News

IT risk management

• April 29, 2016 29 Apr'16

  Cyber security in Belgium will gain prominence after terror attacks

  Belgium’s physical security has been branded inadequate, so how does the country’s cyber security measure up?

• April 28, 2016 28 Apr'16

  Payment card industry issues data security standard update

  PCI DSS version 3.2 introduces six new requirements for compliance, some additional guidance and a raft of clarifications

• April 27, 2016 27 Apr'16

  IPv6 alone will not secure IoT, warns GE CISO

  It is important for all users of the internet of things to understand what they are getting into with IPv6, and to be aware of the risks and myths, says GE CISO Hanns Proenen

• April 26, 2016 26 Apr'16

  Business failing to learn lessons of past cyber attacks, report shows

  Organisations are still failing to address basic security issues and well-known attack methods, Verizon’s latest Data Breach Investigations Report reveals

• April 21, 2016 21 Apr'16

  GCHQ told analysts to assume surveillance 'bulk data' is legal

  Documents obtained by charity Privacy International reveal insights into GCHQ’s collection of sensitive bulk data, as lawyers question the impact of surveillance on legal privilege, fair trials and protection of whistleblowers

• April 19, 2016 19 Apr'16

  Employees’ use of personal devices puts firms at risk of malware infection, says report

  Downloaders care about their own security while grabbing pirated content, not that of their employers

• April 15, 2016 15 Apr'16

  Israeli volunteers ready their cyber defences as Anonymous affiliates attack

  Every April, Israel braces itself for an onslaught from pro-Palestinian hackers, but the occupants of a small conference room in Tel Aviv stand in their way

• April 15, 2016 15 Apr'16

  BBC turns micro:bit computers into IoT devices

  The BBC and Nominet demonstrate a new use case for the micro:bit computer and hope to turn Britain’s schoolchildren into internet of things pioneers

• April 13, 2016 13 Apr'16

  NCA attempts 'back door' access to obtain activist Lauri Love’s passwords

  Court told that use of civil proceedings to force disclosure of alleged hacker Lauri Love's passwords is disproportionate and would breach human rights law

• April 11, 2016 11 Apr'16

  QA launches cyber attack defence training facility in London

  Training firm QA launches a cyber attack simulation facility in London to enable organisations to test and learn cyber defence skills

• April 11, 2016 11 Apr'16

  Activist Lauri Love faces order to disclose encryption keys

  The UK’s National Crime Agency takes an unusual legal step to force a former university student accused of hacking to disclose encryption keys

• April 11, 2016 11 Apr'16

  IT specialist sentenced for stealing NHS computer equipment

  A former NHS IT worker is convicted of stealing hospital computer equipment from Doncaster and Bassetlaw Hospitals NHS Foundation trust and selling them on eBay

• April 05, 2016 05 Apr'16

  'Citizens will be stripped naked' by Turkey’s data law

  Turkey's data protection law, introduced in March 2016, will make Turkey a near total surveillance state, yet the EU, apparently more concerned about securing Turkey's help in controlling immigration, is turning a blind eye

• March 31, 2016 31 Mar'16

  DDoS attacks on universities normally performed by “disgruntled” students or employees

  The majority of distributed denial of service attacks on universities are made by students or employees, says the head of infrastructure services at the University of London

• March 30, 2016 30 Mar'16

  Security should be driven by business, says Corvid’s Andrew Nanson

  Information security should be business-driven and investments assessed for their effectiveness and business value, according to Corvid CTO

• March 29, 2016 29 Mar'16

  Cyber criminals use Microsoft PowerShell in ransomware attacks

  A newly discovered family of ransomware, dubbed PowerWare, uses Microsoft PowerShell to target organisations through macro-enabled documents

• March 24, 2016 24 Mar'16

  Government warned of smart meter security threat back in 2012

  The government was warned four years ago that its plans for a nationwide smart meter roll-out represented a “potentially significant” security and privacy threat, Computer Weekly has learned

• March 23, 2016 23 Mar'16

  US hospital claims to have fought off a ransomware attack

  A hospital in Kentucky claims to have regained control of its IT systems five days after cyber criminals hit it with a ransomware attack

• March 21, 2016 21 Mar'16

  Britain to pay billions for monster internet surveillance network

  New questions raised about Britain’s snoopers’ charter after Denmark abandons its own UK-style surveillance programme for a second time

• March 21, 2016 21 Mar'16

  National Cyber Security Centre to be UK authority on information security

  The UK’s National Cyber Security Centre (NCSC) is to be the UK's one-stop authority on infosec, based in London and led by GCHQ's Ciaran Martin

• March 18, 2016 18 Mar'16

  Australian girls believe online harassment is endemic

  There are clear signals that online threats against women and attempts to invade their privacy are becoming societal norms in Australia

• March 09, 2016 09 Mar'16

  Lack of security knowledge limiting business initiatives, survey shows

  Security concerns are limiting the adoption of cloud and mobility throughout organisations, according to the first Dell Data Security Survey

• February 26, 2016 26 Feb'16

  Nissan acts on Leaf car app security flaw after researcher goes public

  Nissan suspends its electric car app after a researcher went public about a security flaw that could enable attackers to take control of heating systems

• February 25, 2016 25 Feb'16

  Cyber crime is fastest growing economic crime, says PwC report

  More than half of UK organisations say they expect to be the victim of cyber crime in the next two years, suggesting it will become the UK’s largest economic crime, says a PwC report

