News

Regulatory compliance and standard requirements

• January 14, 2023 14 Jan'23

  Experts concerned over silence around government obligation to review UK surveillance laws

  The government is required to review the UK’s surveillance law, the Investigatory Powers Act, but experts say they are in the dark about its plans. The National Crime Agency’s operation Venetic has highlighted the need for urgent reforms

• January 12, 2023 12 Jan'23

  UK government completes trials of age estimation technology

  Government-led trials of age estimation and verification technologies for the sale of alcohol in nightlife venues and supermarkets have been completed, with both government and retail lobbyists pushing for legislation that would allow retailers to ...

• January 11, 2023 11 Jan'23

  Should we be worried about malicious use of AI language models?

  WithSecure research into GPT-3 language models, used by the likes of ChatGPT, surfaces concerning findings about how easy it is to use large language models for malicious purposes. Should security teams be concerned?

• January 10, 2023 10 Jan'23

  Insurer Beazley introduces catastrophe bond to ease cyber risk

  Insurance company Beazley says that its $45m cyber catastrophe bond will help to protect its balance sheet and enable it to offer more cyber insurance cover

• January 09, 2023 09 Jan'23

  JPMorgan ordered to face lawsuit over cyber attack on Ray-Ban maker

  US banking giant JPMorgan forced to respond to accusations that it failed to inform a business customer about suspicious transactions

• January 08, 2023 08 Jan'23

  Vulnerable organisations to get free Cyber Essentials support

  Charities and legal aid firms are among those to be offered free security checks and certifications from the National Cyber Security Centre

• January 06, 2023 06 Jan'23

  Proposed digital fraud refund rules risk excluding many victims

  Proposals to establish a fraud refund mechanism in the UK risk excluding many victims of digitally enabled fraud, a major bank has warned

• January 06, 2023 06 Jan'23

  Meta to appeal £345m fine for Facebook and Instagram privacy breaches

  Social media company Meta is to appeal after the Irish Data Protection Commission fined the company for breaching GDPR

• December 29, 2022 29 Dec'22

  Top 10 technology and ethics stories of 2022

  Here are Computer Weekly’s top 10 technology and ethics stories of 2022

• December 22, 2022 22 Dec'22

  Top 10 cyber security stories of 2022

  The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides

• December 22, 2022 22 Dec'22

  Top 10 crime, national security and law stories of 2022

  Here are Computer Weekly’s top 10 crime, national security and law stories of 2022

• December 16, 2022 16 Dec'22

  Shiseido data breach victims plan legal action over fake companies

  Employees and former employees of cosmetics firm Shiseido whose data was stolen in a recent breach are planning group legal action after their information was used to establish fraudulent companies in their names

• December 15, 2022 15 Dec'22

  NCA officer questioned in Investigatory Powers Tribunal over failure to disclose EncroChat notes

  EncroChat hacking warrant was unlawful and in breach of human rights law, the Investigatory Powers Tribunal hears

• December 14, 2022 14 Dec'22

  Private health provider data could be shared with NHS England

  Plans are advancing to create a single source of healthcare data in England combining both private providers and the NHS to avoid a repeat of the Ian Paterson scandal

• December 14, 2022 14 Dec'22

  NHS gets new guidance on public benefits of data sharing

  NHS national data guardian Nicola Byrne has published new guidance on how health and social care bodies should approach the task of evaluating public benefit when using data for purposes beyond individual care

• December 14, 2022 14 Dec'22

  New cyber approaches ease Registers of Scotland’s AWS migration

  As the holder of the oldest national public land register in the world, Registers of Scotland has a storied history dating back centuries. Find out how Palo Alto Networks is keeping its processes and data secure as it goes all-in on Amazon Web ...

• December 13, 2022 13 Dec'22

  EU issues draft data adequacy decision in favour of US

  The European Commission has concluded that the United States does ensure an adequate level of protection for personal data transferred from the European Union and will now launch the process towards the adoption of an adequacy decision

• December 13, 2022 13 Dec'22

  Finnish government launches information security voucher scheme

  Finland’s government is offering businesses financial support to help them improve their cyber security

• December 12, 2022 12 Dec'22

  Cloud-based fingerprint system for UK police nears completion

  Police Digital Service announces that a new cloud-based fingerprint system developed under its Transforming Forensics programme is nearly complete, but data protection concerns around the use of US-based cloud providers remain

• December 09, 2022 09 Dec'22

  Online Safety Bill returns to Parliament

  MPs and online safety experts have expressed concern about encryption-breaking measures contained in the Online Safety Bill as it returns to Parliament for the first time since its passage was paused in July

• December 09, 2022 09 Dec'22

  IT system limitations a factor in passport delays

  Limitations in the UK’s passport office IT system led to delays in applicants receiving their documents during a recent period of high demand

• December 08, 2022 08 Dec'22

  Consumers to get new protections against dodgy apps

  Government’s new code of practice will impose new privacy and security measures on app store operators and developers

• December 08, 2022 08 Dec'22

  Australia to develop new cyber security strategy

  New strategy to be developed by top cyber security experts aims to turn Australia into a global cyber leader, among other goals

• December 06, 2022 06 Dec'22

  Legacy IT magnifies cyber risk for Defra, says NAO

  Some 30% of Defra’s applications are currently unsupported, magnifying cyber risk as the government department struggles to make progress on a digital transformation programme

• December 06, 2022 06 Dec'22

  EU fails to protect human rights in surveillance tech transfers

  Transfers of surveillance technology from the European Union to African governments are carried out without due regard for the human rights impacts, the European Ombudsman has found after a year-long investigation into the European Commission’s ...

