News

IT security

• June 06, 2019 06 Jun'19

  Firms face targeted bespoke cyber attacks, dark web study reveals

  Academic study exposes prolific availability and demand for tailored malware, network access and corporate espionage services, which suggests many firms’ cyber defences are below standard

• June 06, 2019 06 Jun'19

  Legacy IT systems a significant security challenge

  Information security professionals need to work closely with the business to identify critical legacy IT systems to ensure security risks are managed effectively, CISO tells Infosecurity Europe

• June 06, 2019 06 Jun'19

  Digital transformation an opportunity for security

  Digital transformation is an opportunity not only for the business to up its game, but also for security teams to engage with and win over the business, CISO tells Infosecurity Europe

• June 05, 2019 05 Jun'19

  London could be world cyber risk leader, says ex-Lloyd’s chief

  Collaboration across the cyber insurance, technology and security organisations in London could make the capital a leading world centre on these topics, says former Lloyd’s of London boss

• June 05, 2019 05 Jun'19

  DNS – a security opportunity not to be overlooked, says Nominet

  Domain name system data is the best-kept secret for eliminating network cyber threats, Nominet tells Infosecurity Europe attendees

• June 05, 2019 05 Jun'19

  Nearly two-thirds of businesses hit by credential abuse

  Most businesses admit to breaches relating to abuse of user credentials, according to a report that highlights cyber hygiene failings in the UK and the importance of greater visibility and integration to cyber defence capability

• June 04, 2019 04 Jun'19

  Businesses investing blindly in cyber security

  Businesses need to find out what their real cyber risks and weaknesses are before investing in new technologies, says ethical hacker

• June 04, 2019 04 Jun'19

  Deterministic data-based AI key for security

  AI-based cyber security systems have enormous potential, but under specific conditions that are essential for success, AI expert tells Infosecurity Europe

• June 04, 2019 04 Jun'19

  CIO interview: Gary Foote, CIO, Rich Energy Haas F1

  When he was offered the opportunity to set up the technology for a new Formula One team from scratch, CIO Gary Foote couldn’t wait to get on the starting line

• June 04, 2019 04 Jun'19

  Cyber crime widely under-reported, Isaca study shows

  Cyber crime, which is the top cyber threat to business, remains widely under-reported, and only a third of organisations are confident in their ability to detect and respond to threats, a study reveals

• June 04, 2019 04 Jun'19

  Beware of security blind spots in encrypted traffic

  The growth of encrypted traffic has put the spotlight on intrusion prevention systems that help to surface cyber attacks conducted under the cloak of network encryption

• June 03, 2019 03 Jun'19

  Australia’s Notifiable Data Breaches scheme drives compliance but issues remain

  Australia’s data breach notification rules have largely been complied with, but some quarters are calling for more clarity on the reporting threshold and tougher action against errant firms

• June 03, 2019 03 Jun'19

  Business leaders failing to address cyber threats

  Businesses are failing to address growing cyber threats as business leaders admit to knowledge gaps, a lack of resources and confusion about who is responsible for data breaches, a report reveals

• May 31, 2019 31 May'19

  Facebook loses bid to halt European court decision on EU-US data sharing

  Irish Supreme Court dismisses attempt by Facebook to prevent the European Court of Justice considering the validity of US-EU data transfers, after Austrian lawyer Max Schrems argued that they put the privacy of EU citizens at risk

• May 31, 2019 31 May'19

  GCHQ urged to abandon plans to access encrypted chats

  Tech companies and security and policy experts are calling for more dialogue with GCHQ on encryption, urging it to ditch its proposal for eavesdropping on encrypted chats

• May 30, 2019 30 May'19

  A lack of skills and ownership are top challenges to OT security

  A lack of skills, visibility and clarity on which business function is responsible for securing operational technology are the biggest challenges to managing the risk, a study shows

• May 30, 2019 30 May'19

  2.3 billion business and consumer data files exposed online

  In the year since the GDPR compliance deadline, the number of data files exposed online without adequate protection is up more than 50% due to misconfigured security controls, report reveals

• May 30, 2019 30 May'19

  Salesforce completes Pardot fix after 12 days’ disruption

  Plug was pulled on 17 May after a data script went wrong. Most users have had full access since 18 May, but 10 services remained down

• May 29, 2019 29 May'19

  Hackers targeting UK universities a threat to national security

  Poorly defended UK university research that is mainly commissioned by government is a top target for hackers, putting national security at risk, a study reveals, underlining the need for better cyber security

