News

IT security

• November 15, 2018 15 Nov'18

  Keep people at the centre of risk management, says consultant

  In assessing the cyber risks to a business, security professionals should start with the people in an organisation and keep them at the centre in identifying and mitigating risk, says consultant

• November 15, 2018 15 Nov'18

  Enterprises lack capability against persistent cyber attacks

  A report urges organisations to strengthen their cyber defence capabilities to pre-empt, detect and respond to post-breach attacks

• November 15, 2018 15 Nov'18

  DeepMind won’t share patient data with Google ‘at this stage’, says company’s health boss

  Amid concerns and questions around Google’s takeover of the DeepMind’s Streams app, Dominic King, the company’s health lead, promises that ‘at this stage’, nothing will change, and it won’t share any patient data with the internet giant

• November 15, 2018 15 Nov'18

  Members of Parliament should back EU Withdrawal Agreement, says industry

  Industry experts say the government’s EU Withdrawal Agreement is far from perfect and still requires more clarity, but call on MPs to back it, as it’s better than a No-Deal Brexit

• November 14, 2018 14 Nov'18

  AI-enhanced security tools necessary for today’s threats

  Machine learning-enhanced tools are necessary to keep up with current threats, but are not perfect and will not solve the security skills gap problem, says KuppingerCole

• November 14, 2018 14 Nov'18

  Zero-trust security not an off-the-shelf product

  The zero-trust security model is a business enabler that needs to be supported by a strategy and security architecture, analyst warns cyber security leaders

• November 13, 2018 13 Nov'18

  Thailand’s Democrat Party holds election with blockchain

  The Zcoin blockchain was used to store file hashes of voting data and identities of voting members of Thailand’s main opposition party

• November 13, 2018 13 Nov'18

  User behaviour analytics adding new insight

  User behaviour analytics is helping to add new insights by providing the missing element in security event information management approaches, says Martin Kuppinger

• November 12, 2018 12 Nov'18

  Home Office to use smartphone ID for EU Exit scheme

  The Home Office will use smartphone digital identity verification to support applications for the government’s EU Exit Settlement Scheme  

• November 12, 2018 12 Nov'18

  Government considering dedicated internet regulator, says digital minister

  An upcoming white paper is likely to set out proposals for an internet regulator, a House of Lords committee has been told

• November 12, 2018 12 Nov'18

  Norway’s IT industry must tackle security vulnerabilities

  Report reveals growing threat posed by “hostile foreign actors” against Norway’s IT systems and critical national infrastructure

• November 12, 2018 12 Nov'18

  Firms lack responsible exec for cyber security

  Narrow gap between CEO, CIO and CISO roles means no single executive function is stepping up to take responsibility for cyber security, a study shows

• November 12, 2018 12 Nov'18

  EU regulation set to advance single market for non-personal data

  The European Union Council and Parliament have approved a regulation, to take effect in six months’ time, to ensure the free movement of non-personal data, such as IoT data, across the bloc

• November 09, 2018 09 Nov'18

  Post-quantum cryptography a major challenge, says expert

  The crypto wars are just beginning and open systems are key to improved security in future, says cryptography expert

• November 08, 2018 08 Nov'18

  Australia needs better cloud and data management capabilities

  Use of cloud services is soaring in Australia, but a lack of cloud management skills is holding back enterprises from reaping the full benefits of the technology

• November 08, 2018 08 Nov'18

  Researcher urges IoT security legislation

  Suppliers of internet connected devices are largely failing to improve the security of their products, exposing users to privacy risks, so there is no choice but to legislate in this area, says a researcher

• November 08, 2018 08 Nov'18

  Privacy International files GDPR complaint against Oracle

  General Data Protection Regulation complaints against Oracle and six other companies filed with Information Commissioner’s Office

• November 08, 2018 08 Nov'18

  GDPR a challenge to AI black boxes

  Most artificial intelligence “black boxes” do not comply with EU data protection laws and will have to be re-engineered, warns security researcher and consultant

• November 08, 2018 08 Nov'18

  Increasing value of personal data a 21st century challenge

  The increasing value of personal data presents the challenge of managing a personal data economy, says identity and security expert

• November 08, 2018 08 Nov'18

  Singapore’s SunMoon uses blockchain to trace apples

  Fruit and vegetable distributor has implemented a blockchain platform that enables consumers and suppliers to trace the origin of Fuji apples – with other fruits to follow

