News

IT risk management

• May 15, 2018 15 May'18

  No need to panic about Efail attacks

  Initial reports about vulnerabilities in email encryption technologies have urged organisations to disable encryption tools, but some security experts are taking a more balanced approach

• May 14, 2018 14 May'18

  Technology continues to transform crime, warns NCA

  The UK’s National Crime Agency warns that developments in technology will continue to transform the future crime landscape, in its latest report on serious and organised crime

• May 14, 2018 14 May'18

  IoT and personal devices pose huge security risk to enterprises

  After years of speculation about the risk IoT and personal devices pose to enterprise security, research has revealed the threat is “immense” and probably greater than most firms realise

• May 11, 2018 11 May'18

  Police Scotland did not inform public of mobile phone searches

  Members of the Scottish Parliament heard that Police Scotland did not conduct impact assessments or give explanations to the public when they were accessing private data on their mobile phones

• May 11, 2018 11 May'18

  WannaCry’s EternalBlue exploit still a threat

  A year after the global WannaCry attacks, the EternalBlue exploit that was a key enabler for the malware is still a threat to many organisations, and many UK firms have not taken action, security researchers warn

• May 09, 2018 09 May'18

  CNI providers face hefty fines for cyber security failings

  UK providers of critical national infrastructure face hefty fines for cyber security failings from 10 May 2018

• May 09, 2018 09 May'18

  Equifax breach lessons not learned

  Businesses are still downloading vulnerable versions of the software that was at the heart of the Equifax data breach and failing to update to safe versions, a security firm has revealed

• May 09, 2018 09 May'18

  Dutch Tax Authority not fully GDPR-compliant as deadline approaches

  The Netherlands’ Department of Finance warns that not all aspects of the EU privacy law will be implemented by the 25 May deadline

• May 09, 2018 09 May'18

  Breach disclosure time still high, report shows

  Companies are getting faster at disclosing breaches, but the average is still too high in the light of the GDPR and other breach disclosure regulations, a report shows

• May 08, 2018 08 May'18

  Nigerian cyber attackers up their game

  Nigerian cyber attackers have modernised their approach to cyber crime, security researchers warn

• May 08, 2018 08 May'18

  Financial sector cyber-related laws are a bellwether, says Deloitte

  As the regulatory landscape becomes more complex, organisations should look to the financial sector to see what else is coming, as well as focus on three key areas of GDPR compliance, according to Deloitte

• May 03, 2018 03 May'18

  City Police use Lego simulation to teach businesses cyber security

  City of London Police are offering to train business leaders and IT security in cyber security using a Lego simulation that is surprisingly close to real life

• May 02, 2018 02 May'18

  Fresh blow for Facebook as court refuses stay in Max Schrems legal action

  Facebook has lost a legal attempt to delay the Irish High Court from seeking answers from the European Court of Justice over the legality of EU-US data transfers

• May 02, 2018 02 May'18

  Critical infrastructure firms urged to patch Schneider Electric flaws

  Critical infrastructure suppliers and manufacturing firms are being urged to ensure that their systems are patched up to date, after researchers discover Schneider Electric remote code execution vulnerability

• May 02, 2018 02 May'18

  Ransomware still a threat to business, F-Secure warns

  Ransomware attacks tapered off towards the end of 2017 after an explosion in such attacks earlier in the year, but ransomware remains a threat to big business, a report reveals

• May 01, 2018 01 May'18

  Google Chrome helps clean up certificate authority industry

  The security industry has welcomed the introduction of measures by the Google Chrome browser aimed at achieving certificate transparency

• May 01, 2018 01 May'18

  Password practices still poor despite increased threats

  Despite growing cyber threats and heightened global awareness of hacking and data breaches, password behaviours remain poor and UK users are in denial, a study has revealed

• May 01, 2018 01 May'18

  Microsoft’s latest Windows 10 focuses on IT admins

  While it will stop those annoying taskbar InBox and social media messages, at the heart of the April 2018 Windows 10 update is an effort to simplify management

• May 01, 2018 01 May'18

  UK critical services need to up cyber defences to avoid fines

  UK critical infrastructure providers could be liable for fines of millions of pounds if they do not improve their cyber defences and resilience of their IT infrastructure, a study reveals

• April 30, 2018 30 Apr'18

  Security industry welcomes NHS move to Windows 10

  Representatives of the security industry have welcomed the announcement that the NHS will be migrating to Windows 10 as part of a multi-million pound deal with Microsoft, but warn that the move will not be without its challenges

• April 27, 2018 27 Apr'18

  Microsoft releases Windows 10 security pack

  Microsoft has released a download pack that incorporates NCSC guidance to save UK companies weeks of work to secure Windows 10 and comply with government guidelines

• April 27, 2018 27 Apr'18

  Government given six months to rewrite snoopers’ charter

  The government has until 1 November 2018 to rewrite a key section of the Investigatory Powers Act 2016, after the high court declared them unlawful in a judicial review brought by human rights group Liberty

• April 27, 2018 27 Apr'18

  GDPR: Put your data in Azure cloud, says Microsoft chief

  Tech giant reports strong growth in its cloud business in third-quarter 2018 fiscal results

• April 26, 2018 26 Apr'18

  British banks target Israeli security technology

  British banks are turning to Israel’s high-tech sector to protect against cyber attacks

• April 26, 2018 26 Apr'18

  Finnish R&D and utilities in line of cyber espionage fire, say security police

  Finnish research and development, as well as critical infrastructure, are being targeted by state-backed cyber espionage attacks, says report

