News
Regulatory compliance and standard requirements
-
February 25, 2021
25
Feb'21
GCHQ sets out rules of the road for AI in cyber
A paper produced by GCHQ shows how the intelligence agency can use artificial intelligence responsibly as a tool to protect the UK’s national security
-
February 25, 2021
25
Feb'21
Npower shuts off app after credential stuffing attack
Npower customers will have to log in to their accounts on its website after its app was withdrawn following a security breach
-
February 24, 2021
24
Feb'21
Transport for NSW hit by Accellion breach
Australian state agency Transport for New South Wales is the latest victim of the supply chain attack against Accellion’s legacy file transfer system
-
February 24, 2021
24
Feb'21
Vaccine passports prove an ethical minefield
Privacy campaigners warn that vaccine passports may turn out to be discriminatory and invasive, while technologists agree careful consideration must be given to their design
-
February 24, 2021
24
Feb'21
Is Clubhouse safe, and should CISOs stop its use?
With more concerns being raised over the privacy and security of social media app Clubhouse, we consider whether security teams should consider restricting or stopping employees from using it
-
February 23, 2021
23
Feb'21
CyberScotland offers centralised security resource hub
Newly launched partnership brings together security resources for individuals and organisations across Scotland
-
February 22, 2021
22
Feb'21
Pandemic has exposed fractures in cyber fraud strategy
RUSI report urges a bolder and more coordinated response to cyber-enabled fraud as the pandemic lays bear the scale of the problem
-
February 19, 2021
19
Feb'21
European Commission proposes UK data adequacy agreement
The publication of two draft data adequacy decisions brings the UK closer to a final positive decision, which will enable the continued free flow of data between the EU and the UK if green-lit by member states
-
February 19, 2021
19
Feb'21
Biden will act on cyber security to fix SolarWinds mess
US will take action to modernise its defences in the wake of the SolarWinds attack, says US government cyber lead Anne Neuberger
-
February 18, 2021
18
Feb'21
Swedish police fined for unlawful use of facial-recognition app
Sweden’s data watchdog has found that Swedish police failed to conduct the data protection checks required by law before using controversial facial-recognition tool
-
February 18, 2021
18
Feb'21
City of Helsinki adopts MyData principles to improve digital services
Principles on the use of personal data for the benefit of society will guide Finnish capital’s ambitious digital plans
-
February 18, 2021
18
Feb'21
2020 a record year for cyber, thanks to Covid
The UK’s cyber industry now employs close to 50,000 people and contributes billions to the economy
-
February 18, 2021
18
Feb'21
Assessing UK law enforcement data adequacy
Data protection experts discuss the consequences of achieving data adequacy between the UK and EU for the UK’s intelligence services and criminal justice sector
-
February 17, 2021
17
Feb'21
Security pros agree: We need to take a break
As many as 85% of security staff engage in leisure activities during working hours, but they have excellent reasons for doing so
-
February 16, 2021
16
Feb'21
Qatar regulator launches platform to monitor human understanding of financial crime
Qatari financial services regulator works with global body to provide digital platform to assess whether financial services workers understand how to prevent financial crime
-
February 11, 2021
11
Feb'21
Hacked Finnish therapy business collapses
Vastaamo, the Finnish psychotherapy centre whose patients were blackmailed by a cyber criminal gang, has filed for bankruptcy
-
February 11, 2021
11
Feb'21
Singtel falls prey to supply chain attack
The Singapore telco reveals that its Accellion file sharing system was illegally hacked in a supply chain attack
-
February 09, 2021
09
Feb'21
Facebook sued for data-sharing practices with third parties
Data protection claim filed in London against social media giant for its alleged failure to give at least one million users in England and Wales meaningful control over their personal data
-
February 09, 2021
09
Feb'21
‘Batman Begins’ cyber attack is a warning to CNI providers
A thwarted cyber attack in a Florida town that could have resulted in the poisoning of the water supply is a timely reminder of the vulnerability of critical services
-
February 08, 2021
08
Feb'21
UK Cyber Security Council to take charge of skills strategy
New government-backed body will be set up to boost careers opportunities and professional standards in the cyber security sector