• November 07, 2018 07 Nov'18

  Why the tech industry needs a moral compass

  Technology has unintended consequences, says Martha Lane Fox – but technologists have an opportunity to make a difference

• November 07, 2018 07 Nov'18

  Decentralised ID key to identity security

  Enterprises need to step up protections around identity-related compromises and look to decentralised identity in the longer term to improve security, says computer scientist

• November 07, 2018 07 Nov'18

  Cyber security high on European Commission agenda

  The European Commission is recognising the growing importance of cyber security to the digital economy and is increasing funding to support research, resilience and cooperation

• November 06, 2018 06 Nov'18

  APAC firms warm up to SD-WAN to solve networking woes

  A third of enterprises in the APAC region have already deployed SD-WAN at most of their sites, while 55% are in the process of doing so, a study shows

• November 06, 2018 06 Nov'18

  Information commissioner calls for stricter regulation on political use of data

  Information commissioner Elizabeth Denham’s investigation into the use of data in elections and campaigns, finds "a disturbing disregard for voters’ personal privacy"

• November 06, 2018 06 Nov'18

  Start preparing for post-quantum data protection

  Organisations that need to retain sensitive information for long periods of time need to start preparing for the post-quantum era, according to an IBM security architect

• November 06, 2018 06 Nov'18

  VMware takes layered approach to securing datacentres

  From securing workloads to segmenting the network, VMware’s architecture is using AppDefence and NSX for intrinsic datacentre security

• November 05, 2018 05 Nov'18

  Banking sector leading CIAM innovation, say Big Four

  Maturity in consumer identity and access management (CIAM) differs from sector to sector, with the banking sector taking the lead in terms of innovation, according to the Big Four accounting firms

• November 02, 2018 02 Nov'18

  DevSecOps not limited to coding, says analyst

  DevSecOps is seen as a way of ensuring application security, but security leaders must understand that embedding a security culture and taking the inter-dependencies of new development frameworks into account is key, says KuppingerCole

• November 02, 2018 02 Nov'18

  Facebook to appeal EU-US data transfer ruling in Irish Supreme Court

  Facebook will appeal a decision by the Irish High Court to refer questions over the legality of EU-US data transfers to the European Court of Justice in January, as the Dublin court rejects attempt by a UK IT expert to join the case

• November 02, 2018 02 Nov'18

  Radisson hotel group could be GDPR test case

  Privacy watchers say the breach of personal data of members of the Radisson Hotel Group’s loyalty scheme could be an interesting test case for how the GDPR will be applied

• November 02, 2018 02 Nov'18

  Government fails in first attempt to hire chief security officer

  The government’s initial recruitment campaign for the UK’s "biggest and most important security job” has been unsuccessful, Cabinet Office admits

• November 01, 2018 01 Nov'18

  Key elements to success in consumer identity management

  Success in consumer identity management is not just about getting the technology right, it is also about keeping in mind the consumer needs, preferences and concerns, says KuppingerCole

• November 01, 2018 01 Nov'18

  Microsoft chief urges industry to focus on ethics and privacy

  Businesses must focus on GDPR and ethical AI if they are to become software firms, says Microsoft CEO Satya Nadella

• October 31, 2018 31 Oct'18

  GDPR driving data protection maturity

  The EU data protection laws are helping to drive data protection maturity internationally, but five months after enforcement many companies are still playing catch-up, says consultant

• October 31, 2018 31 Oct'18

  Facebook emphasises security drive during third-quarter earnings call

  Social media giant admits it has a lot of work to do to keep on top of security as it looks to extend payment option to Messenger

• October 31, 2018 31 Oct'18

  UK Post Office looks to enable reusable digital ID

  The UK Post Office is investigating the possibility of enabling UK citizens to re-use their passport data for other applications where digital identity is a key component

• October 30, 2018 30 Oct'18

  Australia’s data breaches are a ‘sign of naiveté’

  McAfee executive attributes Australia’s poor cloud security record to the lack of data protection measures amid “new and confusing” cloud configurations

• October 30, 2018 30 Oct'18

  Aim for long-term customer identity relationship

  Consumer identity management can deliver competitive advantage, but only if businesses follow some golden rules, says KuppingerCole

• October 26, 2018 26 Oct'18

  British Airways data breach worse than thought

  British Airways has admitted that up to 185,000 more people than first thought may have had personal details compromised in August’s data breach

• October 26, 2018 26 Oct'18

  DNS attacks cost finance firms millions of pounds a year

  Average cost of recovering from a single DNS attack is $924,390 for a large financial services company, survey shows

