News

Regulatory compliance and standard requirements

• June 10, 2020 10 Jun'20

  Nasty surprises lurking in furloughed employees’ inboxes

  Research conducted by KnowBe4 points to a looming email security problem as furloughed employees head back to work

• June 10, 2020 10 Jun'20

  How Australian firms can defend against supply chain attacks

  Supply chain security risks can wreak havoc if measures are not taken to deter cyber attackers from exploiting a supplier’s security gaps to target another firm

• June 04, 2020 04 Jun'20

  The Security Interviews: How the BSI protects the IoT from itself

  David Mudd of the BSI reveals how a pragmatic and realistic approach to security vulnerabilities underpins its internet of things kitemark, helping give users the confidence to buy smart devices safely

• June 04, 2020 04 Jun'20

  Malaysian minister backtracks on spectrum allocation decision

  Amid reports of a surreptitious decision to allocate spectrum to five Malaysian operators, the communications minister rescinds his own order, calling for a more transparent review of the allocation process

• June 02, 2020 02 Jun'20

  NIS security regulations proving effective, but more work to do

  The UK’s NIS cyber security and risk regulations are proving somewhat effective, according to a government report

• May 29, 2020 29 May'20

  Government launches IoT security funding round

  A £400,000 funding pot is on offer for innovators to design schemes that boost internet-of-things security

• May 29, 2020 29 May'20

  Singapore’s contact-tracing app tops privacy study

  Singapore’s TraceTogether is least intrusive in terms of privacy communications compared with similar apps in the region, study finds

• May 28, 2020 28 May'20

  Public Health England to keep contact-tracing data for 20 years

  PHE will retain the data it collects via the NHS Test and Trace programme for 20 years

• May 27, 2020 27 May'20

  Revealed: Surveillance camera network that covered Dominic Cummings’ lockdown travel

  A network of automatic number plate recognition and local authority traffic cameras could help police track Downing Street chief of staff Dominic Cummings’ journeys to Durham and Barnard Castle during the Covid-19 lockdown

• May 26, 2020 26 May'20

  Max Schrems accuses Ireland of ‘Kafkaesque’ delay in Facebook GDPR investigation

  Privacy campaigner Max Schrems has urged the European Commission to intervene after the Irish Data Protection Commission allegedly used ‘Kafkaesque’ tactics to delay investigations into Facebook’s compliance with GDPR

• May 26, 2020 26 May'20

  The Security Interviews: Temper tantrums ahead as GDPR enters its terrible twos?

  On the General Data Protection Regulation’s second birthday, Tim Hickman, a data protection lawyer and partner at White & Case LLP, discusses the regulation’s teething troubles and assesses how best to maintain optimum compliance

• May 25, 2020 25 May'20

  Coronavirus: Australia calls for stronger defences amid cyber attacks

  The Australian Cyber Security Centre offers guidance for critical infrastructure operators to guard against cyber attacks which have already hit the healthcare sector

• May 22, 2020 22 May'20

  EasyJet to be sued over customer data breach

  If successful, airline’s potential liability for the loss of millions of customer records could be as high as £18bn

• May 22, 2020 22 May'20

  Hancock to Harman: No contact-tracing privacy law

  Health secretary claims existing data protection law is good enough to guarantee the security of contact-tracing data

• May 20, 2020 20 May'20

  NCSC discloses multiple vulnerabilities in contact-tracing app

  National Cyber Security Centre has received mountains of feedback on the security of the government’s Covid-19 contact-tracing app, and has now taken the step of making multiple disclosures

• May 20, 2020 20 May'20

  Responsible Cyber acquires Secucial in S$7m deal

  Singapore startup Responsible Cyber plans to bolster its Immune platform with access control management capabilities, and sets out to expand its global footprint

• May 19, 2020 19 May'20

  GDPR wholly inappropriate to govern contact-tracing data

  Human Rights Committee Chair Harriet Harman says current data protection law is not up to the job of governing the data collected by the Covid-19 contact-tracing app

• May 19, 2020 19 May'20

  Cancelled NCSC CyberUK event gets green light for 2021

  The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales

• May 19, 2020 19 May'20

  Huawei: US using technological strengths to ‘crush’ companies outside its own borders

  Chinese tech giant hits back at White House decision to extend technology ban and says it will ultimately be self-harming

• May 14, 2020 14 May'20

  Harman seeks to bring private member’s bill over contact tracing

  Chair of Human Rights Committee aims to put the proposed Contact Tracing (Data Protection) Bill 2020 before parliament as a private member’s bill if necessary

• May 13, 2020 13 May'20

  Report reveals inadequate cyber security at Schiphol Airport

  A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport

• May 13, 2020 13 May'20

  Nation state APT groups prefer old, unpatched vulnerabilities

  The Cybersecurity and Infrastructure Security Agency and the FBI have published details of the most commonly exploited vulnerabilities of recent years, and there are some “classics” on the list

• May 13, 2020 13 May'20

  Can Lady Gaga and Madonna get people to take security seriously?