-
February 08, 2021
08
Feb'21
Too few UK organisations offering cyber training for remote work
Nearly a year into the pandemic, a study reveals a concerning tendency for organisations not to bother offering security training for remote workers
-
February 08, 2021
08
Feb'21
Data of thousands of Dutch citizens leaked from government Covid-19 systems
Weak access controls and outdated systems blamed for leaking of the personal details of thousands of Dutch citizens tested for Covid-19
-
February 05, 2021
05
Feb'21
EncroChat: Appeal court finds ‘digital phone tapping’ admissible in criminal trials
Appeal Court decides EncroChat-encrypted phone records can be used in criminal trials. Critics say the decision means phone tapping no longer has a ‘clear meaning in the digital age’
-
February 04, 2021
04
Feb'21
Fraud and cyber crime still vastly under-reported
The scale of digitally enabled crime in the UK is dramatically under-reported, new statistics indicate
-
February 01, 2021
01
Feb'21
‘Victory for free speech and openness’ after tribunal confirms no territorial restrictions to FOIA
Freedom of information tribunal rules that investigative journalists and others can use the Freedom of Information Act if they live outside the UK or are not British citizens
-
January 29, 2021
29
Jan'21
Hunting and anti-hunting groups locked in tit-for-tat row over data gathering
The leaking of internal documents has prompted a row between pro- and anti-hunting groups about the legality of the other’s data collection practices
-
January 29, 2021
29
Jan'21
Biometrics ethics group addresses public-private use of facial recognition
Home Office’s Biometrics and Forensics Ethics Group releases briefing note on the use of live facial recognition in public–private collaborations following a year-long investigation
-
January 29, 2021
29
Jan'21
Human factor dominates Australia’s latest data breach numbers
The number of data breaches resulting from human error increased by 18% in the second half of 2020, according to Australian government’s latest notifiable data breaches report
-
January 26, 2021
26
Jan'21
Conservatives broke data law to racially profile millions
The Conservative Party acted illegally in collecting data that inferred voters’ ethnicity and religious background, a Select Committee has heard
-
January 26, 2021
26
Jan'21
ICO extends commissioner Denham’s term of office
Extension of Elizabeth Denham’s tenure as information commissioner will give the government more time to appoint her successor
-
January 21, 2021
21
Jan'21
Two-thirds of CISOs say they’ll be cyber attack victims this year
Security professionals are ever alert to the threats they face, but some still seem to think it is unlikely they will be attacked
-
January 21, 2021
21
Jan'21
Interview: Tony Porter, chief privacy officer, Corsight AI
Tony Porter speaks to Computer Weekly about the changes in facial-recognition during his time as surveillance camera commissioner, the ethics of using the technology, and his new role as chief privacy officer at Corsight AI
-
January 19, 2021
19
Jan'21
UK fraud agency deploys ArcGIS dashboard for data sharing
The National Fraud Intelligence Bureau says it has achieved improved transparency with the public, as well as saving 3,500 staff hours and £100,000
-
January 19, 2021
19
Jan'21
Value of GDPR fines shows dramatic increase in 2020
European regulators imposed almost €160m worth of fines during the past 12 months, a substantial rise
-
January 19, 2021
19
Jan'21
Criminals fiddled stolen Covid-19 vaccine data to damage trust
Malicious actors manipulated stolen Covid-19 data in a way clearly intended to damage public trust in vaccines, says the EMA
-
January 19, 2021
19
Jan'21
MAS offers guidance on mitigating supply chain threats
Monetary Authority of Singapore revises its technology risk management guidelines to help the financial sector guard against supply chain attacks
-
January 18, 2021
18
Jan'21
Australians lost A$176m to scams in 2020
Investment scams topped the list of scams, which grew by 23.1% in 2020 as criminals exploited human psychology using social engineering
-
January 15, 2021
15
Jan'21
150,000 records accidentally wiped from police systems
Home Office claims data wiped from national police systems only relates to people who have never been convicted of a crime or had further police action taken against them following an arrest
-
January 15, 2021
15
Jan'21
US cyber security agencies get $9bn in Biden plan
New funding proposals come as US government reels from the impact of the December 2020 SolarWinds attack
