News
Regulatory compliance and standard requirements
-
October 07, 2025
07
Oct'25
The Security Interviews: David Bradbury, CSO, Okta
Okta’s chief security officer talks security by default and explains why he thinks time is running out for the shared responsibility model
-
October 06, 2025
06
Oct'25
Police ordered to give reasons in closed court for seizing phone of UK Hamas lawyer
London court orders police to disclose reasons for seizing and copying the contents of a phone belonging to a UK lawyer who represented Hamas, but refuses an injunction to prevent police from reviewing the phone until after judicial review
-
October 06, 2025
06
Oct'25
Data sovereignty demand pushes Herabit to get S3 storage
Italian service provider gets Cubbit DS3 distributed S3 storage to provide up to 2PB of cloud services to customers demanding data sovereignty, while cutting costs by up to 50%
-
October 02, 2025
02
Oct'25
PSNI appoints legal counsel to report on police conduct after McCullough surveillance review
The Police Service of Northern Ireland has commissioned a senior lawyer to report back on whether there was any misconduct by police officers following the McCullough Review into the surveillance of journalists, lawyers and NGOs
-
October 01, 2025
01
Oct'25
Home Office issues new ‘backdoor’ order over Apple encryption
A second Home Office technical capability notice requires Apple to provide access to encrypted data and messages of British users stored on its iCloud service
-
October 01, 2025
01
Oct'25
US government shutdown stalls cyber intel sharing
A key US law covering cyber security intelligence sharing has expired without an extension or replacement amid a total shutdown of the federal government, putting global security collaboration at risk.
-
October 01, 2025
01
Oct'25
EU Chat Control plans pose ‘existential catastrophic risk’ to encryption, says Signal
As EU member states prepare to vote on plans to mandate tech companies to introduce technology to scan messages before they are encrypted, Signal warns that Chat Control will create new security risks
-
September 30, 2025
30
Sep'25
MPs press outsourcer TCS over Jaguar cyber attack
The government’s cross-bench Business and Trade Committee has written to Tata Consultancy Services seeking answers over possible links to cyber attacks on Jaguar Land Rover, Marks and Spencer, and Co-op
-
September 29, 2025
29
Sep'25
JLR tentatively restarts production, following £1.5bn government backing
Jaguar Land Rover is to resume car production after a £1.5bn government loan guarantee amid its cyber attack fallout. Debate is growing over the bailout and insurance
-
September 26, 2025
26
Sep'25
Over half of India-based companies suffer security breaches
Business supply chains, which include Indian companies, are at risk of attack as more than half of suppliers were breached last year
-
September 26, 2025
26
Sep'25
Microsoft hides key data flow information in plain sight
Microsoft’s own documentation confirms that data hosted in its hyperscale cloud architecture routinely traverses the globe, but the tech giant is actively obfuscating this vital information from its UK law enforcement customers
-
September 26, 2025
26
Sep'25
Okta CEO: AI security and identity security are one and the same
At Oktane 2025 in Las Vegas, Okta CEO Todd McKinnon describes AI security and identity security as inseparable as he tees up a series of agentic security innovations
-
September 25, 2025
25
Sep'25
Netherlands establishes cyber resilience network to strengthen public-private digital defence
Network will connect organisations in a cyber crime defence initiative that goes way beyond information sharing
-
September 24, 2025
24
Sep'25
McCullough Review finds PSNI failures but no ‘systemic’ surveillance of journalists
A review by Angus McCullough KC reveals that Northern Ireland police failed to comply with the law but that there was no ‘widespread and systemic’ surveillance of journalists, lawyers and NGOs
-
September 23, 2025
23
Sep'25
‘Our worst day’: The untold story of the Electoral Commission cyber attack
As head of digital at The Electoral Commission, Andrew Simpson’s mettle was tested when threat actors gained access to the regulator’s email systems and accessed sensitive voter data. Three years on, he tells his story to Computer Weekly
-
September 19, 2025
19
Sep'25
UK cyber action plan lays out path to resilience
A report produced for the government by academics at Imperial College London and the University of Bristol sets out nine recommendations to strengthen the UK’s cyber sector