• February 23, 2016 23 Feb'16

  Social engineering confirmed as top information security threat

  Cyber attackers shifted away from automated exploits in 2015 and instead tricked people into doing the dirty work, Proofpoint researchers found

• February 19, 2016 19 Feb'16

  HSBC launches biometric security for mobile banking in the UK

  Bank claims UK’s largest planned roll-out of voice biometric security technology, with more than 15 million customers in line for voice and fingerprint authentication services

• February 16, 2016 16 Feb'16

  EU managers need to up cyber security collaboration, study finds

  There is still much work to be done in the area of collaboration and sharing responsibility when it comes to preventing data breaches, a study has found

• February 12, 2016 12 Feb'16

  US IT professionals overconfident in cyber attack detection, study finds

  Most US IT professionals are confident in key security controls to detect cyber attacks – but unsure how long it would take automated tools to discover a breach

• February 11, 2016 11 Feb'16

  Social engineering is top hacking method, survey shows

  Social engineering tops the list of popular hacking methods, underlining the need for continuous monitoring, according to security firm Balabit

• February 01, 2016 01 Feb'16

  DDoS is most common cyber attack on financial institutions

  January’s attack on HSBC is typical for the financial sector, but no business should consider itself unlikely to be targeted in this way, say security experts

• January 29, 2016 29 Jan'16

  HSBC online services hit by DDoS attack

  HSBC was hit by a distributed denial of service (DDoS) attack, which targeted its online personal banking services.

• January 29, 2016 29 Jan'16

  ICO launches data privacy assessment tool for SMEs

  The ICO has launched an online self-assessment tool to help SMEs to comply with data protection laws and improve data handling procedures

• January 28, 2016 28 Jan'16

  Business urged to take action on data privacy

  Security professionals use Data Protection Day to encourage businesses to do more to protect personal data

• January 27, 2016 27 Jan'16

  Keep data safe or risk financial impact, ICO warns business

  The knock-on effect of a data breach can be devastating for a company, warns information commissioner Christopher Graham

• January 27, 2016 27 Jan'16

  Average DDoS attacks fatal to most businesses, report reveals

  Criminal activity is top motivation for DDoS attacks as average attacks become strong enough to down most businesses, Arbor Networks report reveals

• January 19, 2016 19 Jan'16

  Most Android devices running outdated versions

  Nearly a third of Android devices in enterprises today are running version 4.0 or older of the operating system, leaving them highly susceptible to vulnerabilities, a study shows

• January 18, 2016 18 Jan'16

  Chinese university targeted by Islamic State hacktivist

  Beijing’s Tsinghua University is the latest organisation to be attacked by hackers with a social or political agenda

• January 13, 2016 13 Jan'16

  UK not involved in mass surveillance, says Theresa May

  Coffee shops and libraries could be the target of interception warrants, Theresa May tells MPs and peers

• January 13, 2016 13 Jan'16

  Watchdog urges US nuclear agency to close cyber security gaps

  An audit report has called on the US nuclear agency to revise its IT contracts to ensure better cyber security

• January 12, 2016 12 Jan'16

  Police take action against cyber extortion gang DD4BC

  Police have made one arrest and gathered evidence in searches of properties in an international operation aimed at cyber extortion gang DD4BC

• January 06, 2016 06 Jan'16

  UK IoT research hub opens with support from academic world

  A consortium of nine UK universities have come together to work alongside the Engineering and Physical Sciences Research Council on research into the internet of things

• January 06, 2016 06 Jan'16

  Upgrade to Internet Explorer 11 to reduce risk

  Failure to update to the latest version of Internet Explorer by 12 January 2016 could put users at risk, Microsoft warns

• December 31, 2015 31 Dec'15

  Top 10 internet of things stories of 2015

  2015 was the year the internet of things began to move from theory to widespread practice, and the fledgling industry shook off the millstone of connected kitchen appliances

• December 24, 2015 24 Dec'15

  Top 10 IT security stories of 2015

  Computer Weekly looks back at the most significant stories on IT security in the past 12 months

• December 23, 2015 23 Dec'15

  Top 10 cyber crime stories of 2015

  Computer Weekly takes a look back at the top cyber crime stories of 2015

• December 11, 2015 11 Dec'15

  UK firms act quickly to fix payment card data encryption

  Security firm found that 16 global companies had failed to effectively encrypt traffic to the payment portion of their websites and apps

• December 07, 2015 07 Dec'15

  Cyber attacks an increasing concern for Asean countries

  Organisations in the Association of Southeast Asian Nations are increasingly the targets for cyber criminals, according to a report focused on the region

• December 03, 2015 03 Dec'15

  Workday ringfences support in Europe after Safe Harbour ruled unsafe

  US cloud HR and financial services provider reponds to Safe Harbour failure by ringfencing European data

• December 01, 2015 01 Dec'15

  Security analytics needs practical approach, says Fico Ciso Vickie Miller

  Analytics must form part of a comprehensive defence-in-depth strategy, according to chief information security officer (Ciso) Vickie Miller at software firm Fico

• November 26, 2015 26 Nov'15

  Use legal protection to soften cyber attack impact, says Kemp Little

  IT outsourcing provides an opportunity for businesses to transfer risk and recover losses from cyber attacks, says law firm Kemp Little