News

Regulatory compliance and standard requirements

• June 07, 2022 07 Jun'22

  Software house Mega achieves holistic SaaS security with Synopsys

  Mega International, a supplier of IT management software, turned to Synopsys’s Coverity and Black Duck products to reassure both itself and its customers that its software-as-a-service offerings were built to the best possible security standards

• June 01, 2022 01 Jun'22

  EU must stand ground on cyber security, says Finland’s WithSecure

  Russian threat is serving to focus minds on cyber security across Europe, say executives at enterprise security company’s inaugural conference

• May 31, 2022 31 May'22

  Industrial systems not safe for the future, say Dutch ethical hackers

  Ethical hackers in the Netherlands say operational technology and IT networks need to be integrated to prevent cyber attacks penetrating their operations

• May 30, 2022 30 May'22

  ICO calls for police to end ‘excessive collection’ of personal data from rape and assault victims

  The UK’s information commissioner, John Edwards, has called for prosecutors and police to end the excessive collection of personal data from victims of rape and serious sexual assault

• May 26, 2022 26 May'22

  Two-thirds of UK organisations defrauded since start of pandemic

  Nearly two out of three UK companies say they have experienced some form of fraud or economic crime in the past two years, according to a report

• May 25, 2022 25 May'22

  Rubrik charts data security path

  Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from ransomware and other data security threats

• May 24, 2022 24 May'22

  ICO orders facial recognition firm Clearview AI to delete all data about UK residents

  UK data watchdog fines facial recognition company Clearview AI £7.5m for multiple privacy breaches. The firm, which offers services to law enforcement, faces growing pressure from regulators and legal action around the world

• May 19, 2022 19 May'22

  Defensive cyber attacks may be justified, says attorney general

  Speaking ahead of a speech at the Chatham House think tank, the UK’s attorney general has suggested defensive cyber attacks against hostile countries may be legally justifiable

• May 19, 2022 19 May'22

  Deliveroo accused of ‘soft union busting’ with GMB deal

  Smaller grassroots unions have criticised Deliveroo and GMB for making a “hollow” deal that will ultimately undermine workers’ self-organising efforts

• May 19, 2022 19 May'22

  Red teaming will be standard in Dutch governmental organisations by 2025

  The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest

• May 19, 2022 19 May'22

  Singapore opens security testing centre

  Joint centre set up by the Cyber Security Agency of Singapore and a local university will facilitate security testing and train security evaluation talent

• May 17, 2022 17 May'22

  Australian CISOs least prepared for cyber attacks

  Australian CISOs are under pressure and feel the least prepared globally to deal with the consequences of a cyber attack, study finds

• May 16, 2022 16 May'22

  Europol gears up to collect big data on European citizens after MEPs vote to expand policing power

  The European Parliament has voted to expand Europol’s role, legalising its processing of bulk datasets containing personal information and endorsing research into predictive policing technologies

• May 16, 2022 16 May'22

  Keeping Singapore’s critical systems secure

  Tracy Thng offers a glimpse into her work in strengthening the cyber resilience of 11 essential service sectors in Singapore

• May 12, 2022 12 May'22

  GPDPR data scrape a ‘mistake’, says leading scientist

  Giving evidence to the Science and Technology Committee, academic, physician and science writer Ben Goldacre has expressed serious misgivings about the on-hold GPDPR NHS data scrape

• May 11, 2022 11 May'22

  CyberUK 22: Five Eyes focuses on MSP security

  The western intelligence community has set out practical steps IT service providers and their customers can take to protect themselves

• May 11, 2022 11 May'22

  CyberUK 22: Data-sharing service to protect public from scams

  A new data-sharing service set up by the NCSC and industry partners will give ISPs access to real-time threat data that they can use to block fraudulent websites

• May 11, 2022 11 May'22

  Cyber accreditation body Crest forges new training partnerships

  Crest says partnerships with Hack The Box and Immersive Labs will enhance its members’ defensive and offensive security skills

• May 11, 2022 11 May'22

  Nationwide stops thousands more attempted frauds with Strong Customer Authentication

  Nationwide Building Society is blocking an additional 2000 attempted online shopping frauds a month through extra checks

• May 11, 2022 11 May'22

  EU plans to police child abuse raise fresh fears over encryption and privacy rights

  Draft regulation unveiled today will require internet and messaging firms to use algorithms to identify grooming and child abuse or face heavy fines

• May 10, 2022 10 May'22

  CyberUK 22: Cyber leaders affirm UK’s whole-of-society strategy

  On the opening day of CyberUK 2022, GCHQ director Jeremy Fleming and NCSC CEO Lindy Cameron have spoken of their commitment to the government’s ambition for a whole-of-society cyber strategy

• May 10, 2022 10 May'22

  CyberUK 22: Wales splashes £9.5m on cyber innovation hub

  A new innovation hub hopes to spur on cyber security innovation in Wales

• May 06, 2022 06 May'22

  UK digital markets regulator to be given statutory powers

  Digital Markets Unit will be put on statutory footing by UK government to ensure technology giants do not abuse market power, but announcement comes with no clear indication of when legislation will be introduced

• May 04, 2022 04 May'22

  UK government puts pressure on IT sector to clean up app security

  Apps can be exploited to carry malicious payloads that steal personal information and cause financial loss – and not enough is being done to secure them

• April 28, 2022 28 Apr'22

  Manufacturer sues JPMorgan after cyber criminals stole $272m

  Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity

• April 26, 2022 26 Apr'22

  Coralogix makes foray into cyber security with Snowbit

  Observability platform supplier Coralogix has set up a cyber security venture and a global security resource centre in India to tap the growth opportunities in the subcontinent