• October 26, 2018 26 Oct'18

  IoT ecosystem needs to be investigated, say experts

  A conference of IoT experts convened by Enisa and Europol has made key recommendations to ensure security vulnerabilities do not overshadow benefits

• October 25, 2018 25 Oct'18

  MEPs call for action in wake of Facebook-Cambridge Analytica scandal

  European members of parliament demand action to protect citizens’ privacy from abuses such as those uncovered in the Facebook-Cambridge Analytica data sharing scandal

• October 25, 2018 25 Oct'18

  GandCrab decryption tool released by No More Ransom

  Another decryption tool has been made available free of charge in the battle against ransomware to help victims avoid paying to release their data

• October 25, 2018 25 Oct'18

  Belgian startup makes a game of creating secure software code

  A global tech startup has placed its research and development centre in Belgium, taking advantage of regional financial support as well as cooperations with local educational organisations

• October 25, 2018 25 Oct'18

  ICO issues maximum £500,000 fine to Facebook

  The UK privacy watchdog has confirmed that Facebook has escaped a fine of more than $1bn under the GDPR, but will face the maximum under the DPA for failing to protect users’ personal information

• October 25, 2018 25 Oct'18

  Cathay Pacific under fire over breach affecting 9.4 million passengers

  Hong Kong-based airline reveals massive data breach of the most sensitive personal data of passengers five months after loss was confirmed

• October 25, 2018 25 Oct'18

  Becrypt security platform helps ease cloud adoption

  Becrypt’s secure operating system is driving a new service aimed at helping organisations reduce cost and increase agility in using cloud-based services and online applications

• October 24, 2018 24 Oct'18

  Choose security tools wisely to gain upper hand

  The cyber threat landscape is continually changing, but staying abreast of attacker and defender innovation can help business leaders gain the upper hand, says KuppingerCole

• October 24, 2018 24 Oct'18

  Government can’t guarantee no-deal Brexit data-sharing agreement

  Digital minister Margot James says there is no clear timetable on when the UK will secure a data adequacy decision from the EU, and cannot guarantee an agreement will be in place in the event of a no-deal Brexit

• October 24, 2018 24 Oct'18

  Sibos 2018: ‘Black swan’ cyber event is inevitable

  With security experts and bankers expecting a 9/11-style cyber event, deeper collaboration between companies and governments is necessary to identify emerging threats before they occur

• October 24, 2018 24 Oct'18

  Yahoo to pay at least $85m for data breach settlement

  Yahoo has agreed to a settlement in a class action lawsuit on behalf of 200 million consumers affected by a data breach in 2013

• October 24, 2018 24 Oct'18

  Datacentre glitches expose data loss risks

  A new study has highlighted the fragility of corporate datacentres and the very real risk of data loss

• October 23, 2018 23 Oct'18

  Interview: Steve Grobman, McAfee CTO shares his views on some burning security questions

  Cyber security technology innovator and veteran Steve Grobman shares his views on adversarial artificial intelligence, post-quantum cryptography and security for next-gen tech

• October 23, 2018 23 Oct'18

  Morrisons loses appeal against data breach liability ruling

  Supermarket chain has lost its appeal against a High Court ruling that found it liable for a data leak by a former employee, underlining the importance of managing insider threats

• October 22, 2018 22 Oct'18

  Centralised identity risky and not web 3.0 friendly, says entrepreneur

  User controlled identity is less risky than centralised identity and essential for the next evolution of the web, according to an entrepreneur and evangelist of self-sovereign identity and blockchain technologies

• October 22, 2018 22 Oct'18

  McAfee CTO raises concerns about election cyber security

  The security industry needs to look at the security of election processes around the world as well as the security of voting and counting machines, says McAfee CTO

• October 19, 2018 19 Oct'18

  McAfee combining threat intel with AI

  Simulations show that threat intelligence and artificial intelligence is a powerful combination, according to McAfee’s technology head

• October 19, 2018 19 Oct'18

  Kaspersky advances plans to encourage women into cyber

  Cyber security provider Kaspersky Lab has partnered with several other organisations to try to encourage more women into cyber

• October 19, 2018 19 Oct'18

  Learn lessons from attacks, says McAfee investigations chief

  Organisations should use every cyber attack as an opportunity to learn, identify weaknesses and improve security posture, according to McAfee’s head of cyber investigations

