News

Identity and access management products

• September 07, 2022 07 Sep'22

  Prince’s Trust teams with threat management specialist in skills push

  Prince’s Trust hopes to address shortfall in cyber professionals and improve diversity in the industry

• September 07, 2022 07 Sep'22

  Digital identity is key to coping with surge in air travel

  The International Air Transport Association’s One ID digital identity initiative will pave the way for seamless air travel from curb to gate and help airports cope with growing passenger traffic

• September 06, 2022 06 Sep'22

  Companies House to introduce digital ID system

  Companies House will introduce a digital identity verification process for people wanting to register and run a company in the UK

• September 05, 2022 05 Sep'22

  How Okta is regaining customer trust after a cyber attack

  In early 2022, cyber firm Okta was among several tech companies hit by the Lapsus$ gang. Vice-president of customer trust Ben King talks about how he has been working behind the scenes to rebuild confidence after the incident

• September 01, 2022 01 Sep'22

  Swedish Electronics Protection Act coincides with major cyber spend

  Swedish cyber security law comes at a time of heavy government investment

• September 01, 2022 01 Sep'22

  New (ISC)² cyber careers schemes go live

  (ISC)² has opened up two new global cyber careers schemes to applicants to try to help organisations fill 2.7 million vacant roles worldwide

• August 31, 2022 31 Aug'22

  Norway has NOK200m plan to bolster cyber defences

  Norway is investing heavily in its cyber defences amid heightened threat from Russia

• August 30, 2022 30 Aug'22

  IAM house Okta confirms 0ktapus/Scatter Swine attack

  Following last week’s disclosureby Group-IB researchers of a major phishing campaign, Okta has warned its customers to be on their guard

• August 30, 2022 30 Aug'22

  LastPass breach limited in scale and well-managed, say experts

  A breach of LastPass’s developer environment does not seem to have affected users of the password management service, but it may still be time for a credential reset

• August 30, 2022 30 Aug'22

  One Login digital identity project makes headway

  Government services are lining up to work with the GDS on its One Login digital identity system, according to its director of digital identity, Natalie Jones

• August 25, 2022 25 Aug'22

  Criminal 0ktapus spoofed IAM firm in massive phishing attack

  Researchers at Group-IB have published research on a major phishing campaign that ensnared victims at the likes of Cloudflare and Twilio

• August 25, 2022 25 Aug'22

  Millions of Plex users may be at risk in password breach

  Up to half of Plex’s 30 million users may have had their personal data stolen by an unknown threat actor

• August 23, 2022 23 Aug'22

  NCSC shares cyber guidance for large infrastructure builds

  Balfour Beatty and McAlpine are among the large construction firms to have input into latest NCSC guidance for ensuring the security of major infrastructure projects

• August 19, 2022 19 Aug'22

  Google employees demand end to collection of abortion data

  In the wake of the US Supreme Court rolling back abortion rights, Google employees are calling on the company to stop collecting abortion-related data, so that it can never be shared with police

• August 19, 2022 19 Aug'22

  Cozy Bear targets MS 365 environments with new tactics

  Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments

• August 19, 2022 19 Aug'22

  Inside Singapore’s national digital identity journey

  Singapore’s national digital identity system has evolved from providing single sign-on to e-government services to pandemic-related and digital document capabilities in recent years

• August 18, 2022 18 Aug'22

  Growing MFA use spurs ‘pass-the-cookie’ attacks

  The exploitation of stolen session cookies by cyber criminals is once again back on the agenda, thanks to the growing popularity of multifactor authentication tools

• August 11, 2022 11 Aug'22

  Cisco averts cyber disaster after successful phishing attack

  A potentially serious cyber attack on Cisco’s systems that began after a threat actor successfully exploited an employee’s carelessly secured credentials was thwarted without major damage

• August 10, 2022 10 Aug'22

  UK to surveil convicted migrants with facial recognition

  A Home Office scheme to biometrically scan the faces of convicted migrants who have already carried out punishments has come under fire from privacy and human rights groups for being discriminatory

• August 09, 2022 09 Aug'22

  Cyber insurance getting harder to obtain

  Organisations looking to shore up their security postures face more and more barriers to obtaining cyber insurance

• August 04, 2022 04 Aug'22

  UK has biggest card fraud problem in Europe

  Social Market Foundation calls on the UK to get a grip on its huge problem with bank card fraud in Europe

• August 04, 2022 04 Aug'22

  SBRC to administer NCSC training across Scotland

  The Scottish Business Resilience Centre has been awarded a £500,000 contract to extend cyber resilience training across more than 250 at-risk organisations

• August 02, 2022 02 Aug'22

  UK safety tech sector sees strong revenue and employment growth

  Safety tech is now one of the fastest-growing sectors in the UK tech industry, with jumps in revenue, investment and employment

