News

IT risk management

June 13, 2018 13 Jun'18
Dixons Carphone admits 'falling short' on data protection

Dixons Carphone has warned that millions of credit card and personal data records may have been compromised in a cyber breach
June 12, 2018 12 Jun'18
Insurer Beazley meets global challenge to secure mobile workforce

Beazley has stolen a march on other London-market insurers by implementing a versatile global digital workspace with improved security
June 12, 2018 12 Jun'18
BT announces “unhackable” quantum-secured network

In the face of the threat that quantum computers could crack many of the encryption methods used to protect highly sensitive data, BT has developed a “quantum-secured” network
June 12, 2018 12 Jun'18
Email-based cyber attacks gathering momentum

Email-based cyber attacks are gathering momentum and the cost of these attacks are rising, with several hidden costs, a survey of IT professionals in Europe, Middle East and Africa reveals

June 11, 2018 11 Jun'18
Coinrail cyber heist highlights need for exchange security

A cyber heist at South Korea’s Coinrail has prompted fresh calls for industry regulations to drive better cyber security at cryptocurrency exchanges
June 08, 2018 08 Jun'18
Parliamentary computers at risk after staff targeted by phone phishing

Police are investigating phone phishing attacks targeted against Parliament. Staff warned not to disclose details of their computers to fraudulent callers.
June 08, 2018 08 Jun'18
BYOD for mobile ‘a year away’ for Williams F1

Companies in the Williams Group – the Formula One racing operation Williams Grand Prix Engineering and its high-growth sister operation Williams Advanced Engineering – are investing with mobile security front-of-mind to enable more agile working ...
June 07, 2018 07 Jun'18
Cyber security focus too much on tech, says Domino’s CISO

Many organisations are still focusing only on technology and compliance, which means their cyber defences are not as solid as they think, according to Domino’s Pizza chief information security officer
June 07, 2018 07 Jun'18
Nation state cyber attacks affect all, says former GCHQ boss

Cyber attacks by nation states used to be a small part of the problem for state authorities to address, but now all organisations are potential targets of nation state attacks, according to former GCHQ head
June 07, 2018 07 Jun'18
Business not learning from past cyber security incidents

Businesses are still not getting the basics right and they are not learning from past security incidents, according to world-renowned security blogger and trainer

June 06, 2018 06 Jun'18
Understanding is key to security awareness, says specialist

Only if people understand why cyber security matters will they change their behaviours as a result of awareness training, according to a human behaviour specialist and cyber security consultant
June 06, 2018 06 Jun'18
Cyber attacks not sophisticated, says Just Eat CISO

The chief information security officer of Just Eat has challenged the perception that all cyber attacks are sophisticated and that it is impossible to fill cyber security jobs
June 05, 2018 05 Jun'18
Boards not asking right security questions, says Dido Harding

Former TalkTalk CEO says boards are still not asking the right cyber security questions, do not understand that they should be making cyber risk decisions, and are not communicating with engineers
June 04, 2018 04 Jun'18
Technology key to new UK counter-terrorism strategy

Technologies such as machine learning and data analytics are key to the UK government’s updated counter-terrorism strategy
June 04, 2018 04 Jun'18
One-third of firms would pay ransoms rather than invest in security

Report says businesses are still making the same mistakes, failing to make any progress in crucial areas such as cyber security awareness and preparedness
May 31, 2018 31 May'18
VPN hacks can be lethal, warns security expert

Organisations should not overlook the need to secure VPN connections because failure to do so could be fatal, but 2FA alone is not enough, warns a security expert
May 30, 2018 30 May'18
Security community urged to prepare for quantum computing

A top European chief information security officer is urging the security community to prepare for quantum computing to ensure their encryption processes are ready in time
May 29, 2018 29 May'18
Business still not addressing insider threat

Businesses are still not addressing inside threats when it comes to cyber security, leaving themselves wide open to data breaches as a result, according to a security analyst
May 29, 2018 29 May'18
UK security spend low despite breaches

The UK is the most breached country in Europe, but IT security spend remains low compared with other countries in the region, a report reveals
May 25, 2018 25 May'18
Commitment is the watchword on GDPR D-Day

New rules for protecting European citizens’ personal data are now enforceable by law, and organisations are being advised to focus broadly on commitment rather than narrowly on compliance
May 24, 2018 24 May'18
Grab outlines its approach to cyber security

Singapore-based ride-hailing company prefers detective controls rather than preventive ones to deter cyber threats – an approach it claims is less intrusive and costly to implement
May 23, 2018 23 May'18
Mobile fraud up 680% since 2015, RSA reports

Fake profiles and throw-away devices are transforming social media into a cyber criminal marketplace, a fraud report reveals
May 22, 2018 22 May'18
Legit tools exploited in bank heists

Cyber criminals attacking the finance and other industry sector are continuing to exploit legitimate administration tools to hide their activities, highlighting the need for threat hunting, a report reveals
May 22, 2018 22 May'18
Security researchers find fourth CPU flaw

Security researchers have reported another flaw in common microprocessor chips related to the Meltdown and Spectre vulnerabilities
May 21, 2018 21 May'18
Pen testers find weaknesses in banks’ cyber security