-
January 14, 2021
14
Jan'21
All EU states can take data protection cases against Facebook, says EU court
An opinion from the European Court of Justice has the potential to lead to a flood of privacy complaints against Facebook if upheld
-
January 14, 2021
14
Jan'21
Experian calls for less bureaucratic data regulations
Open banking requires cross-industry collaboration, but sharing personal data requires explicit consent, which can become a bottleneck
-
January 14, 2021
14
Jan'21
Unforeseen consequences of new technologies put UK at risk
Lords committee told that the risks associated with various emerging digital technologies must be assessed together, with input from UK citizens, if the government is to avoid ‘siloisation’ of fundamentally interconnected problems
-
January 14, 2021
14
Jan'21
APAC firms grapple with cyber security amid pandemic
Some aspects of cyber security have taken a backseat as companies across the Asia-Pacific region rush to shore up their infrastructure to cope with the demands of remote work
-
January 13, 2021
13
Jan'21
Covid-19 immunity passport tests to begin in UK
A Covid-19 immunity and vaccination passport developed by two UK firms and backed by Innovate UK has entered the live testing phase
-
January 12, 2021
12
Jan'21
Palo Alto Networks opens Australia cloud location
The cyber security company’s Australia cloud location will address data localisation requirements amid growing adoption of cloud-based security services
-
January 12, 2021
12
Jan'21
Former ministers speak out on Mike Lynch extradition
As Mike Lynch, founder and former CEO of Autonomy, awaits his US extradition hearing, several former Tory MPs have expressed their concerns
-
January 11, 2021
11
Jan'21
New SolarWinds CEO sets out rescue plan
Customers can expect to see more regular and thorough checks on SolarWinds products, alongside greater engagement with the security community
-
January 08, 2021
08
Jan'21
Government use of 'general warrants' to authorise computer and phone hacking is unlawful
A court has ruled that the security and intelligence services can no longer rely on ‘general warrants’ to authorise the hacking of large numbers of computers and phones belonging to UK citizens
-
January 08, 2021
08
Jan'21
Which? online banking investigation reveals ‘worrying gaps’ in security
Consumer rights organisation has ranked the security of UK online current account providers
-
January 07, 2021
07
Jan'21
Biden picks cyber veteran to reinvigorate security response
Appointment of career intelligence operative Anne Neuberger signals refreshed security approach for the US government under Joe Biden's administration
-
January 06, 2021
06
Jan'21
WikiLeaks founder Julian Assange to remain in prison despite winning extradition battle
Judge cites Assange’s support of NSA whistleblower as one of the reasons for him being at high risk of absconding. He will remain in Belmarsh prison until the US government completes its appeal
-
January 06, 2021
06
Jan'21
SolarWinds attack almost certainly work of Russian spooks
Investigations into the far-reaching SolarWinds Solorigate attack did not let up during the holidays
-
January 04, 2021
04
Jan'21
WikiLeaks founder Julian Assange cannot be extradited to face charges in US, court rules
Court rules it would be oppressive to send Julian Assange to the US to face trial after finding he is at high risk of suicide. US government says it will appeal
-
January 04, 2021
04
Jan'21
Journalists’ FOI bids stayed as court reconsiders freedom of information rights of people outside UK
Tribunal questions whether people without a British passport or Britons living overseas are eligible to use the UK’s Freedom of Information Act
-
December 31, 2020
31
Dec'20
Top 10 technology and ethics stories of 2020
Here are Computer Weekly’s top 10 technology and ethics stories of 2020
-
December 31, 2020
31
Dec'20
Top 10 investigations and national security stories of 2020
Here are Computer Weekly’s top 10 investigations and national security stories of 2020
-
December 24, 2020
24
Dec'20
Top 10 cyber crime stories of 2020
Here are Computer Weekly’s top 10 cyber crime stories of 2020
-
December 23, 2020
23
Dec'20
Top 10 cyber security stories of 2020
Here are Computer Weekly’s 10 top cyber security stories of 2020
-
December 22, 2020
22
Dec'20
Ministry of Justice in the dock for catalogue of serious data breaches
Annual report reveals major incidents of personal data loss affecting 121,355 people and including misplaced, unencrypted USB stick containing documents from a trial, accidental disclosure of identities, and staff files made visible to ...