• May 29, 2019 29 May'19

  Turla APT group beefs up cyber attack tool

  An advanced persistent threat cyber espionage group has improved its tools to attack diplomatic targets, making their activities more difficult to detect and block

• May 29, 2019 29 May'19

  Cyber weapons readily available to criminals, researchers warn

  Security researchers have discovered an attack campaign infrastructure designed to scan, brute-force and infect tens of thousands of MS-SQL and PHPMyAdmin servers

• May 29, 2019 29 May'19

  ICO to shortlist Sandbox applicants

  Privacy watchdog’s Sandbox service aims to help develop innovative and beneficial products and services that are privacy compliant

• May 28, 2019 28 May'19

  Perfect storm for data science in security

  After nearly 20 years of research, the perfect storm of computing technologies is finally enabling data science to realise its potential to make valuable contributions to improving cyber security capabilities

• May 28, 2019 28 May'19

  Many search engine users unaware of personal data collection

  Many users of online search engines are still unaware that data is being collected about them for personalised advertising, a study has revealed

• May 28, 2019 28 May'19

  Dutch IT security firm dumps corporate structure

  Boss of Netherlands-based Computest turns to self-management model to make company more nimble

• May 26, 2019 26 May'19

  Australian firms coming to grips with AI ethics

  Australian businesses are warming up to AI, but just two in five have standards and guidelines for AI ethics, a study finds

• May 24, 2019 24 May'19

  Just over half of UK firms don’t have a cyber resilience plan

  Many UK firms still lack cyber resilience and data protection capabilities covering email a year after the implementation of the GDPR aimed at improving personal data protection

• May 24, 2019 24 May'19

  GDPR: Are we there yet?

  A full year since the General Data Protection Regulation was implemented, there has not been the severe punitive action expected by many and personal data breaches continue to happen, leaving many wondering if any progress has been made

• May 24, 2019 24 May'19

  Effect of GDPR yet to be felt, says law firm Hogan Lovells

  Despite the fact that the GDPR has been in full effect for a year, the true effect of the regulation is yet to be felt and organisations should ensure they keep their eye on the ball, says leading privacy law firm

• May 24, 2019 24 May'19

  No real change a year into GDPR, says privacy expert

  A year after the GDPR compliance deadline, many organisations still have a lot of work to do to make real changes and shift focus away from fines to business value and gain, says PwC’s GDPR and data protection lead

• May 24, 2019 24 May'19

  SurveyMonkey opens Dublin datacentre region to court data-security conscious enterprises in Europe

  Online survey software provider SurveyMonkey is on a Europe-wide enterprise charm offensive, and is focusing on winning over CIOs with the offer to locally host their data within its European datacentre region

• May 23, 2019 23 May'19

  Arm China seeks solutions to US export controls with Huawei

  Chip design firm in communication with Huawei-owned semiconductor firm HiSilicon following US move to halt exports of US technology to Chinese tech giant

• May 23, 2019 23 May'19

  IBM’s investment in automation pays off in GDPR’s first year

  The first year of the EU’s General Data Protection Regulation has demonstrated the value of IBM’s investment in machine learning-based automation and the importance of having the right strategy and systems in place, according to the firm’s data ...

• May 23, 2019 23 May'19

  Lapse in LinkedIn security certificate update

  A lapse in the update of LinkedIn’s security certificate has once again underlined the importance of keeping track to avoid disruptions and phishing attacks, and how even big players are failing to get it right

• May 23, 2019 23 May'19

  Police shut down Bestmixer bitcoin laundering service

  The Bestmixer cryptocurrency laundering service has been shut down by Dutch anti-fraud police with support from Europol after a tip off by cyber security researchers at McAfee, significantly disrupting cyber criminal money flows

• May 22, 2019 22 May'19

  TalkTalk admits new failings in 2015 data breach notification

  TalkTalk’s failure to notify all those affected by its 2015 data breach highlights the importance of data visibility so that breach notifications are fast and accurate – a key requirement of the GDPR

• May 22, 2019 22 May'19

  Singapore proposes data portability provisions

  The Personal Data Protection Commission is seeking public feedback on proposed provisions that will let consumers move their personal data across organisations

• May 21, 2019 21 May'19

  US grants Huawei stay of execution

  US Commerce Department temporarily restores Huawei’s ability to maintain its existing networks and smartphone user base

