News

IT risk management

• December 14, 2018 14 Dec'18

  Australia passes controversial encryption law

  Arguments continue over law that requires companies to work with government agencies to ensure that encrypted communications can be read if a crime is suspected

• December 13, 2018 13 Dec'18

  Machine identity protection development gets funding boost

  Cyber security firm Venafi has launched a development fund aimed at accelerating the delivery of protection for machine identities

• December 13, 2018 13 Dec'18

  Social engineering at the heart of critical infrastructure attack

  Social engineering is the core technique used in a series of cyber attacks targeting government, defence, nuclear, energy and financial organisations around the world, which means people are key to defence

• December 13, 2018 13 Dec'18

  Most UK retailers plan to up cyber security

  The majority of UK retailers are planning to increase cyber security measures during the Christmas season, a survey reveals

• December 11, 2018 11 Dec'18

  Mac malware makes debut in top 10 list

  Mac malware appears in the WatchGuard top 10 malware list for first time, and 6.8% of major websites still use an insecure SSL protocol, according to the firm’s latest internet security report

• December 11, 2018 11 Dec'18

  Large disparity in NHS cyber skills and training spend

  Despite government pledges to up cyber security spending across the NHS, there are still huge disparities in cyber security skills and spending on cyber security training, FoI requests reveal

• December 10, 2018 10 Dec'18

  O2 expected to pursue Ericsson for compensation over 24-hour stoppage

  Mobile network operator could seek up to £100m in damages from its supplier, which failed to update expired software certificates, causing a day-long outage

• December 10, 2018 10 Dec'18

  UK businesses feel let down by government on cyber security

  Government needs to provide more support around cyber security issues in 2019, according to the majority of UK IT leaders polled

• December 07, 2018 07 Dec'18

  Half of business leaders unaware of BPC cyber attacks

  Half of management teams polled in 12 countries, including the UK, are unaware of business process compromise (BPC) attacks

• December 06, 2018 06 Dec'18

  Fileless malware surge, warns Malwarebytes report 

  Data from millions of consumers reveals an uptick in fileless malware and other new-generation malware that calls for a new cyber security approach, report reveals

• December 06, 2018 06 Dec'18

  Adobe releases Flash patch for zero-day exploit

  Emergency security update released for zero-day vulnerability that is being exploited in the wild via a Microsoft Office document, according to researchers

• December 05, 2018 05 Dec'18

  BT moves to strip Huawei kit from EE’s network

  Telco will remove Huawei’s networking equipment from the core of EE’s 4G mobile network

• December 05, 2018 05 Dec'18

  Nominet brings security expertise and tech to market

  The .uk domain registry is to bring its DNS expertise and technology developed for the NCSC to market to address cyber security ‘blindspot’

• December 04, 2018 04 Dec'18

  ‘Open-minded’ DVSA cuts cost of MOT testing

  Government agency harnesses customised open source platform to ensure data security while cutting costs and plans to extend its MOT testing capability to do the same for drivers’ theory tests

• December 04, 2018 04 Dec'18

  Financial institutions’ data at risk despite security spending

  Despite increased spending on cyber security, digital transformation and advanced attacks mean financial institutions’ data is still at risk, a report reveals

• December 04, 2018 04 Dec'18

  100 million Quora.com user details exposed

  Question-and-answer site is the latest organisation to admit a breach of users’ personal data, with industry commentators calling out credential theft as a top cause of such breaches

• December 03, 2018 03 Dec'18

  Liberty heads for judicial review over Investigatory Powers Act

  The UK's powers to conduct supsicionless bulk surveillance on individuals and organisations face a legal challenge in the high court next year

• December 03, 2018 03 Dec'18

  BT announces new head of security business

  BT has appointed a former law enforcement officer and BT investigator as the new head of its security business

• November 30, 2018 30 Nov'18

  WannaCry borderline national cyber emergency

  The May 2017 WannaCry attack, which disrupted services at one-third of NHS trusts and more than 600 primary care organisations is the closest the UK has come to a national cyber emergency, says the NCSC

• November 30, 2018 30 Nov'18

  E-commerce sites warned of heightened DDoS threat

  E-commerce sites are being urged to ensure that they have adequate DDoS protection ahead of the vital holiday trading season after attacks ramped up on Black Friday and Cyber Monday

• November 29, 2018 29 Nov'18

  UK cyber security strategy making ‘good progress’

  The National Cyber Security Strategy is making good progress, but there is much left to be done, according to a Cabinet Office official

• November 28, 2018 28 Nov'18

  Cyber resilience lacking due to apathy of UK leaders

  An unwillingness to accept that cyber is a real threat to critical national infrastructure by UK political and business leaders has resulted in a lack of resilience, says security industry veteran

• November 28, 2018 28 Nov'18

  FCA deeply concerned as no end in sight for IT failures in banking

  The FCA has reported a massive increase in the number of banking IT failures in the UK and admitted there is no end in sight

• November 27, 2018 27 Nov'18

  GDPR is encouraging UK IT directors to pay cyber ransoms

  As predicted ahead of the General Data Protection Regulation enforcement deadline, research shows that fear of fines under the new laws is making some firms more likely to pay cyber ransoms

• November 26, 2018 26 Nov'18

  Unprecedented actions by Commons committee augur badly for Facebook

  House of Commons’ serjeant-at-arms effectively arrested the CEO of a US software company and frogmarched him to Parliament, where he was told he would be imprisoned if he failed to hand over papers on Facebook