• July 28, 2022 28 Jul'22

  NCSC startups scheme turns focus to operational technology, SME security

  NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses

• July 27, 2022 27 Jul'22

  Cyber security training ‘boring’ and largely ignored

  Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them

• July 26, 2022 26 Jul'22

  Visibility and proactive stance needed to secure OT systems

  Critical infrastructure operators need to have more visibility into their IT and operational technology environment, and take a more active stance to fend off sophisticated adversaries, expert says

• July 25, 2022 25 Jul'22

  NCSC seeks community input for Cyber Advisor service

  The NCSC is proposing to establish a new Cyber Advisor service to train up experts in security guidance, and is inviting interested parties to come forward

• July 20, 2022 20 Jul'22

  (ISC)² expands entry-level cyber programme after UK success

  Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide

• July 20, 2022 20 Jul'22

  How NEC is transforming its business

  While NEC is known for its public safety systems, the company has been expanding into new areas including e-government, financial services and customer experience in Asia-Pacific

• July 20, 2022 20 Jul'22

  Russia’s Cozy Bear abusing Dropbox, Google Drive to target victims

  Russian APT known as Cozy Bear has become adept at quickly incorporating popular cloud storage services into its attack chain to avoid detection

• July 14, 2022 14 Jul'22

  How hostile government APTs target journalists for cyber intrusions

  Proofpoint shares data on multiple campaigns of cyber intrusions against journalists originating from threat actors aligned to the governments of China, Iran, North Korea and Turkey

• July 14, 2022 14 Jul'22

  Government pauses Online Safety Bill’s progress

  The government has paused the Online Safety Bill’s journey towards becoming law, amid timetable pressure

• July 13, 2022 13 Jul'22

  Slippery phish wriggles around MFA protections, says Microsoft

  Microsoft’s threat researchers share details of a phishing campaign that hit 10,000 organisations, against which standard multifactor authentication provides little defence

• July 12, 2022 12 Jul'22

  Singapore doubles down on OT security

  The Cyber Security Agency of Singapore will fund 80 scholarships to groom a talent pool of operational technology security experts, among other efforts to bolster the security of critical infrastructure in the city-state

• July 11, 2022 11 Jul'22

  SMEs lagging on multifactor authentication

  Only 46% of small business owners say they have implemented multifactor authentication, and just 13% mandate its use, according to a report

• July 08, 2022 08 Jul'22

  Sweden and GDPR – four years on

  Swedish data protection coordinator talks to Computer Weekly four years into the General Data Protection Regulation

• July 07, 2022 07 Jul'22

  Latest Marriott data breach not as serious as others

  Questions are again being raised over Marriott’s cyber security practices following yet another incident, but fortunately it seems limited in its scope, and the company is responding appropriately

• July 06, 2022 06 Jul'22

  Plexal seeks new scaleups for next phase of Cyber Runway

  Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme

• July 04, 2022 04 Jul'22

  Government rejects Lords police tech inquiry recommendations

  The government has largely rejected the findings and recommendations of a House of Lords inquiry into police tech, which called for an overhaul of how police deploy artificial intelligence and algorithmic technologies

• June 29, 2022 29 Jun'22

  Urgent need for new laws to govern biometrics, legal review finds

  Independent review says new framework is needed to clear up legal and ethical concerns over the use of biometric data and technologies, which can impact privacy, freedom of expression and other human rights

• June 22, 2022 22 Jun'22

  Uber drivers strike over pay issues and algorithmic transparency

  Unionised Uber drivers take industrial action against the company over its failure to pay workers in line with a Supreme Court decision and inflation, as well as the lack of transparency around how it uses their data

• June 22, 2022 22 Jun'22

  How TDCX is building a people-centric business

  Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez

• June 21, 2022 21 Jun'22

  Microsoft Office 365 has ability to ‘spy’ on workers

  Microsoft faces calls for ‘transparency’ over tools in Office 365 that allow employers to read staff emails and monitor their computer use at work

• June 16, 2022 16 Jun'22

  Dundee security research centre opens with support from SBRC

  An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster

• June 16, 2022 16 Jun'22

  Office 365 loophole may give ransomware an easy shot at your files

  Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive

• June 15, 2022 15 Jun'22

  $2k to access your organisation on the dark web

  Dark web brokers will sell access to company networks and systems for an average of $2,000 to $4,000

• June 13, 2022 13 Jun'22

  Qatar bolsters cyber security in preparation for World Cup

  With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness

• June 10, 2022 10 Jun'22

  Researchers find eight CVEs in single building access system

  A series of eight vulnerabilities in Carrier LenelS2 building access panels could enable malicious actors to obtain physical access to their targets

• June 09, 2022 09 Jun'22

  Trade body calls for public-private sector collab on digital ID

  TechUK has published a report outlining 10 key recommendations it believes are urgently needed to enable the rapid creation of an effectively regulated digital identity marketplace

• May 24, 2022 24 May'22

  Ransomware volumes grew faster than ever in 2021

  Verizon’s annual DBIR assessment of the security landscape highlights an unprecedented boom in ransomware volumes, to the surprise of nobody