Humans are the biggest weakness in banks’ cyber defences, but there are several others that also need attention, penetration testers have revealed
May 21, 2018 21 May'18
APAC organisations could lose $1.75tn from cyber attacks

A study by Frost and Sullivan has found that losses from cyber security incidents could account for 7% of the region’s GDP in 2017
May 18, 2018 18 May'18
NCSC calls for greater interaction with UK business

The UK’s cyber security agency has called for greater interaction with business, particularly when it comes to cyber security incidents
May 18, 2018 18 May'18
BYOD in UK SMEs linked to security incidents

Bring your own device practices have been identified as a cyber security risk for six in 10 SMEs in research published a week ahead of the GDPR compliance deadline
May 18, 2018 18 May'18
GDS seeks advice on migration from Public Services Network

The Government Digital Service has started the process of moving public sector organisations away from the Public Services Network
May 17, 2018 17 May'18
Report highlights security risk of open source code to business

Increased adoption of open source code is introducing vulnerabilities into commercial software, with many audited codebases containing the Apache Struts flaw that enabled the Equifax breach, a report shows
May 17, 2018 17 May'18
European cyber attacks up nearly a third in first quarter 2018

The volume of cyber attacks hitting digital transactions in Europe was up by almost a third in the first quarter of 2018 compared with same period a year ago, a report reveals
May 16, 2018 16 May'18
US considers UK-style cyber defence model

The US is considering adopting a similar cyber defence model to the UK’s in recognition of the growing threat to all levels of society
May 15, 2018 15 May'18
SMEs more worried about GDPR’s threat to reputation than fines

SMEs are more worried about the damage GDPR non compliance will do to their reputations than their wallets
May 15, 2018 15 May'18
Credential theft a top priority, Rapid 7 report shows

Credential theft is still a top priority for organisations to address in terms of making it more difficult for cyber attackers to gain unauthorised access to their networks, report reveals
May 15, 2018 15 May'18
Cross-site scripting a top vulnerability, hackers find

Despite the much-publicised advances in cyber attack techniques, a well-known, well-documented and avoidable vulnerability is still the most popular for attackers to exploit – along with others like it that are often overlooked, white hat hackers ...
May 15, 2018 15 May'18
Cage director Rabbani heads for Supreme Court after appeals court rules password demands lawful

Muhammad Rabbani, director of campaigning group Cage, will appeal to the Supreme Court after Court of Appeal rules that police did not act unlawfully by demanding his computer and mobile phone passwords under Section 7 of the Terrorism Act
May 15, 2018 15 May'18
Enterprise cyber threat remediation ineffective, study shows

Enterprise cyber threat remediation needs to improve in several key areas, according to an analysis of common remediation strategies
May 15, 2018 15 May'18
BSI launches kitemark for internet of things devices

The British Standards Institution has launched a new kitemark for IoT devices, designed to improve consumer trust in the technology
May 15, 2018 15 May'18
No need to panic about Efail attacks

Initial reports about vulnerabilities in email encryption technologies have urged organisations to disable encryption tools, but some security experts are taking a more balanced approach
May 14, 2018 14 May'18
Technology continues to transform crime, warns NCA

The UK’s National Crime Agency warns that developments in technology will continue to transform the future crime landscape, in its latest report on serious and organised crime
May 14, 2018 14 May'18
IoT and personal devices pose huge security risk to enterprises

After years of speculation about the risk IoT and personal devices pose to enterprise security, research has revealed the threat is “immense” and probably greater than most firms realise
May 11, 2018 11 May'18
Police Scotland did not inform public of mobile phone searches

Members of the Scottish Parliament heard that Police Scotland did not conduct impact assessments or give explanations to the public when they were accessing private data on their mobile phones
May 11, 2018 11 May'18
WannaCry’s EternalBlue exploit still a threat

A year after the global WannaCry attacks, the EternalBlue exploit that was a key enabler for the malware is still a threat to many organisations, and many UK firms have not taken action, security researchers warn
May 09, 2018 09 May'18
CNI providers face hefty fines for cyber security failings

UK providers of critical national infrastructure face hefty fines for cyber security failings from 10 May 2018
May 09, 2018 09 May'18
Equifax breach lessons not learned

Businesses are still downloading vulnerable versions of the software that was at the heart of the Equifax data breach and failing to update to safe versions, a security firm has revealed
May 09, 2018 09 May'18
Dutch Tax Authority not fully GDPR-compliant as deadline approaches

The Netherlands’ Department of Finance warns that not all aspects of the EU privacy law will be implemented by the 25 May deadline
May 09, 2018 09 May'18
Breach disclosure time still high, report shows

Companies are getting faster at disclosing breaches, but the average is still too high in the light of the GDPR and other breach disclosure regulations, a report shows
May 08, 2018 08 May'18
Nigerian cyber attackers up their game

Nigerian cyber attackers have modernised their approach to cyber crime, security researchers warn
May 08, 2018 08 May'18
Financial sector cyber-related laws are a bellwether, says Deloitte

As the regulatory landscape becomes more complex, organisations should look to the financial sector to see what else is coming, as well as focus on three key areas of GDPR compliance, according to Deloitte
May 03, 2018 03 May'18
City Police use Lego simulation to teach businesses cyber security

City of London Police are offering to train business leaders and IT security in cyber security using a Lego simulation that is surprisingly close to real life