News

IT risk management

• November 25, 2024 25 Nov'24

  Metropolitan Police officer dismissed for unlawfully accessing Sarah Everard files

  Over 100 Met Police officers and staff have been investigated for accessing sensitive data related to the Sarah Everard case, leading to the dismissal of a Roads and Transport officer who accessed the information while off-duty

• November 25, 2024 25 Nov'24

  Microsoft calls on Trump to ‘push harder’ on cyber threats

  Microsoft’s Brad Smith urges president-elect Donald Trump to keep the faith when it comes to fighting back against hostile cyber actors from China, Iran and Russia

• November 20, 2024 20 Nov'24

  Government issues strategic priorities for online safety regulator Ofcom

  Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online

• November 19, 2024 19 Nov'24

  AI readiness stalls in APAC

  Despite significant investment in AI, only 15% of organisations in Asia-Pacific are ready to deploy the technology today, according to Cisco’s latest regional AI readiness survey

• November 18, 2024 18 Nov'24

  AWS widening scope of MFA programme after early success

  AWS reports strong take-up of multi-factor authentication among customers since making it compulsory for root users earlier this year, and plans to expand the scope of its IAM programme in spring 2025

• November 18, 2024 18 Nov'24

  Denmark’s AI-powered welfare system fuels mass surveillance

  Research reveals the automated tools used to flag individuals for benefit fraud violate individuals’ privacy and risk discriminating against marginalised groups

• November 18, 2024 18 Nov'24

  UK consumers losing more than ever to holiday scams

  Last Christmas, UK consumers lost over £11m to cyber criminals. This year, to save them from tears, the NCSC and Action Fraud are teaming up to launch an anti-fraud campaign

• November 18, 2024 18 Nov'24

  Final report on Nats calls for improvements to contingency process

  Suppliers need to be involved much sooner and a review of technical documentation is needed to speed up recovery

• November 14, 2024 14 Nov'24

  Williams Racing F1 team supports kids cyber campaign

  A multi-region campaign will teach pre-teen children cyber security basics – with a little help from Formula 1 star Alex Albon

• November 14, 2024 14 Nov'24

  MPs hold first ever debate on live facial recognition

  MPs have held an open debate on police use of live facial recognition technology for the first time since it was initially deployed by the Met Police in August 2016

• November 14, 2024 14 Nov'24

  Ping CEO on ForgeRock integration and future of identity

  Ping Identity CEO Andre Durand discusses the company’s unified roadmap, commitment to customer stability and growth plans in the evolving identity landscape following the merger with ForgeRock

• November 13, 2024 13 Nov'24

  China’s Volt Typhoon rebuilds botnet in wake of takedown

  Nine months after its malicious botnet comprising legacy routers was disrupted by the Americans, Chinese APT Volt Typhoon is rebuilding and presents as persistent a threat as ever

• November 13, 2024 13 Nov'24

  Ex-boxer fights US government over legality of Sky ECC cryptophone intercepts

  Lawyers for former heavyweight boxer Goran Gogic argue that US prosecutors’ reliance on messages obtained by a European police hacking operation into the SKY ECC encrypted phone network breaches the US constitution

• November 12, 2024 12 Nov'24

  Microsoft fixes 89 CVEs on penultimate Patch Tuesday of 2024

  High-profile vulns in NTLM, Windows Task Scheduler, Active Directory Certificate Services and Microsoft Exchange Server should be prioritised from November’s Patch Tuesday update

• November 12, 2024 12 Nov'24

  Zero-day exploits increasingly sought out by attackers

  Threat actors increasingly favour zero-day exploits to attack their victims before patches become available, according to the NCSC and CISA, which have just published a list of the most widely used vulnerabilities of 2023

• November 12, 2024 12 Nov'24

  Police cloud project raises data protection concerns despite legal reforms

  Ongoing data protection issues with the use of hyperscale public cloud infrastructure by UK police could complicate the ambitions of nine forces to move their common records management system into the cloud