-
December 17, 2020
17
Dec'20
EU security strategy a ‘step up’ on cyber leadership, says Brussels
The EU’s new cyber security strategy forms a key component of Shaping Europe’s Digital Future, the Recovery Plan for Europe, and the EU Security Union Strategy
-
December 17, 2020
17
Dec'20
UK police unlawfully processing over a million people’s data on Microsoft 365
The roll-out of Microsoft 365 to dozens of UK police forces may be unlawful, because many have failed to conduct data protection checks before deployment and hold no information on their contracts
-
December 15, 2020
15
Dec'20
Cyber crime victims in the Netherlands not reporting offences
Dutch victims of online crime rarely report it to the police and when they do, they are often dissatisfied
-
December 13, 2020
13
Dec'20
Singapore trials beacons to bolster police operations
Police beacons equipped with video cameras, sirens, floodlights and speakers are being deployed at two parks to improve public safety in a year-long trial
-
December 07, 2020
07
Dec'20
Met Police failed to clear backlog of subject access requests
Metropolitan Police failed to comply fully with an enforcement notice issued by the Information Commissioner, and despite hundreds of overdue subject access requests the regulator did not take further action
-
December 07, 2020
07
Dec'20
HMRC referred 11 data security incidents to ICO in 2019-20
HM Revenue & Customs shares details of a number of data security incidents that occurred during the 2019-20 financial year in its annual report
-
November 30, 2020
30
Nov'20
MI5 accused of withholding surveillance compliance failures from cabinet minister
MI5 withheld high-risk concerns about its ability to comply with legislation from the home secretary when it submitted applications for surveillance warrants, NGOs Privacy International and Liberty claimed last week
-
November 27, 2020
27
Nov'20
UK government ramps up efforts to regulate tech giants
The Digital Markets Unit of the Competitions and Markets Authority aims to protect consumer privacy and lower barriers to entry for businesses
-
November 27, 2020
27
Nov'20
Algorithmic transparency obligations needed in public sector
Public sector’s use of algorithms with social impacts needs to be more transparent to foster trust and hold organisations responsible for the negative outcomes their systems may produce, says report
-
November 27, 2020
27
Nov'20
NI police unable to delete data seized unlawfully from journalists for 10 years
The Police Service of Northern Ireland is unable to delete terabytes of unlawfully seized data taken from journalists who exposed police failings in the investigation of the Loughinisland sectarian murders
-
November 27, 2020
27
Nov'20
How Grab is using technology to improve trust and safety
Southeast Asian unicorn Grab is tapping artificial intelligence and other technologies to keep its users safe and cyber criminals at bay
-
November 25, 2020
25
Nov'20
Merger of national policing systems over budget and behind schedule
UK government effort to replace legacy IT systems suffers further delays, and will not be fully completed until 2025 at the earliest
-
November 23, 2020
23
Nov'20
Telcos could face huge fines under new security laws
Government boasts of unprecedented powers to boost the security standards of the UK’s critical national infrastructure
-
November 20, 2020
20
Nov'20
Security pros fear prosecution under outdated UK laws
CyberUp, a group of campaigners who want to reform the Computer Misuse Act, finds 80% of security professionals are concerned that they may be prosecuted just for doing their jobs
-
November 19, 2020
19
Nov'20
Data silos and IT complexity stifle business potential
A study from 451 Research highlights the problems organisations face in managing data
-
November 17, 2020
17
Nov'20
Automated image recognition: How using ‘free’ photos on the internet can lead to lawsuits and fines
Germany-based photographer Marco Verch uses computer scripts to populate the internet with topical images and photographs. People and companies who make mistakes in following the complex licensing terms of his ‘free to share and adapt’ photographs ...