• April 26, 2018 26 Apr'18

  NCSC shows support for common standards for secure communication

  The UK cyber security authority is supporting an industry drive towards common standards for secure communication by joining an industry organisation that aims to achieve this goal

• April 26, 2018 26 Apr'18

  Digital economy research projects to get funding

  Research projects aimed at building trust, privacy and security in the use of personal data and digital technologies are to receive funding

• April 25, 2018 25 Apr'18

  Google claims it is GDPR ready

  Alphabet, the parent company of Google, says that since its advertising business relies on keyword searches, the impact of GDPR is limited

• April 25, 2018 25 Apr'18

  Government urges UK businesses to beef up cyber crime defences

  Government is urging UK organisations to defend against cyber crime, as newly released figures show that large numbers of businesses and charities suffered at least one cyber attack in the past year

• April 25, 2018 25 Apr'18

  Stoke-on-Trent websites found to be most leaky ahead of GDPR

  The majority of websites in the UK could be prone to cyber attacks, a security scan across 135,035 sites has revealed

• April 25, 2018 25 Apr'18

  Cyber fraud costs SMEs more than £1,000 per case

  Just over half of IT and telecoms SMEs are targeted by fraudsters, with each case of cyber fraud costing more than £1,000, study reveals

• April 25, 2018 25 Apr'18

  One month to GDPR compliance deadline

  With one month to go before the deadline for compliance with EU’s General Data Protection Regulation, organisations should ensure they are able to meet minimum requirements to defend against adverse scrutiny

• April 24, 2018 24 Apr'18

  Ransomware attack hit Ukraine energy ministry website

  Cyber attack on Ukraine’s energy ministry shows that websites remain a weak point for many organisations online, say security experts

• April 24, 2018 24 Apr'18

  Orangeworm cyber attack group targets health sector

  A cyber crime group is targeting the health sector and related industries in the US, Europe and Asia in a suspected corporate espionage campaign, researchers warn

• April 23, 2018 23 Apr'18

  Nearly half of UK manufacturers hit by cyber attacks

  Nearly half of UK manufacturers have been hit by a cyber security incident, according to a report by an industry organisation, which calls for greater government focus on the specific security needs of the sector

• April 23, 2018 23 Apr'18

  Next generation of SCADA industrial controls will protect against cyber attack

  Oil, energy and chemical companies are rethinking how to control big manufacturing plants, replacing expensive control technology with cheaper, more secure systems, taking their cue from biology

• April 23, 2018 23 Apr'18

  No business safe from cyber attack, says KPMG

  Businesses that operate online should be working to ensure operational resilience, while the financial sector should focus more on collaboration, says professional services firm KPMG

• April 20, 2018 20 Apr'18

  Account takeover up tenfold in past year

  The incidence of online account takeover and the proportion of high-risk account access attempts underlines the need for improved authentication, says fraud detection firm

• April 18, 2018 18 Apr'18

  Australian supermarket chain hit by IT outage

  Thirty-minute glitch knocked out checkout systems at half of Woolworths’ stores in Australia

• April 18, 2018 18 Apr'18

  DDoS attacks cost up to £35,000

  Despite the direct financial impact of DDoS attacks, this is not considered to be the most damaging effect on companies targeted this way, a survey shows

• April 18, 2018 18 Apr'18

  Security budgets up, but talent scarce, says Isaca

  Security budgets are increasing, but qualified cyber talent remains difficult to find with positions taking at least three months to fill, an industry association report on the state of cyber security reveals

• April 17, 2018 17 Apr'18

  Business at risk from unidentified network traffic, report warns

  A lack of network traffic visibility poses significant security challenges to businesses, a report on network firewalls warns

• April 17, 2018 17 Apr'18

  China’s ZTE a national security risk, UK telcos warned

  UK national cyber security authority has warned telecommunications companies against using equipment and services from Chinese network equipment supplier ZTE, citing national security risks

• April 17, 2018 17 Apr'18

  Targeted cyber attacks doubled in past year, study shows

  The number of targeted attacks has doubled in the past year compared with the previous 12 months, despite improvements in detecting and blocking them, a cyber resilience study shows

• April 16, 2018 16 Apr'18

  Flashpoint researchers warn of new VBS Loader

  Researchers have issued warnings about a new VBScript downloader that behaves like a remote access Trojan, is designed to run undetected and can update and delete itself

• April 16, 2018 16 Apr'18

  UK and US accuse Russia of targeting network infrastructure

  The UK and US have accused the Russian government of targeting network infrastructure, calling on network operators to take the necessary protective measures

• April 16, 2018 16 Apr'18

  UK businesses urged to ensure they do cyber security basics

  The cyber threat to business has never been greater, so the National Cyber Security Centre is urging UK companies to ensure they have implemented all the basic, best-practice cyber security controls and processes

• April 15, 2018 15 Apr'18

  Australian healthcare services most hit by data breaches

  Nearly a quarter of data breaches reported under Australia’s new mandatory data breach regime took place in the healthcare sector

• April 13, 2018 13 Apr'18

  EU-US data sharing under threat as Irish court refers Facebook case to Europe

  The Irish High Court is seeking answers from the European Court of Justice in a case that could have huge implications for EU-US data sharing and raises questions about US government surveillance of EU citizens. The move could bring a five-year ...

• April 13, 2018 13 Apr'18

  Cyber attackers can breach targets in hours, report reveals

  The majority of hackers claim they can breach an organisation within hours, while most security professionals admit they do not know what to look for