News

IT risk management

July 14, 2016 14 Jul'16
Cyber attacks cost UK business more than £34bn a year, study shows

Nearly half of UK firms lack advanced cyber defences, despite the high level of concern about cyber attacks and associated costs
July 12, 2016 12 Jul'16
IBM sets up security centre in Canberra

IBM leads the charge as large private businesses invest heavily in security resources across Australia in an attempt to close the security gap
July 06, 2016 06 Jul'16
UK's Darktrace aims to lead the way to automatic cyber security

Darktrace hopes to be a leader in the move to automated cyber security to free up security professionals to focus on business risk and innovation
June 30, 2016 30 Jun'16
LizardStresser IoT botnet launches 400Gbps DDoS attack

Attack groups using the LizardStresser botnet are exploiting IoT devices to mount massive DDoS attacks without using amplification techniques, say researchers

June 29, 2016 29 Jun'16
Lauri Love using illness as a shield against extradition, claims prosecution

Prosecution lawyer questions whether activist Lauri Love is not fit enough to stand trial in the US over hacking charges,as expert witnesses warn that US prisons are ill-equipped for people with mental health problems.
June 28, 2016 28 Jun'16
Lauri Love suicide risk if extradited to US over hacking allegations

Westminster Magistrates’ Court hears evidence from medical experts that alleged hacker Lauri Love is at risk of suicide if extradited to the US
June 21, 2016 21 Jun'16
Cyber security industry mostly welcomes report on TalkTalk breach

Most of the recommendations of a government committee inquiry into the TalkTalk breach have been welcomed, but pundits have expressed reservations about some, particularly proposed new fines
June 20, 2016 20 Jun'16
Lower average cost of Australian data breaches is not a sign of comfort

The average cost of a data breach to Australian organisations dropped in 2015, according to research
June 13, 2016 13 Jun'16
EU firms slow in detecting cyber attacks, study shows

European firms take an average of 469 days to discover a compromise, compared with an average of 146 days globally, according to Mandiant
June 12, 2016 12 Jun'16
Philippines government data breach is a warning to Asean region

Security is a rising concern in the Asean region, with fears fuelled by incidents such as the recent hacking incident in Manila

June 10, 2016 10 Jun'16
IoT security: Lack of expertise will hurt, says Bruce Schneier

Government action at national and international levels is essential for addressing IoT security issues, but the relevant expertise is lacking, according to security expert Bruce Schneier
June 07, 2016 07 Jun'16
Millions of sensitive IT services exposed to the internet, study finds

Encryption should become the default as study reveals millions of sensitive services are exposed to the internet, says Rapid7
June 01, 2016 01 Jun'16
MPs’ private emails are routinely accessed by GCHQ

Computer Weekly investigation reveals the extent of interception of MPs’ and peers’ email communications and data
May 20, 2016 20 May'16
NHS data security standards to be designed around technology, people and processes

The Care Quality Commission’s delayed review of NHS data security standards will encourage NHS organisations to have senior information risk owners and Caldicott Guardians at board level
May 19, 2016 19 May'16
Lessons from LinkedIn data breach revelations

There are several important lessons to be learned from revelations about LinkedIn's 2012 data breach, say security experts
May 13, 2016 13 May'16
Time to shift information security focus away from prevention, says Swiss bank CISO

Organisations need a new approach which recognises security is “breakable”, according to Michael Meli
May 09, 2016 09 May'16
Australian health sector an easy target for cyber criminals, says IBM

A push to encourage greater adoption of electronic health records has raised the spectre of online record theft
May 06, 2016 06 May'16
Ransomware emerges as a top cyber threat to business

Security researchers at Kasperky Lab and FireEye confirm that the upward trend of ransomware is continuing and has emerged as a top threat to business
April 29, 2016 29 Apr'16
Cyber security in Belgium will gain prominence after terror attacks

Belgium’s physical security has been branded inadequate, so how does the country’s cyber security measure up?
April 28, 2016 28 Apr'16
Payment card industry issues data security standard update

PCI DSS version 3.2 introduces six new requirements for compliance, some additional guidance and a raft of clarifications
April 27, 2016 27 Apr'16
IPv6 alone will not secure IoT, warns GE CISO

It is important for all users of the internet of things to understand what they are getting into with IPv6, and to be aware of the risks and myths, says GE CISO Hanns Proenen
April 26, 2016 26 Apr'16
Business failing to learn lessons of past cyber attacks, report shows

Organisations are still failing to address basic security issues and well-known attack methods, Verizon’s latest Data Breach Investigations Report reveals
April 21, 2016 21 Apr'16
GCHQ told analysts to assume surveillance 'bulk data' is legal

Documents obtained by charity Privacy International reveal insights into GCHQ’s collection of sensitive bulk data, as lawyers question the impact of surveillance on legal privilege, fair trials and protection of whistleblowers
April 19, 2016 19 Apr'16
Employees’ use of personal devices puts firms at risk of malware infection, says report

Downloaders care about their own security while grabbing pirated content, not that of their employers
April 15, 2016 15 Apr'16
Israeli volunteers ready their cyber defences as Anonymous affiliates attack

Every April, Israel braces itself for an onslaught from pro-Palestinian hackers, but the occupants of a small conference room in Tel Aviv stand in their way
April 15, 2016 15 Apr'16
BBC turns micro:bit computers into IoT devices