• November 30, 2022 30 Nov'22

  Microsoft 365 banned in German schools over privacy concerns

  German schools cannot legally use Microsoft Office 365 over lack of clarity about how data is collected, shared and used, as well as the potential for unlawful transfer of European citizens’ personal data to the US

• November 30, 2022 30 Nov'22

  South Staffs Water customer data leaked after ransomware attack

  Personal data of water utility’s direct debit customers exposed on the dark web following a Clop ransomware attack

• November 30, 2022 30 Nov'22

  NIS regulations to be extended to cover MSPs

  The UK government is moving ahead with plans to update the Network and Information Systems regulations to bring outsourcers and MSPs into scope

• November 28, 2022 28 Nov'22

  Panzura partners with AWS on ransomware counter-measures

  Panzura might have slipped beneath the waves, but it’s come back reinvigorated, and now boasts integration with AWS with ransomware protection and Outposts hardware

• November 25, 2022 25 Nov'22

  Data management, backup becoming the CISO's responsibility

  More and more CISOs are taking on responsibility for wider data management strategies, and this trend looks set to grow next year

• November 24, 2022 24 Nov'22

  Not-for-profit aims to encourage 1,300 girls into cyber careers

  CyNam, a not-for-profit cyber security initiative, is collaborating with industry, education providers and government to encourage young women into cyber

• November 23, 2022 23 Nov'22

  South Korea data adequacy pact brings £15m Brexit bonus

  UK government finalises a data adequacy agreement with South Korea, saying it will unlock a post-Brexit business bonus of just under £15m

• November 23, 2022 23 Nov'22

  Red team tool developer slams ‘irresponsible’ disclosure

  UK security firm MDSec defends its Nighthawk command and control penetration testing framework after suggestions were made that it could be appropriated by threat actors

• November 21, 2022 21 Nov'22

  NHS trust that deleted up to 90,000 emails cleared of deliberately concealing evidence

  A tribunal found in a high-profile case brought by whistleblower Chris Day that an NHS trust had not deliberately concealed evidence when a director deleted up to 90,000 emails before he was due to testify

• November 18, 2022 18 Nov'22

  Is Elon Musk’s Twitter safe, and should you stop using it?

  With a litany of security and compliance issues exposed and in many cases caused by Elon Musk’s takeover of social media platform Twitter, some may be asking if it’s still safe or appropriate to use

• November 18, 2022 18 Nov'22

  New gold standard to protect good faith hackers

  HackerOne’s new Gold Standard Safe Harbour statement will supposedly act as a guarantee for good faith hacking

• November 18, 2022 18 Nov'22

  CyberPeace Institute helps NGOs improve their security resilience

  Adrien Ogée of the CyberPeace Institute talks about his work supporting NGOs and humanitarian organisations, and how the security community at large can help protect the world’s most vulnerable people

• November 17, 2022 17 Nov'22

  Another Log4Shell warning after Iranian attack on US government

  The breach of a US federal body by an Iranian threat actor exploiting the Adobe Log4j Log4Shell vulnerability has prompted a fresh flurry of patching

• November 16, 2022 16 Nov'22

  Global network fragmentation a source of increasing risk

  Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures

• November 11, 2022 11 Nov'22

  MoD recruits Immersive Labs to bolster cyber resilience

  UK’s Ministry of Defence will run cyber drills and address its security talent gap with Immersive Labs’ CyberPro, Cyber Crisis Simulator and Application Security products

• November 09, 2022 09 Nov'22

  Optus earmarks A$140m to cover cost of data breach

  Optus sets aside A$140m as an exceptional expense for a customer remediation programme following a massive data breach that affected 10 million customers

• November 09, 2022 09 Nov'22

  UK’s National Cyber Advisory Board convenes for first time

  Government convenes National Cyber Advisory Board to further its goals of making the UK one of the safest places to live and work online

• November 09, 2022 09 Nov'22

  Microsoft serves smorgasbord of six zero-days

  November’s Patch Tuesday fixes significantly fewer vulnerabilities of late, but includes six actively-exploited zero-days, three of them of critical severity

• November 07, 2022 07 Nov'22

  Public sector IT projects need ethical data practices from start

  Data ethics needs to be integrated into public sector IT projects from the very start, and considered throughout every stage of the process, to be effective

• November 07, 2022 07 Nov'22

  Department for Education escapes £10m fine over data misuse

  Department entrusted data on 28 million children to a company called Trustopia, which turned out to be anything but trustworthy, but has escaped a £10m fine under new rules

• November 03, 2022 03 Nov'22

  Global coalition reaffirms commitment to fight ransomware

  Representatives of 36 countries, as well as the EU, attended the second International Counter Ransomware Initiative Summit in Washington DC

• November 01, 2022 01 Nov'22

  NCSC looks back on year of ‘profound change’ for cyber

  The NCSC ramped up its support for UK plc in the past 12 months, but it was events beyond the UK’s borders that proved the most impactful

• October 31, 2022 31 Oct'22

  Cyber crime officer says French legal challenges to EncroChat are ‘hype’

  Matthieu Audibert, officer of the French Gendarmerie’s cyber space command, gets into a spat with defence lawyers on Twitter over the lawfulness of evidence from the hacked phone network EncroChat

• October 27, 2022 27 Oct'22

  NCSC’s Levy steps down after 20-year intelligence career

  NCSC technical director Ian Levy bids farewell, telling his successor: ‘Don’t panic’

• October 27, 2022 27 Oct'22

  NHS to get new national CISO

  The Department for Health and Social Care is seeking a new national CISO, who will be tasked with providing strategic cyber leadership, direction and expertise across DHSC and the wider NHS