  What does it take to get people to pay attention to cyber security? A celebrity law firm hack may hold some answers

• May 13, 2020 13 May'20

  European comms bodies set up standards group, call for vigilance on contact-tracing apps

  New ETSI group will develop standardisation framework for secure smartphone-based proximity tracing systems, helping to break Covid-19 transmission chains

• May 12, 2020 12 May'20

  Draft Covid-19 contact tracing legislation proposes formal oversight

  Human Rights Committee chair Harriet Harman has outlined a proposed bill to guarantee the security and privacy of data generated by the UK’s Covid-19 contact tracing app

• May 12, 2020 12 May'20

  Details released of second UK contact-tracing app development

  Contractual documents show Zuhlke Engineering receiving an official start date of 6 May to supply a managed delivery team to support and run proximity mobile application and services for the UK

• May 12, 2020 12 May'20

  Police failing to consult public on new technologies

  A freedom of information campaign has revealed that UK police are largely failing to consult the public on their use of new technologies, with the potential to undermine the principle of policing by consent

• May 12, 2020 12 May'20

  APAC firms still coming to grips with data protection

  More governments in Asia are implementing data protection regimes, but challenges such as checkbox compliance and the lack of effective staff training remain

• May 12, 2020 12 May'20

  How Australian firms can plug data protection gaps

  Australian organisations can address data protection challenges by creating roles such as a data governance lead, classifying data and improving employee awareness of cyber hygiene

• May 12, 2020 12 May'20

  Banks failing to protect customers from coronavirus fraud

  Just 13 of the 64 banks accredited for the government’s Coronavirus Business Interruption Loan Scheme have implemented Dmarc protection

• May 07, 2020 07 May'20

  Contact-tracing app fails to protect privacy and human rights

  Reassurances over the security and human rights implications of NHSX’s approach to developing its Covid-19 contact-tracing app are insufficient, says the cross-bench Human Rights Committee

• May 07, 2020 07 May'20

  Facebook announces oversight board members

  New board will rule on freedom of expression issues and make policy recommendations to social media giant.

• May 07, 2020 07 May'20

  FBI search warrants reveal Trump aide’s messages to WikiLeaks founder Julian Assange

  FBI search warrants reveal Trump campaigner Roger Stone sent private messages to WikiLeaks founder Julian Assange after the site published thousands of documents that damaged Hillary Clinton’s election campaign

• May 05, 2020 05 May'20

  Building security and privacy into contact-tracing apps

  Governance and data decentralisation are among measures that organisations can take to allay security and privacy concerns over contact-tracing apps, according to RSA

• May 04, 2020 04 May'20

  NHSX contact-tracing app needs legislative oversight

  Legal experts have told Parliament’s Human Rights Committee that legislation is desirable to ensure public trust in the data security of the Covid-19 coronavirus contact-tracing app

• May 04, 2020 04 May'20

  IT Priorities 2020: Compliance and risk are top security concerns

  When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study

• May 01, 2020 01 May'20

  NCSC tackles unconscious bias in security terminology

  The terms whitelisting and blacklisting are out at the UK’s National Cyber Security Centre

• April 29, 2020 29 Apr'20

  IMDA to issue 5G spectrum to Singtel and StarHub-M1 venture

  Singapore’s telco regulator will award 5G spectrum to major operators whose proposals have exceeded its requirements in some cases

• April 29, 2020 29 Apr'20

  Coronavirus: Call for extension to European payment security standard deadline

  Payment processors across Europe want more time to meet the SCA payment security standard

• April 27, 2020 27 Apr'20

  Julian Assange extradition hearing postponed amid coronavirus lockdown

  Julian Assange’s lawyers say they have been unable to communicate or share legal documents with the WikiLeaks founder to enable them to prepare a defence in time for a planned extradition hearing in May

• April 27, 2020 27 Apr'20

  UK tech companies launch online safety body

  Online Safety Tech Industry Association unites 14 technology companies to drive conversation and policy around online safeguarding

• April 27, 2020 27 Apr'20

  Australia’s CovidSafe app debuts, source codes to follow

  Australia’s contact tracing app has been downloaded more than 1.1 million times, even as privacy concerns linger on

• April 23, 2020 23 Apr'20

  Ransomware-stricken Travelex up for sale

  Travelex’s parent Finablr is washing its hands of the ransomware-stricken forex provider as it struggles with the twin shocks of the Covid-19 pandemic and a developing fraud scandal

• April 23, 2020 23 Apr'20

  Public authorities set to receive expanded surveillance powers

  UK government wants to extend the number of public authorities able to obtain communications data using mass surveillance

