 31, 2022 31 May'22
Researchers discover zero-day Microsoft vulnerability in Office

Malicious Word documents have been used to invoke a previously undisclosed vulnerability in Microsoft Office without user interaction through Windows utility functions
May 26, 2022 26 May'22
Consultation launched on datacentre, cloud security

The government is seeking views on how to boost the security and resilience of the UK’s datacentres and online cloud platforms
May 26, 2022 26 May'22
Most CFOs being left out of ransomware conversations

Barely a tenth of CFOs are actively involved in planning for cyber attacks, according to a report
May 25, 2022 25 May'22
Rubrik charts data security path

Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from ransomware and other data security threats
May 25, 2022 25 May'22
Building a pathway to commercial quantum computing

The shortage of expertise in quantum technologies will drive up salaries. A new report from TechUK assesses the route to commercialisation
May 24, 2022 24 May'22
ICO orders facial recognition firm Clearview AI to delete all data about UK residents

UK data watchdog fines facial recognition company Clearview AI £7.5m for multiple privacy breaches. The firm, which offers services to law enforcement, faces growing pressure from regulators and legal action around the world
May 24, 2022 24 May'22
Ransomware volumes grew faster than ever in 2021

Verizon’s annual DBIR assessment of the security landscape highlights an unprecedented boom in ransomware volumes, to the surprise of nobody
May 24, 2022 24 May'22
Bad bots make up a quarter of APAC’s web traffic

Bots that run automated tasks have been responsible for stealing personal information among other malicious activities in the Asia-Pacific region, study finds
May 23, 2022 23 May'22
How Ivanti views patch management with a security lens

Bringing development, operations and security teams together will help organisations to improve their visibility of IT assets and vulnerabilities while keeping threat actors at bay
May 20, 2022 20 May'22
Applying international law to cyber will be a tall order

Many in the security community have voiced their support for the UK government’s ambitions to work towards agreement with other countries on the application of international law to cyber space, but not without some reservations
May 19, 2022 19 May'22
Defensive cyber attacks may be justified, says attorney general

Speaking ahead of a speech at the Chatham House think tank, the UK’s attorney general has suggested defensive cyber attacks against hostile countries may be legally justifiable
May 19, 2022 19 May'22
Red teaming will be standard in Dutch governmental organisations by 2025

The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest
May 18, 2022 18 May'22
Mastercard biometric programme will allow payment authentication by smile

Mastercard is inviting banks and merchants to join a programme to set standards for biometric payments technology
May 17, 2022 17 May'22
Veeam outlines data protection vision

Veeam is looking to achieve an “outsized market leading position” by tapping its strengths in data protection and doubling down on innovation to help enterprises secure emerging workloads
May 17, 2022 17 May'22
Australian CISOs least prepared for cyber attacks

Australian CISOs are under pressure and feel the least prepared globally to deal with the consequences of a cyber attack, study finds
May 16, 2022 16 May'22
Keeping Singapore’s critical systems secure

Tracy Thng offers a glimpse into her work in strengthening the cyber resilience of 11 essential service sectors in Singapore
May 13, 2022 13 May'22
Open source community sets out path to secure software

A 10-point plan to improve the security and resilience of open source software was presented this week at a summit in the US
May 12, 2022 12 May'22
APAC career guide: Becoming a cyber security pro

The region’s burgeoning cyber security industry has attracted more talent last year, but it takes more than just technical knowhow to succeed in the field
May 11, 2022 11 May'22
Nerbian RAT enjoys using Covid-19 phishing lures

The world is slowly coming to terms with Covid-19, but fear of the coronavirus is no less useful to cyber criminals because of it, as Proofpoint researchers have discovered
May 11, 2022 11 May'22
CyberUK 22: Five Eyes focuses on MSP security

The western intelligence community has set out practical steps IT service providers and their customers can take to protect themselves
May 11, 2022 11 May'22
Analysts confirm return of REvil ransomware gang

Secureworks CTU analysis has found that the REvil ransomware is undergoing active development, possibly heralding a new campaign of cyber attacks
May 11, 2022 11 May'22
EU plans to police child abuse raise fresh fears over encryption and privacy rights

Draft regulation unveiled today will require internet and messaging firms to use algorithms to identify grooming and child abuse or face heavy fines
May 10, 2022 10 May'22
CyberUK 22: NCSC refreshes cloud security guidance

The National Cyber Security Centre is revising its cloud guidance as increasing uptake of potentially vulnerable cloud services puts more organisations at risk of compromise