-
November 17, 2020
17
Nov'20
Kaspersky shuts down data-processing activities in Russia
Cyber security provider’s data storage and processing activities for customers in Europe, the US and Canada, have now been fully relocated to Switzerland
-
November 16, 2020
16
Nov'20
How Standard Chartered approaches cyber security
Bank uses security-by-design principles and conducts red-teaming exercises among other measures to fend off cyber breaches
-
November 16, 2020
16
Nov'20
Privacy advocates call for European probe into Palantir
Dutch group SOMI is trying to raise awareness of Palantir’s data privacy practices and how it works with European government agencies
-
November 16, 2020
16
Nov'20
Human error blamed in Welsh Covid-19 patient data leak
Public Health Wales accepts recommendations of independent probe into data breach that saw PII on 18,105 coronavirus patients leaked
-
November 13, 2020
13
Nov'20
Ticketmaster fined £1.25m by ICO for failing to protect customer data
Ticket website’s customer data was exposed through an attack on a third-party chatbot
-
November 11, 2020
11
Nov'20
Amazon charged with breaching EU antitrust rules
Tech giant accused of using data it collects on smaller retailers to benefit its own e-commerce business
-
November 11, 2020
11
Nov'20
EU aid funds used to train ‘unaccountable intelligence agencies’ in high-tech surveillance
Hundreds of documents obtained by campaign group Privacy International show how the EU is supporting surveillance programmes in the Balkans, the Middle East and Africa
-
November 10, 2020
10
Nov'20
IT Priorities 2020: After Covid-19, security goes back to basics
This year’s transition to remote working highlighted big gaps in the fundamentals of security, as updated TechTarget/Computer Weekly data reveals
-
November 09, 2020
09
Nov'20
EU moves closer to encryption ban after Austria, France attacks
Draft resolution document setting up an EU-wide ban on end-to-end encryption is set to be waved through this week
-
November 06, 2020
06
Nov'20
ICO sued over ‘failure’ to address ad industry practices
Privacy campaigner the Open Rights Group claims the advertising technology industry is systematically breaching the GDPR, and the ICO is doing nothing about it
-
November 05, 2020
05
Nov'20
Singapore government rolls out digital signature service
Individuals and businesses will soon be able to sign documents digitally using a new service on the Singapore government’s SingPass digital identity platform
-
November 04, 2020
04
Nov'20
EU to introduce data-sharing measures with US in weeks
The European Commission is to issue updated standard contractual clauses (SCCs) that will allow organisations in the EU to exchange data with the US, but they may arrive too late to incorporate into UK law
-
November 04, 2020
04
Nov'20
India and Japan report stronger concern over cyber threats
Security operations teams in the two Asian giants see the increased volume of cyber threats as their biggest challenge amid the Covid-19 pandemic
-
November 03, 2020
03
Nov'20
GDPR lawsuit against Oracle and Salesforce moves forward
Class action suit seeks claims worth more than £10bn over the processing of personal information
-
October 30, 2020
30
Oct'20
ICO slashes Marriott breach fine to £18.4m
Reduced fine reflects both improvements made to hotel group’s cyber security and impact of coronavirus on the travel and hospitality sector
-
October 28, 2020
28
Oct'20
Privacy and online safety are focus of new UKRI research funding
Online safety research centre of excellence will look into technology to boost privacy and tackle disinformation, fake news, conspiracies and other online harms
-
October 28, 2020
28
Oct'20
Barracuda eyes Indochina markets
Barracuda is looking to expand its local presence and headcount in fast-growing emerging markets of Vietnam, Cambodia and Laos
-
October 27, 2020
27
Oct'20
ICO slams Experian over ‘invisible’ data processing
Data processing practices used by Experian broke data protection law, says Information Commissioner’s Office
-
October 27, 2020
27
Oct'20
Calls for clarity over Amazon insider breach
Security experts call for more clarity from Amazon over an apparent leak of customer data
-
October 27, 2020
27
Oct'20
Sopra Steria hit by new version of Ryuk ransomware
IT services company Sopra Steria says it has contained the ransomware virus, but systems will take a few weeks to be fully operational
-
October 26, 2020
26
Oct'20
Forrester: CIOs must prepare for Brexit data transfer
With the end of the Brexit transition period just weeks away, multi-national organisations will need to re-evaluate how intercompany data is transmitted
-
October 26, 2020
26
Oct'20
Cooperation between Norway’s security agencies planned following cyber attack on parliament
Government seeks to develop enhanced national IT infrastructure with an embedded early warning system and defence shield to protect the IT systems of public and private organisations
-
October 22, 2020
22
Oct'20
Protecting remote workers an opportunity to do security better
Securing the fully remote workforce has been a challenge for IT teams, but it presents an opportunity to commit to a higher standard of cyber security, according to a Cisco report
-
October 21, 2020
21
Oct'20
NSA’s top CVE list a timely reminder to patch
Many of the CVEs detailed on the NSA’s top 25 chart are golden oldies
-
October 21, 2020
21
Oct'20
Charities warned over ‘Robin Hood’ cyber criminals
Accepting donations from cyber criminal groups could be deemed as profiting from crime, money laundering or handling stolen goods – so don’t do it