• May 21, 2019 21 May'19

  Dutch lecturer researches the person behind the cyber criminal

  Dutch academic is trying to get inside the mind of cyber criminals by understanding what makes them tick

• May 21, 2019 21 May'19

  Planned UK age verification checks risky for internet users

  Proposed controversial online age verification checks could increase the risk of identity theft and other cyber crimes, warn security experts, who advise parents to set technological boundaries and ensure their families are aware of risks

• May 21, 2019 21 May'19

  Cyber security scholarships on offer in Belfast

  Queen’s University Belfast is backing the cyber security sector with funding for master of science scholarships

• May 20, 2019 20 May'19

  Danske Bank launches initiative to help SME customers with cyber security

  Danske Bank launches initiative to support the cyber security efforts of its SME customers

• May 20, 2019 20 May'19

  GDPR an opportunity to improve data systems and processes

  A year after the official implementation of the GDPR, it is important to highlight the positive opportunities that compliance provides and the insights breach reports are providing, say Deloitte consultants

• May 20, 2019 20 May'19

  Google cuts off Huawei from Android ecosystem

  Google decision follows an executive order signed by President Trump, but Huawei insists US businesses and consumers will be the real losers

• May 20, 2019 20 May'19

  ICO to support GDPR certification schemes

  The UK data protection watchdog is accepting enquiries from organisations considering developing GDPR certification schemes, which the ICO says could help recipients achieve competitive advantage

• May 17, 2019 17 May'19

  Identity custodians needed in digital era

  Digital identity systems will fail if they do not take humans into account, warns identity innovator, suggesting that a ‘digital guardian’ could help overcome most of these challenges

• May 17, 2019 17 May'19

  GozNym bust underlines cyber crime threat

  A criminal network using GozNym malware has been shut down in an international law enforcement operation, but others are still operating, underlining the need for vigilance, warns a security expert

• May 16, 2019 16 May'19

  Trump bans ‘adversary’ tech from US telecoms in blow at Huawei

  US president announced ban on telecoms equipment from designated “adversary” states, including China

• May 16, 2019 16 May'19

  Norwegian industry and state must combine to counter cyber threats

  Norway has been targeted by two large ransomware attacks in recent months – and public and private organisations must react in a coordinated way

• May 16, 2019 16 May'19

  Self-sovereign ID key to data privacy

  Coupling self-sovereign identity with insights from research on consumer identity management may be the key to personalising products and services without putting people at risk, says industry analyst

• May 16, 2019 16 May'19

  Fujitsu sets out to restore trust in technology

  Trust in technology, how to recapture it, and how to ensure AI doesn’t overstep its bounds were the big messages on the opening day of Fujitsu Forum in Tokyo

• May 15, 2019 15 May'19

  Facebook engaged in ‘calculated’ campaign to eliminate competition, claims businessman

  A US businessman is seeking damages from Facebook after accusing the social media company of unfairly blocking “humorous” Facebook pages which generated hundreds of thousands of dollars in advertising revenue

• May 15, 2019 15 May'19

  Microsoft working to support decentralised identity

  Microsoft is among the big tech players aiming to help enable personalisation of products and services without putting privacy at risk

• May 15, 2019 15 May'19

  Implement multifactor authentication, urges expert panel

  Multifactor authentication should be a top priority for organisations to defend users from cyber attacks, coupled with zero-trust architecture and artificial intelligence-based technologies, says expert panel

• May 14, 2019 14 May'19

  APAC firms on the back foot in cyber security

  Most Asia-Pacific organisations did not consider cyber security until after their digital transformation projects had begun, new survey finds

• May 14, 2019 14 May'19

  Digital business is connected business, says KuppingerCole

  Businesses need to unlock data, rethink identity and access management, and capitalise on artificial intelligence in the digital era, says KuppingerCole

• May 14, 2019 14 May'19

  Electronic ID in the Nordics – a model for other countries?

  Use of electronic identity schemes in Sweden, Norway, Finland and Denmark is far ahead of other countries – but why?