-
September 19, 2025
19
Sep'25
French court ruling may lead to legal challenges over state Sky ECC and EncroChat phone hack
A decision by the French supreme court may pave the way for defendants to challenge the lawfulness of France’s hacking of the EncroChat and Sky ECC cryptophone networks used by organised crime groups
-
September 17, 2025
17
Sep'25
Firms urged to adopt risk-based data sovereignty strategy
Geopolitical uncertainty is forcing organisations to rethink where their data is located, but a full retreat from the public cloud is not the answer
-
September 17, 2025
17
Sep'25
Hamas lawyer challenges police after they seized legal files from phone in Schedule 7 stop
A UK solicitor hired by Hamas to challenge its proscription in the UK as a terrorist organisation argues police acted unlawfully by seizing a phone containing confidential legally privileged material about his clients
-
September 15, 2025
15
Sep'25
Arqit to support NCSC’s post-quantum cryptography pilot
Quantum specialist Arqit will provide specialised post-quantum migration planning services to organisations preparing to address the imminent risks to traditional cryptography
-
September 15, 2025
15
Sep'25
Forrester Technology & Innovation Summit preview: Digital sovereignty in the public cloud
We look at how IT leaders need to balance data access, data residency and data sovereignty
-
September 11, 2025
11
Sep'25
Chat Control: EU to decide on requirement for tech firms to scan encrypted messages
Law enforcement and police experts meet on Friday to decide on proposals to require technology companies to scan encrypted messages for possible child abuse images amid growing opposition from security experts
-
September 10, 2025
10
Sep'25
UK contactless card payment limits could be unlimited
The UK Financial Conduct Authority says contactless payment technology and fraud protections have advanced enough for firms to adjust the limit
-
September 08, 2025
08
Sep'25
Northern Ireland police kept inspectors in dark over surveillance of journalists
The Police Service of Northern Ireland failed to inform the Investigatory Powers Commissioner’s Office about surveillance operations against journalists during annual inspections
-
September 05, 2025
05
Sep'25
US politicians ponder Wimwig cyber intel sharing law
US cyber data sharing legislation is set to replace an Obama-era law, but time is running out to get it over the line, with global ramifications for the security industry, and intelligence and law enforcement communities
-
September 04, 2025
04
Sep'25
UK sets out plans for AI assurance leadership
Labour wants the UK to become the world leader in artificial intelligence assurance
-
September 03, 2025
03
Sep'25
European court upholds EU-US Data Privacy Framework data-sharing agreement
EU General Court upholds EU-US Data Privacy Framework, bringing certainty to businesses that exchange data with the US – for now. An appeal may be in the offing
-
August 31, 2025
31
Aug'25
Google Cloud brings on-premise Gemini AI to Singapore
Move allows government agencies and regulated industries to run Google’s most powerful artificial intelligence models in their own datacentres, directly addressing data security and residency requirements to fuel the nation’s AI ambitions
-
August 29, 2025
29
Aug'25
Home Office ‘backdoor’ seeks worldwide access to Apple iCloud users’ data, court documents confirm
A court filing states that a government order against Apple would give it the capability to access communications and metadata of customers using the iCloud service anywhere in the world
-
August 28, 2025
28
Aug'25
UK cyber security centre helps expose China-based cyber campaign
GCHQ cyber security centre and its international partners release details of malicious cyber activity linked to Chinese businesses
-
August 21, 2025
21
Aug'25
Scale of MoD Afghan data breaches widens dramatically
Many more data breaches at the MoD's Arap programme to relocate at-risk Afghan citizens to Britain have emerged following an FoI request by BBC journalists
-
August 20, 2025
20
Aug'25
Microsoft starts including PQC algorithms in cyber foundations
Microsoft updates on its post-quantum cyber strategy as it continues integrating quantum-safe algorithms into some of the core foundations underpinning its products and services
-
August 19, 2025
19
Aug'25
Google spins up agentic SOC to speed up incident management
Google Cloud elaborates on its vision for securing artificial intelligence unveiling new protections and capabilities across its product suite