• November 12, 2024 12 Nov'24

  How quantum computing could reshape financial services

  Experts at the Singapore FinTech Festival predict quantum computing will improve risk management, investment strategies and fraud detection in the financial sector, while also posing new challenges for data security

• November 11, 2024 11 Nov'24

  Fresh concerns over NHS England registries procurement

  Clinicians and technologists behind a number of medical devices registries being brought together by NHS England on a new common platform have accused the health service of flouting public sector procurement regulations

• November 07, 2024 07 Nov'24

  Google Cloud MFA enforcement meets with approval

  Latest Google Cloud policy to enforce multifactor authentication across its user base is welcomed by security professionals

• November 07, 2024 07 Nov'24

  AI a force multiplier for the bad guys, say cyber pros

  CIISec’s annual report on the security profession finds evidence of growing concern that artificial intelligence will ultimately prove more useful to threat actors than defenders

• November 07, 2024 07 Nov'24

  Interview: Petra Molnar, author of ‘The walls have eyes’

  Refugee lawyer and author Petra Molnar speaks to Computer Weekly about the extreme violence people on the move face at borders across the world, and how increasingly hostile anti-immigrant politics is being enabled and reinforced by a ‘lucrative ...

• November 06, 2024 06 Nov'24

  UK government launches AI assurance platform for enterprises

  The platform is designed to drive demand for the UK’s artificial intelligence assurance sector and help build greater trust in the technology by helping businesses identify and mitigate a range of AI-related risks

• November 01, 2024 01 Nov'24

  CISA looks to global collaboration as fraught US election begins

  The US' CISA cyber agency has unveiled a two-year International Strategic Plan to advance collaboration and improve resilience against shared risks and threats

• November 01, 2024 01 Nov'24

  Bank of England warns against AI ‘complacency’

  UK financial services regulator wants to increase understanding of AI’s benefits and how firms are managing the risks it poses, as take-up grows and use cases increase

• October 29, 2024 29 Oct'24

  EMEA businesses siphoning budgets to hit NIS2 goals

  With NIS2 now in effect, European business leaders are having to divert budget from elsewhere to achieve compliance

• October 28, 2024 28 Oct'24

  UK launches cyber guidance package for tech startups

  The NCSC and NPSA, alongside agencies from the Five Eyes alliance, have issued guidance for startups on how to secure themselves against common cyber threats and targeted industrial espionage

• October 28, 2024 28 Oct'24

  Inside Google Cloud’s secure AI framework

  Google Cloud’s secure AI framework that’s integrated into its Vertex AI platform offers practical tools and guidance to manage the lifecycle, data governance and operational risks of AI

• October 25, 2024 25 Oct'24

  Dutch critical infrastructure at risk despite high leadership confidence

  Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise

• October 25, 2024 25 Oct'24

  How Infoblox is tackling multicloud complexity and boosting security

  Infoblox CEO Scott Harrell discusses the company’s new Universal DDI service designed to address the growing challenges of managing network security in hybrid IT environments

• October 24, 2024 24 Oct'24

  Prudential taps AI to improve health insurance experience

  Insurance giant Prudential teams up with Google Cloud to streamline claims processing, personalise healthcare journeys and improve health outcomes

• October 23, 2024 23 Oct'24

  Government hails Cyber Essentials success

  Scheme to help keep organisations’ IT safe and secure has given businesses more confidence they won’t fall victim to a cyber attack

• October 23, 2024 23 Oct'24

  ServiceNow touts Now platform as AI engine for transformation

  At the ServiceNow World Forum in Melbourne, company executives touted the transformative power of AI in streamlining workflows, improving user experiences and driving business value

• October 22, 2024 22 Oct'24

  Danish government reboots cyber security council amid AI expansion

  Denmark’s government relaunches digital security initiative to protect business sectors and society at large

• October 21, 2024 21 Oct'24

  Can AI be secure? Experts discuss emerging threats and AI safety

  International cyber security experts call for global cooperation and proactive strategies to address the security challenges posed by artificial intelligence