• May 14, 2019 14 May'19

  Spyware targets WhatsApp users

  Social media platform issues update after it discovered a flaw being exploited by commercial spyware

• May 13, 2019 13 May'19

  National Crime Agency calls for additional funding to tackle 21st century crime

  Organised criminal gangs represent the biggest cyber threat to the UK, and law enforcement has identified rogue servers hosted in the UK

• May 13, 2019 13 May'19

  Security standard for surveillance cameras set for launch

  A long-overdue cyber security standard for the manufacturer of surveillance cameras is on track for an official launch in June

• May 10, 2019 10 May'19

  Key lessons from an ethical hacker

  Understanding hacker techniques and processes is the best way to defend against cyber attacks, and focusing on business risks is the best way to get security budget, according to an ethical hacker

• May 10, 2019 10 May'19

  Dutch businesses not yet implementing NIS Directive

  Little urgency to comply with the Network and Information Systems Security Act, which seeks to protect the Netherlands’ vital infrastructure and digital services from cyber attack

• May 09, 2019 09 May'19

  Facebook co-founder: ‘It is time to break up Facebook’

  Co-founder of Facebook, Chris Hughes, has published an op-ed in The New York Times calling for Facebook to be broken up, as it faces investigations from the US Federal Trade Commission

• May 09, 2019 09 May'19

  Northern Ireland generating cyber security knowledge and jobs

  Northern Ireland is establishing itself as an international hub of cyber security research and innovation, providing growing employment opportunities

• May 08, 2019 08 May'19

  Some Australian firms still in the dark about cyber security

  A report suggesting Australian firms are experiencing fewer cyber incidents has left its co-author perplexed with the findings

• May 08, 2019 08 May'19

  Gov.uk Verify has 'failed users' and its leaders lack accountability, say MPs

  Public Accounts Committee slams government's flagship digital identity service after a ‘catalogue of problems’

• May 08, 2019 08 May'19

  Time to start thinking about AI regulation, says KuppingerCole

  Organisations and individuals should think about regulating artificial intelligence to avoid sleepwalking into a future regulated by these technologies, says analyst

• May 08, 2019 08 May'19

  Cyber criminals targeting C-suite, DBIR shows

  Executives and cloud-based services are gaining popularity as targets for cyber criminals, according to the latest data breach investigations report

• May 07, 2019 07 May'19

  Privileged access management moving to cloud

  Survey shows nearly half of information security professionals are either planning to move privileged access management to the cloud or are exploring the possibility

• May 07, 2019 07 May'19

  HMRC begins deleting unlawful voice biometric data

  HM Revenue and Customs is to forge ahead with Voice ID despite beginning to delete the largest state-held voice biometric database gathered without consent after UK privacy and data protection watchdog issues order

• May 06, 2019 06 May'19

  AWS to power Australia’s 2021 online census

  PwC Australia, one of two firms appointed by the government to run the next Census, will build and operate an online form and a website on Amazon Web Services

• May 03, 2019 03 May'19

  Zero trust: A 21st century security model

  Traditional corporate security models date back to a time when there were fewer, lower-level threats, but a zero trust model is better suited to the 21st century, according to the originator of the idea

• May 03, 2019 03 May'19

  Norsk Hydro urges caution as it counts cost of cyber attack

  Norwegian aluminium giant Norsk Hydro is urging partners to be cautious in the wake of a damaging ransomware attack in March as financial impact estimates come in above initial estimates

• May 03, 2019 03 May'19

  Police down two dark web markets

  Europol-supported coordinated law enforcement approach across Europe and the US was key to operations’ success

• May 02, 2019 02 May'19

  Singapore rolls out blockchain platform for verifying educational certificates

  Employers in the city-state can now use the OpenCerts platform to verify the qualifications of employees and new hires

• May 02, 2019 02 May'19

  Firms urged to embrace positive security trends to win cyber war

  Modern cyber security challenges overshadow the information security successes of the past, but several positive trends are emerging as defenders come to grips with new threats, says Deloitte

• May 02, 2019 02 May'19

  Microservices introduce hidden security complexity, analyst warns

  Microservice architecture – an approach to application development in which applications are built as a suite of modular services – simplifies development but complicates security, says KuppingerCole

• May 02, 2019 02 May'19

  Businesses unprepared for cyber breaches

  Study shows many organisations lack IT security and operations basics, including visibility across their IT operations

• May 02, 2019 02 May'19

  Why IT departments miss basic IT security hygiene

  IT departments are failing to patch security holes in software because of a disconnect between security and operations teams, survey finds

• May 02, 2019 02 May'19

  Defence secretary sacked over Huawei leak

  Defence secretary Gavin Williamson has been sacked after leaking confidential discussions over the use of Huawei networking equipment