• October 18, 2018 18 Oct'18

  McAfee researchers uncover ‘significant’ espionage campaign

  Researchers discover campaign targeting South Korea, the US and Canada with links to eight-year-old source code from a threat group that has been dormant for five years

• October 18, 2018 18 Oct'18

  NHS standards framework aims to set the bar for quality and efficiency

  NHS Digital’s standards framework sets out renewed commitment to implement and use open standards across the NHS

• October 18, 2018 18 Oct'18

  Best of VMworld Europe 2018 Awards nominations now open until 26 October

  Read the criteria for the Best of VMworld Europe User Awards and find out how to submit your nomination

• October 18, 2018 18 Oct'18

  Time to implement new cyber security protections, says McAfee CEO Chris Young

  Convergence of threats and technologies and an increasingly complex regulatory environment are driving the need to implement new cyber security protections, says McAfee chief

• October 18, 2018 18 Oct'18

  'Sealed cloud' promises better data security

  TÜV SÜD’s Singapore Sealed Cloud does not grant administrators access to data, reducing the possibility of hackers breaking into databases using compromised administrator credentials

• October 16, 2018 16 Oct'18

  APAC security spending tipped to reach new highs

  Security services will be the largest and fastest-growing slice of the overall security pie in the Asia-Pacific region

• October 16, 2018 16 Oct'18

  Zero-trust security model gaining traction

  The zero-trust model of security is finally gaining traction as security professionals tap into new tools and executive buy-in to support this approach in an effort to improve security posture and practices

• October 16, 2018 16 Oct'18

  UK faces 10 cyber attacks a week as hostile states step up hacking, says NCSC

  The UK’s National Cyber Security Centre has thwarted more than 1,600 attacks over the past two years – many by hostile nation states

• October 15, 2018 15 Oct'18

  Tech companies should not be under legal duty to remove terrorist material, says watchdog

  The internet should not be a safe place for terrorists, but making it compulsory for technology companies to trawl for radical content risks interfering with the rights of innocent people, says Max Hill QC, the independent reviewer of terrorism ...

• October 15, 2018 15 Oct'18

  Good data governance is good business

  Organisations are failing to understand the importance of getting their data relationship with customers right and seeing the business opportunities that it enables, an industry analyst warns

• October 15, 2018 15 Oct'18

  Cost of WannaCry attack to NHS set at £92m

  Department for Health and Social Care estimates the immediate cost of the May 2017 WannaCry attack on the NHS was £92m, and says it will have spent about £275m on improvements to its cyber security infrastructure by the end of 2021

• October 15, 2018 15 Oct'18

  IoT firms sign up to UK security code of practice

  Internet of things technology firms have begun signing up to a UK code of practice to strengthen the security of internet-connected devices. The code is expected to form the basis of an international standard

• October 15, 2018 15 Oct'18

  Apple challenges Australia’s proposed decryption law

  Tech giant Apple argued that the lack of judicial oversight could reduce customer trust and security, among other reservations over Australia’s draft decryption legislation

• October 12, 2018 12 Oct'18

  FS-ISAC awards cyber security scholarships in Europe

  Five women have been awarded cyber security scholarships at FS-ISAC’s 2018 EMEA Summit

• October 12, 2018 12 Oct'18

  WikiLeaks goes public with alleged list of AWS datacentre locations and code names

  Whistle-blowing website claims to have obtained a confidential document detailing code names, locations and operational details of Amazon’s datacentre portfolio

• October 12, 2018 12 Oct'18

  Some 10% of user-reported emails malicious

  On average, 1 in 10 user-reported emails is identified as malicious, and more than half can be tied to credential phishing, a Cofense report reveals

• October 12, 2018 12 Oct'18

  Watchdog calls for clarity on Schedule 7 terrorism powers

  The Independent Reviewer of Terrorism Legislation has called for greater clarity over police Schedule 7 powers to seize mobile phones and computers and question people without grounds for suspicion at ports and airports

• October 12, 2018 12 Oct'18

  AI is no silver bullet for cyber security

  A security expert has called for businesses to manage the risks of adopting new technologies and improve their cyber hygiene, rather than see artificial intelligence as a panacea for their security woes

• October 11, 2018 11 Oct'18

  Crypto-mining malware poses as Flash updates

  Cryptocurrency mining malware is posing as Flash updates that appear to be legitimate, Palo Alto Networks security researchers warn

• October 11, 2018 11 Oct'18

  RATs and Mimikatz among top publicly available hacking tools

  Remote access Trojans (RATs), web shells and Mimikatz among the top publicly available tools that are used in cyber attacks around the world, a five-nation cyber intelligence report reveals