• October 17, 2024 17 Oct'24

  NCSC chief warns of gap in cyber threats and defence capabilities

  The UK and its allies must take collective action to improve their cyber resilience and repel the increasing volume of severe cyber attacks, says NCSC chief

• October 17, 2024 17 Oct'24

  EU cyber security bill NIS2 hits compliance deadline

  The EU’s NIS2 bill will harmonise how companies and member states approach cyber security, but its success will depend on how well it is implemented and enforced

• October 15, 2024 15 Oct'24

  NCSC expands school cyber service to academies and private schools

  The National Cyber Security Centre is expanding its PDNS for Schools service to encompass a wider variety of institutions up and down the UK

• October 10, 2024 10 Oct'24

  NCSC issues fresh alert over wave of Cozy Bear activity

  The NCSC, FBI and NSA publish updated warning about Cozy Bear’s activities, highlighting a range of vulnerabilities the threat actor is using to set up its cyber attacks

• October 10, 2024 10 Oct'24

  Government launches cyber standard for local authorities

  Local government bodies are being invited to take advantage of a new NCSC-derived Cyber Assessment Framework to help enhance their resilience and ward off cyber attacks

• October 10, 2024 10 Oct'24

  How Recorded Future finds ransomware victims before they get hit

  Threat intel specialists at Recorded Future have shared details of newly developed techniques they are using to disrupt Rhysida ransomware attacks before the gang even has a chance to execute them

• October 10, 2024 10 Oct'24

  UK and US pledge closer working on children’s online safety

  In their first agreement on the subject of children’s online safety, the UK and US governments have said they will create a new working group to boost cooperation

• October 10, 2024 10 Oct'24

  Australia bolsters cyber defences with security bill

  Legislation tackles IoT security and establishes a Cyber Incident Review Board to bolster Australia’s cyber resilience

• October 09, 2024 09 Oct'24

  Five zero-days to be fixed on October Patch Tuesday

  Stand-out vulnerabilities in Microsoft’s latest Patch Tuesday drop include problems in Microsoft Management Console and the Windows MSHTML Platform

• October 08, 2024 08 Oct'24

  Secureworks: Ransomware takedowns didn’t put off cyber criminals

  The number of active cyber criminal ransomware gangs has surged by almost a third in the space of 12 months, according to the latest intelligence from Secureworks

• October 08, 2024 08 Oct'24

  UK’s cyber incident reporting law to move forward in 2025

  The UK government says that enforced cyber incident and ransomware reporting for critical sectors of the economy will help to build a better picture of the threat landscape and enable more proactive and preventative responses

• October 07, 2024 07 Oct'24

  IBM: Data breach cost in ASEAN hits new high

  The average cost of a data breach in ASEAN grew by 7% from last year, as organisations grapple with increasingly distributed IT environments and complex security systems

• October 04, 2024 04 Oct'24

  NCSC celebrates eight years as Horne blows in

  Outgoing NCSC interim leader Felicity Oswald shares her thoughts on the body’s work over the past eight years as she hands over the reins to incoming CEO Richard Horne

• October 04, 2024 04 Oct'24

  Cups Linux printing bugs open door to DDoS attacks, says Akamai

  The Cups Linux printing vulnerabilities disclosed at the end of September would seem to have a nasty sting in their tail, according to researchers at Akamai

• October 04, 2024 04 Oct'24

  Detective wrongly claimed journalist’s solicitor attempted to buy gun, surveillance tribunal hears

  Darren Ellis, who led a surveillance operation against journalists who exposed police failures, wrongly accused a solicitor of attempting to buy arms

• October 03, 2024 03 Oct'24

  Ex-PSNI officer seeking legal advice over comments made at Investigatory Powers Tribunal

   Ex PSNI officer ‘deeply angered’ by comments made by a former detective at a tribunal investigating allegations of unlawful surveillance against journalists