-
August 19, 2025
19
Aug'25
ISACA launches AI security management certification
ISACA accredited security professionals can now pursue a new AI security management credential
-
August 19, 2025
19
Aug'25
US says UK has agreed to drop encryption ‘backdoor’ demands against Apple
US and UK end diplomatic row over UK encryption ‘backdoor’ order against Apple, but it remains unclear whether Apple will restore advanced encryption services to UK users
-
August 19, 2025
19
Aug'25
Singapore board directors to get cyber crisis training
The Singapore Institute of Directors and Ensign InfoSecurity have launched a programme to equip 1,000 board leaders with the skills to navigate high-stakes decisions during a cyber crisis
-
August 18, 2025
18
Aug'25
L’Oréal to promote cyber resilience for Britain’s beauty salons
L’Oréal UK and Ireland will work with law enforcement, cyber educators and students, and other large organisations to help thousands of small salons across the UK improve their cyber resilience practice
-
August 15, 2025
15
Aug'25
UK cyber leaders feel impact of Trump cutbacks
The ripple effects of US cyber security cutbacks have reached this side of the Atlantic, according to a report
-
August 15, 2025
15
Aug'25
US trade body calls on Washington to cut cyber red tape
The US Information Technology Industry Council has called on the White House’s Office of the National Cyber Director to cut burdensome regulations in areas such as AI and incident reporting, and to do more to build a unified security regime
-
August 12, 2025
12
Aug'25
Norway fixing Big Bang e-health botch with fintech security
Experts call for Europe’s health sector to protect medical APIs with security originated from UK open banking as officials take urgent measures against unprecedented attacks
-
August 11, 2025
11
Aug'25
McCullough Review into PSNI spying on journalists and lawyers delayed
Angus McCullough KC is to present findings of an independent review of police spying on phone data of lawyers, journalists and NGOs in Northern Ireland in October
-
August 11, 2025
11
Aug'25
Watching the watchers: Is the Technical Advisory Panel a match for MI5, MI6 and GCHQ?
Dame Muffy Calder is chair of the Technical Advisory Panel (TAP), a small group of experts that advises the Investigatory Powers Commissioner on surveillance technology. Do they have what it takes to oversee the intelligence community?
-
August 06, 2025
06
Aug'25
Black Hat USA: Startup breaks secrets management tools
Researchers at Cyata, an agentic identity specialist that has just emerged from stealth, found 14 CVEs in the widely used CyberArk Conjur and HashiCorp Vault enterprise secrets management platforms
-
August 06, 2025
06
Aug'25
Companies House ID verification to start in November 2025
Companies House plans to start vetting director identities from mid-November, but its reliance on the troubled One Login digital identity service may be cause for concern
-
August 06, 2025
06
Aug'25
NCSC updates CNI Cyber Assessment Framework
Updates to the NCSC’s Cyber Assessment Framework are designed to help providers of critical services better manage their risk profiles
-
August 06, 2025
06
Aug'25
Australian scaleup to bring AI-led data protection to the MoD
The UK’s Ministry of Defence is embracing AI-led data protection in the wake of a major privacy breach, enlisting Australian cyber firm Castlepoint Systems to oversee sensitive records
-
August 04, 2025
04
Aug'25
Proliferation of on-premise GenAI platforms is widening security risks
Research finds increased adoption of unsanctioned generative artificial intelligence platforms is magnifying risk and causing a headache for security teams
-
July 30, 2025
30
Jul'25
AI-enabled security pushes down breach costs for UK organisations
Organisations that are incorporating AI and automation into their cyber security practice are seeing improved outcomes when incidents occur, according to an IBM study
-
July 30, 2025
30
Jul'25
Industry experts warn crypto infrastructure is ‘creaking’
A report from experts at HSBC, Thales and InfoSec Global claims decades-old cryptographic systems are failing, putting businesses at risk from current vulnerabilities and the threat from quantum computing
-
July 29, 2025
29
Jul'25
Senator warns of new UK surveillance risks to US citizens following Apple ‘backdoor’ row
US lawmaker calls for the US to publish an assessment of the risks posed by UK surveillance laws to US citizens in the wake of disclosures that the UK has ordered Apple to introduce ‘backdoors’ in Apple encryption