• October 11, 2018 11 Oct'18

  The troublesome saga of Gov.uk Verify

  As the government plans to hand over its flagship identity assurance programme to the private sector, Computer Weekly looks at the history of the troubled project and how Gov.uk Verify ended up on the chopping board

• October 11, 2018 11 Oct'18

  Nato to be fully operational in cyber space by 2023

  Nato is aiming to achieve full operational readiness in cyber space within five years

• October 11, 2018 11 Oct'18

  MEPs urge Facebook to roll out election fraud prevention measures

  Facebook is coming under pressure from European lawmakers to do more to prevent its user data from being misappropriated during elections

• October 11, 2018 11 Oct'18

  Dropping commercial open source lowers PaaS costs at Fidelity

  Investment company Fidelity has created an on-premise PaaS for its in-house developer teams using the open source Cloud Foundry platform

• October 11, 2018 11 Oct'18

  Optus to acquire Hivint in cyber security deal

  The deal is expected to bolster the telco’s security pedigree in a market that is grappling with more data breaches and cyber incidents

• October 10, 2018 10 Oct'18

  Detail of Dutch reaction to Russian cyber attack made public deliberately

  Four Russian intelligence officials were expelled from the Netherlands after an attempted hack on the global chemical weapons watchdog. The Dutch government has been open about the detail

• October 10, 2018 10 Oct'18

  Bug bounties not a silver bullet, Katie Moussouris warns

  Targeted bug bounties have a role to play in cyber security, but they are not a "silver bullet", and run the risk of wiping out talent pipelines if poorly implemented, warns bug bounty pioneer

• October 10, 2018 10 Oct'18

  NCSC head says attribution of GRU attacks important

  The head of the UK’s National Cyber Security Centre has described the attribution of a wave of cyber attacks to Russia’s military intelligence service as “historically important” at a conference in Poland

• October 10, 2018 10 Oct'18

  Singapore extends reach of digital ID system with cloud

  GovTech is using AWS to host a developer platform that enables government agencies and businesses to develop services that build on the upcoming National Digital Identity system

• October 09, 2018 09 Oct'18

  Government to end investment in Gov.uk Verify digital identity system

  Cabinet Office announces 18-month transition to hand troubled identity assurance programme over to private sector

• October 09, 2018 09 Oct'18

  Cooperation vital in cyber security, says former Estonian minister

  States acting alone cannot be efficient in cyber security and need to cooperate with others to build trust, says a former foreign minister of Estonia

• October 09, 2018 09 Oct'18

  Consumer Google+ dumped in favour of enterprise focus

  Google+ will no longer be offered to consumers, following a security audit. Instead, the company plans to flesh out an enterprise social media strategy

• October 08, 2018 08 Oct'18

  High Court blocks Google iPhone privacy lawsuit

  The UK High Court has thrown out a group action lawsuit against Google for tracking iPhone browsing data, but campaign group Google You Owe Us, which brought the litigation, will appeal the decision

• October 08, 2018 08 Oct'18

  NCSC head calls for technocratic partnership to fix cyber risks

  The UK’s National Cyber Security Centre is appealing for collaboration with the technology industry to remedy key vulnerabilities in current IT

• October 08, 2018 08 Oct'18

  Airbus secures European institutions against cyber threat

  Airbus CyberSecurity has partnered with Atos to help protect 17 European government institutes from cyber attacks

• October 08, 2018 08 Oct'18

  ICO hits Heathrow Airport with £120,000 data breach fine over lost USB stick

  Information Commissioner’s Office fines airport after a member of the public came across a USB stick containing sensitive personal information about airport staff

• October 08, 2018 08 Oct'18

  Google Safety Center goes live in the UK

  Google says its commitment to transparency is as strong as ever as its new Safety Center goes live in the UK to help keep businesses and consumers safe online

• October 05, 2018 05 Oct'18

  Amazon and Apple deny claims Chinese government bugged their servers

  Amazon and Apple have publicly refuted a Bloomberg report that claims their servers were tampered with and bugged during the manufacturing process

• October 05, 2018 05 Oct'18

  GDPR case work swamps Denmark’s data protection agency

  The agency investigating alleged breaches of GDPR in Denmark is recruiting additional resources to cope with the increase in work

• October 04, 2018 04 Oct'18

  Security Serious Unsung Heroes announced

  Awards celebrate the people of the cyber security industry on the front lines of organisations battling cyber threats