The BBC and Nominet demonstrate a new use case for the micro:bit computer and hope to turn Britain’s schoolchildren into internet of things pioneers
April 13, 2016 13 Apr'16
NCA attempts 'back door' access to obtain activist Lauri Love’s passwords

Court told that use of civil proceedings to force disclosure of alleged hacker Lauri Love's passwords is disproportionate and would breach human rights law
April 11, 2016 11 Apr'16
QA launches cyber attack defence training facility in London

Training firm QA launches a cyber attack simulation facility in London to enable organisations to test and learn cyber defence skills
April 11, 2016 11 Apr'16
Activist Lauri Love faces order to disclose encryption keys

The UK’s National Crime Agency takes an unusual legal step to force a former university student accused of hacking to disclose encryption keys
April 11, 2016 11 Apr'16
IT specialist sentenced for stealing NHS computer equipment

A former NHS IT worker is convicted of stealing hospital computer equipment from Doncaster and Bassetlaw Hospitals NHS Foundation trust and selling them on eBay
April 05, 2016 05 Apr'16
'Citizens will be stripped naked' by Turkey’s data law

Turkey's data protection law, introduced in March 2016, will make Turkey a near total surveillance state, yet the EU, apparently more concerned about securing Turkey's help in controlling immigration, is turning a blind eye
March 31, 2016 31 Mar'16
DDoS attacks on universities normally performed by “disgruntled” students or employees

The majority of distributed denial of service attacks on universities are made by students or employees, says the head of infrastructure services at the University of London
March 30, 2016 30 Mar'16
Security should be driven by business, says Corvid’s Andrew Nanson

Information security should be business-driven and investments assessed for their effectiveness and business value, according to Corvid CTO
March 29, 2016 29 Mar'16
Cyber criminals use Microsoft PowerShell in ransomware attacks

A newly discovered family of ransomware, dubbed PowerWare, uses Microsoft PowerShell to target organisations through macro-enabled documents
March 24, 2016 24 Mar'16
Government warned of smart meter security threat back in 2012

The government was warned four years ago that its plans for a nationwide smart meter roll-out represented a “potentially significant” security and privacy threat, Computer Weekly has learned
March 23, 2016 23 Mar'16
US hospital claims to have fought off a ransomware attack

A hospital in Kentucky claims to have regained control of its IT systems five days after cyber criminals hit it with a ransomware attack
March 21, 2016 21 Mar'16
Britain to pay billions for monster internet surveillance network

New questions raised about Britain’s snoopers’ charter after Denmark abandons its own UK-style surveillance programme for a second time
March 21, 2016 21 Mar'16
National Cyber Security Centre to be UK authority on information security

The UK’s National Cyber Security Centre (NCSC) is to be the UK's one-stop authority on infosec, based in London and led by GCHQ's Ciaran Martin
March 18, 2016 18 Mar'16
Australian girls believe online harassment is endemic

There are clear signals that online threats against women and attempts to invade their privacy are becoming societal norms in Australia
March 09, 2016 09 Mar'16
Lack of security knowledge limiting business initiatives, survey shows

Security concerns are limiting the adoption of cloud and mobility throughout organisations, according to the first Dell Data Security Survey
February 26, 2016 26 Feb'16
Nissan acts on Leaf car app security flaw after researcher goes public

Nissan suspends its electric car app after a researcher went public about a security flaw that could enable attackers to take control of heating systems
February 25, 2016 25 Feb'16
Cyber crime is fastest growing economic crime, says PwC report

More than half of UK organisations say they expect to be the victim of cyber crime in the next two years, suggesting it will become the UK’s largest economic crime, says a PwC report
February 23, 2016 23 Feb'16
Social engineering confirmed as top information security threat

Cyber attackers shifted away from automated exploits in 2015 and instead tricked people into doing the dirty work, Proofpoint researchers found
February 19, 2016 19 Feb'16
HSBC launches biometric security for mobile banking in the UK

Bank claims UK’s largest planned roll-out of voice biometric security technology, with more than 15 million customers in line for voice and fingerprint authentication services
February 16, 2016 16 Feb'16
EU managers need to up cyber security collaboration, study finds

There is still much work to be done in the area of collaboration and sharing responsibility when it comes to preventing data breaches, a study has found
February 12, 2016 12 Feb'16
US IT professionals overconfident in cyber attack detection, study finds

Most US IT professionals are confident in key security controls to detect cyber attacks – but unsure how long it would take automated tools to discover a breach
February 11, 2016 11 Feb'16
Social engineering is top hacking method, survey shows

Social engineering tops the list of popular hacking methods, underlining the need for continuous monitoring, according to security firm Balabit
February 01, 2016 01 Feb'16
DDoS is most common cyber attack on financial institutions

January’s attack on HSBC is typical for the financial sector, but no business should consider itself unlikely to be targeted in this way, say security experts
January 29, 2016 29 Jan'16
HSBC online services hit by DDoS attack

HSBC was hit by a distributed denial of service (DDoS) attack, which targeted its online personal banking services.
January 29, 2016 29 Jan'16
ICO launches data privacy assessment tool for SMEs

The ICO has launched an online self-assessment tool to help SMEs to comply with data protection laws and improve data handling procedures