• May 01, 2019 01 May'19

  BSA releases framework for secure software

  Software industry advocacy group releases framework to facilitate flexible and comprehensive software security assessments

• May 01, 2019 01 May'19

  Get more proactive on cyber security, says ex Europol chief

  Business needs to get more proactive, collaborative, resilient and analytical to manage cyber risks posed by cyber criminals down to acceptable levels, says former Europol chief

• April 30, 2019 30 Apr'19

  UK gears up for new laws on IoT security

  The UK plans to introduce measures to require that basic cyber security features are built into internet-connected devices

• April 30, 2019 30 Apr'19

  Cyber criminals increase use of fileless attacks

  Fileless attacks are increasingly popular with cyber criminals, while Russia and China top the league of nation state data exfiltrators, threat data shows

• April 30, 2019 30 Apr'19

  Most businesses vulnerable to supply chain cyber attacks

  UK firms trail the leaders US and Germany in knowing the most about their partners’ cyber security practices, but most companies globally are in the dark about this growing source of vulnerabilities

• April 30, 2019 30 Apr'19

  Nearly half of UK IT pros report serious data breaches

  Integration of security systems and employee training recognised as key ways to reduce the growing severity of data breaches

• April 29, 2019 29 Apr'19

  Privacy and data protection an opportunity, says entrepreneur

  Organisations should see data protection and privacy compliance as an opportunity to build trust with customers, according to startup One.Thing.Less

• April 29, 2019 29 Apr'19

  Fix the basics first, then worry about AI, advise experts

  The freedom of the internet is at risk, with the cyber arms race and the industrialisation of hacking are set to continue as attackers move up the value chain to target trust mechanisms, threat experts predict

• April 29, 2019 29 Apr'19

  Australians lost half a billion dollars to scams in 2018

  Most of the losses went to investment scams as tricksters found innovative ways to dupe victims into parting with their money

• April 26, 2019 26 Apr'19

  Facebook faces fresh privacy actions from regulators

  Facebook faces legal action from Canada after it dismissed regulators’ findings that it failed to protect customer privacy. The firm has set aside $5bn to settle a privacy action in the US and faces a new investigation in Ireland

• April 26, 2019 26 Apr'19

  Top lessons from cyber attacks

  Cyber security experts weigh in on lessons learned from cyber attack experiences, underlining that recovery capability is as important as defence

• April 26, 2019 26 Apr'19

  Huawei leak inquiry launched

  Cabinet secretary Mark Sedwill has instituted an inquiry aimed at discovering who leaked confidential discussions about UK mobile operators’ use of Huawei in their future 5G networks to the press

• April 26, 2019 26 Apr'19

  GDPR cases drive bigger budgets for Nordic regulators

  High-profile General Data Protection Regulation cases in Finland and Sweden have increased the workload for regulators, which are to receive an increase in funding

• April 25, 2019 25 Apr'19

  Public becoming more aware of privacy abuses and unethical tech

  Widespread abuses of privacy, biometric information and artificial intelligence mean the internet is in poor health, but growing popular awareness of its problems gives some cause for hope, says the Mozilla Foundation

• April 25, 2019 25 Apr'19

  UK up for cyber challenge but work to be done, says minister

  Lidington says National Cyber Security Strategy has “revolutionised the UK’s fight against cyber threats”

• April 25, 2019 25 Apr'19

  NCSC and ICO pledge to support data breach victims

  The UK’s cyber security agency and privacy watchdog have agreed to work together to improve support for data breach victims and enhance cyber guidance

• April 25, 2019 25 Apr'19

  European Union to create central biometrics database

  New rules will see the introduction of a repository of personal data from hundreds of millions of citizens to support law enforcement across member states

• April 25, 2019 25 Apr'19

  No final decision taken on Huawei 5G ban, government claims

  Culture secretary tells MPs that a final decision on use of Huawei in UK 5G networks has not been taken, and says government is taking the leak of confidential discussions at the National Security Council very seriously

• April 25, 2019 25 Apr'19

  Cabinet Office addresses 5G security issue

  Cabinet Office uses NCSC conference to lay out government’s approach to the security of 5G networks, as controversy grows around using equipment from Chinese supplier Huawei

• April 25, 2019 25 Apr'19

  NCSC looks to industry to scale Active Cyber Defence

  The national cyber security agency is calling on wider government organisations as well as industry to help scale automated cyber attack blocking systems country-wide