• April 22, 2022 22 Apr'22

  How Adnovum is leveraging its Swiss roots

  Software company Adnovum is leveraging its strengths in identity and access management and its Swiss heritage as it expands into new markets and areas such as zero-trust security

• April 22, 2022 22 Apr'22

  UAE bolsters cyber security

  The United Arab Emirates has successfully improved its security posture amid mounting cyber threats

• April 22, 2022 22 Apr'22

  Finance regulator identifies challenger bank financial crime weaknesses

  Financial Conduct Authority review finds challenger banks need to do more to prevent their platforms being used to commit financial crime, such as money laundering

• April 21, 2022 21 Apr'22

  Five Eyes in new Russia cyber warning

  Latest cross-body alert warns of Russian threat to utilities and other core elements of national infrastructure

• April 20, 2022 20 Apr'22

  One-third of scams that hit TSB are impersonation fraud

  TSB reports an increase in fraudsters impersonating trusted organisations to trick consumers into making payments to them

• April 14, 2022 14 Apr'22

  Lack of expertise hurting UK government’s cyber preparedness

  UK government bodies and critical infrastructure owners cite a lack of staff resources, and internal and external expertise, as hampering factors when it comes to cyber readiness, according to a report

• April 14, 2022 14 Apr'22

  Government agrees bulk surveillance powers fail to protect journalists and sources

  Campaign group Liberty to launch legal appeal that will call for journalists to receive stronger legal protections from state surveillance

• April 13, 2022 13 Apr'22

  Microsoft patches two zero-days, 10 critical bugs

  Patch Tuesday is here once again. This month, security teams must fix two privilege escalation zero-days in the Windows Common Log File System Driver and the Windows User Profile Service

• April 12, 2022 12 Apr'22

  Universal IAM policy failings put cloud environments at risk

  Almost all organisations lack appropriate IAM policy controls to effectively secure their data in the cloud, according to a damning study

• April 11, 2022 11 Apr'22

  Singapore to start licensing cyber security service providers

  Those providing penetration testing and SOC services will need to apply for a licence under a new licensing regime that is expected to safeguard consumer interests and improve service standards

• April 11, 2022 11 Apr'22

  Border IT system fixed after 10-day outage

  Post-Brexit border IT system failure fixed after going down at the start of April, allowing traders to once again file customs documents electronically rather than by hand

• April 08, 2022 08 Apr'22

  EncroChat: France says ‘defence secrecy’ in police surveillance operations is constitutional

  Constitutional court finds that invoking ‘defence secrecy’ to withhold information about the state hacking of EncroChat cryptophones is constitutional. Defence lawyers now head for the supreme court

• April 07, 2022 07 Apr'22

  MPs and editors sound alarm over threat to Freedom of Information

  Government secrecy and trend for departments to block Freedom of Information requests pose a long-term risk to accountability

• April 05, 2022 05 Apr'22

  Secrecy over police EncroChat hacking is unconstitutional, defence lawyers tell top French court

  France’s constitutional court, the Conseil Constitutionnel, has heard arguments that the use of ‘defence secrecy’ to withhold information about police surveillance operations breaches the French constitution

• April 05, 2022 05 Apr'22

  Discount retailer The Works hit by cyber attack

  A small number of The Works’ bricks-and-mortar stores were forced to close amid a cyber attack of an undisclosed nature

• April 01, 2022 01 Apr'22

  TechUK calls on government to seize post-Brexit data opportunities

  Ahead of the government’s reply to its late 2021 consultation about proposed post-Brexit reforms to the data protection regime, TechUK has published a paper declaring six data governance principles

• March 31, 2022 31 Mar'22

  Global upheaval shows cyber security isn’t good enough, says GCHQ director

  Generational global upheaval has laid bare significant gaps in national cyber strategies, GCHQ chief Jeremy Fleming has said in a speech

• March 30, 2022 30 Mar'22

  One-third of UK firms suffer a cyber attack every week

  New statistics from the annual DCMS Cyber security breaches survey reveal the extent and frequency with which UK organisations are being attacked by malicious actors

• March 29, 2022 29 Mar'22

  Overhaul of UK police tech needed to prevent abuse

  Lords inquiry finds UK police are deploying artificial intelligence and algorithmic technologies without a thorough examination of their efficacy or outcomes, and are essentially ‘making it up as they go along’

• March 29, 2022 29 Mar'22

  FCA reports 52% jump in security incidents

  The Financial Conduct Authority received 116 cyber incident reports in 2021, a fifth of them involving ransomware

• March 29, 2022 29 Mar'22

  Singapore rolls out cyber security certification scheme

  Two new cyber security marks are expected to provide an edge for Singapore businesses with good cyber security practices

• March 28, 2022 28 Mar'22

  IT professionals wary of government campaign to limit end-to-end encryption

  Members of the Chartered Institute of IT, the professional body for technology professionals in the UK, warn against limiting end-to-end encryption

• March 25, 2022 25 Mar'22

  US offers concessions on surveillance and privacy as EU and US agree successor to Privacy Shield

  EU and US agree data privacy framework allowing trans-Atlantic data transfers after US offers concessions on surveillance and new rights of redress for EU citizens

• March 23, 2022 23 Mar'22

  NHS urgent care provider uses ID and access management to reduce complexity for clinicians

  Provider of care through NHS 111 is using a cloud-based identity and access management system to remove the need for clinicians to remember multiple passwords