• November 17, 2018 17 Nov'18

  Credit card fraud in ANZ showing no signs of abating

  The value of fraudulent transactions more than doubled that of legitimate purchases during the third quarter this year

• November 16, 2018 16 Nov'18

  UK firms in the dark around the impact of cyber attacks

  UK firms have a long way to go in building the business resilience required to withstand cyber threats and other major disruptions, a study shows

• November 15, 2018 15 Nov'18

  Keep people at the centre of risk management, says consultant

  In assessing the cyber risks to a business, security professionals should start with the people in an organisation and keep them at the centre in identifying and mitigating risk, says consultant

• November 15, 2018 15 Nov'18

  Enterprises lack capability against persistent cyber attacks

  A report urges organisations to strengthen their cyber defence capabilities to pre-empt, detect and respond to post-breach attacks

• November 15, 2018 15 Nov'18

  DeepMind won’t share patient data with Google ‘at this stage’, says company’s health boss

  Amid concerns and questions around Google’s takeover of the DeepMind’s Streams app, Dominic King, the company’s health lead, promises that ‘at this stage’, nothing will change, and it won’t share any patient data with the internet giant

• November 14, 2018 14 Nov'18

  AI-enhanced security tools necessary for today’s threats

  Machine learning-enhanced tools are necessary to keep up with current threats, but are not perfect and will not solve the security skills gap problem, says KuppingerCole

• November 14, 2018 14 Nov'18

  Zero-trust security not an off-the-shelf product

  The zero-trust security model is a business enabler that needs to be supported by a strategy and security architecture, analyst warns cyber security leaders

• November 13, 2018 13 Nov'18

  User behaviour analytics adding new insight

  User behaviour analytics is helping to add new insights by providing the missing element in security event information management approaches, says Martin Kuppinger

• November 12, 2018 12 Nov'18

  Home Office to use smartphone ID for EU Exit scheme

  The Home Office will use smartphone digital identity verification to support applications for the government’s EU Exit Settlement Scheme  

• November 12, 2018 12 Nov'18

  Firms lack responsible exec for cyber security

  Narrow gap between CEO, CIO and CISO roles means no single executive function is stepping up to take responsibility for cyber security, a study shows

• November 09, 2018 09 Nov'18

  Post-quantum cryptography a major challenge, says expert

  The crypto wars are just beginning and open systems are key to improved security in future, says cryptography expert

• November 07, 2018 07 Nov'18

  Decentralised ID key to identity security

  Enterprises need to step up protections around identity-related compromises and look to decentralised identity in the longer term to improve security, says computer scientist

• November 06, 2018 06 Nov'18

  Start preparing for post-quantum data protection

  Organisations that need to retain sensitive information for long periods of time need to start preparing for the post-quantum era, according to an IBM security architect

• November 02, 2018 02 Nov'18

  DevSecOps not limited to coding, says analyst

  DevSecOps is seen as a way of ensuring application security, but security leaders must understand that embedding a security culture and taking the inter-dependencies of new development frameworks into account is key, says KuppingerCole

• November 02, 2018 02 Nov'18

  Facebook to appeal EU-US data transfer ruling in Irish Supreme Court

  Facebook will appeal a decision by the Irish High Court to refer questions over the legality of EU-US data transfers to the European Court of Justice in January, as the Dublin court rejects attempt by a UK IT expert to join the case

• October 30, 2018 30 Oct'18

  Australia’s data breaches are a ‘sign of naiveté’

  McAfee executive attributes Australia’s poor cloud security record to the lack of data protection measures amid “new and confusing” cloud configurations

• October 26, 2018 26 Oct'18

  DNS attacks cost finance firms millions of pounds a year

  Average cost of recovering from a single DNS attack is $924,390 for a large financial services company, survey shows

• October 26, 2018 26 Oct'18

  IoT ecosystem needs to be investigated, say experts

  A conference of IoT experts convened by Enisa and Europol has made key recommendations to ensure security vulnerabilities do not overshadow benefits

• October 25, 2018 25 Oct'18

  Belgian startup makes a game of creating secure software code

  A global tech startup has placed its research and development centre in Belgium, taking advantage of regional financial support as well as cooperations with local educational organisations

• October 25, 2018 25 Oct'18

  GandCrab decryption tool released by No More Ransom

  Another decryption tool has been made available free of charge in the battle against ransomware to help victims avoid paying to release their data

• October 25, 2018 25 Oct'18

  Cathay Pacific under fire over breach affecting 9.4 million passengers

  Hong Kong-based airline reveals massive data breach of the most sensitive personal data of passengers five months after loss was confirmed

• October 25, 2018 25 Oct'18

  Becrypt security platform helps ease cloud adoption

  Becrypt’s secure operating system is driving a new service aimed at helping organisations reduce cost and increase agility in using cloud-based services and online applications

• October 24, 2018 24 Oct'18

  Choose security tools wisely to gain upper hand

  The cyber threat landscape is continually changing, but staying abreast of attacker and defender innovation can help business leaders gain the upper hand, says KuppingerCole

• October 24, 2018 24 Oct'18

  Government can’t guarantee no-deal Brexit data-sharing agreement

  Digital minister Margot James says there is no clear timetable on when the UK will secure a data adequacy decision from the EU, and cannot guarantee an agreement will be in place in the event of a no-deal Brexit

• October 24, 2018 24 Oct'18

  Sibos 2018: ‘Black swan’ cyber event is inevitable

  With security experts and bankers expecting a 9/11-style cyber event, deeper collaboration between companies and governments is necessary to identify emerging threats before they occur