• April 20, 2020 20 Apr'20

  IT services company Cognizant warns customers after ‘Maze’ ransomware attack

  US IT services company Cognizant alerts customers after the Maze ransomware group launches a cyber attack

• April 20, 2020 20 Apr'20

  Dutch organisations address business email compromise fraud

  Public-private partnership in the Netherlands works to break the chains used by fraudsters to carry out BEC attacks

• April 20, 2020 20 Apr'20

  Australian workers are weakest link in fight against cyber attacks

  About four in 10 employees are sharing inappropriate data across mobile devices and half of all security incidents in 2019 occurred through inappropriate IT use, new study finds

• April 17, 2020 17 Apr'20

  Coronavirus: How Nominet fights back against malicious domains

  Domain name registry has thwarted hundreds of attempts to register malicious .uk domain names during the coronavirus pandemic

• April 17, 2020 17 Apr'20

  EU warns no compromise on privacy as NHS clashes with tech firms on contact tracing

  EU and UK regulators express data privacy concerns days after Silicon Valley giants announce collaboration on contact-tracing apps to prevent the spread of the Covid-19 coronavirus

• April 17, 2020 17 Apr'20

  Coronavirus: Security certification body puts exams online

  Candidates for certification by the International Association of Privacy Professionals will now be able to sit their exams remotely

• April 15, 2020 15 Apr'20

  Coronavirus: ICO temporarily relaxes regulatory approach

  The Information Commissioner’s Office sets out a revised approach to its regulatory duties during the Covid-19 coronavirus pandemic

• April 06, 2020 06 Apr'20

  BA and Marriott get GDPR fine reprieve

  Both British Airways and Marriott International have had their General Data Protection Regulation fines deferred until later in 2020

• April 03, 2020 03 Apr'20

  Covid-19 apps pose threat to digital privacy on a global scale

  Digital security firm Surfshark has reviewed a number of apps aimed at tackling the spread of coronavirus, and found that many pose a threat to people’s digital privacy

• April 02, 2020 02 Apr'20

  Morrisons appeal success is cold comfort for enterprises

  The success of Morrisons’ appeal against judgments that it should be held vicariously liable for an insider data breach will be welcomed by businesses, but may be of limited comfort to them

• April 01, 2020 01 Apr'20

  Swedbank to rebuild anti-money laundering systems after damning report

  Report finds that €36.7bn in transactions, all carrying a high risk for money laundering, were processed through the bank’s branch network in Estonia, Latvia and Lithuania

• March 31, 2020 31 Mar'20

  Marriott International hotel chain in second data breach

  Marriott International notifies customers of a major data breach that unfolded earlier in 2020 – the second it has experienced in the past two years

• March 27, 2020 27 Mar'20

  Lorca calls on security scaleups to tackle coronavirus challenge

  Lorca innovation programme has launched an open call for its next cohort of cyber security scaleups, with a timely focus on coronavirus challenges

• March 26, 2020 26 Mar'20

  Coronavirus: What are the latest free cyber security offers?

  We round up the latest free offers on cyber security products and services being made available during the Covid-19 coronavirus crisis

• March 26, 2020 26 Mar'20

  Developed APAC states most exposed to cyber risks

  Singapore, South Korea, Japan, Australia and New Zealand have the highest exposure to cyber risks, but they are also the most prepared to deal with cyber attacks, study finds

• March 25, 2020 25 Mar'20

  Almost half of UK businesses suffered a cyber attack in past year

  Latest government statistics reveal the scale of the cyber security challenge facing UK plc, but reveals some cause for optimism

• March 23, 2020 23 Mar'20

  Coronavirus: Kaspersky, Bitdefender make products free to NHS

  Kaspersky and Bitdefender have both made various products and services available free to healthcare customers as the Covid-19 coronavirus pandemic intensifies

• March 22, 2020 22 Mar'20

  Cyber gangsters hit UK medical firm poised for work on coronavirus with Maze ransomware attack

  The Maze ransomware group has published personal and medical details of thousands of former patients of a London-based medical research company after a failed attempt to disable the firm's computer systems

• March 20, 2020 20 Mar'20

  UK Coronavirus Bill relaxes restrictions on mass surveillance powers

  Emergency legislation would massively expand state surveillance and police detainment powers

• March 18, 2020 18 Mar'20

  Prudential turns to AI to secure computer networks against cyber attacks

  Prudential, the UK’s largest listed insurer, is turning to artificial intelligence to protect its computer networks in the US, Asia and Africa from malware hackers and internal threats

• March 17, 2020 17 Mar'20

  Travelex under threat as insolvency risk, hacking costs and coronavirus take their toll

  Foreign exchange group’s future remains uncertain as its parent company, Finablr, prepares for potential insolvency

• March 17, 2020 17 Mar'20

  UN identifies tech companies working in Occupied Palestinian Territories

  United Nations Human Rights Office report names a number of technology companies that could be involved in violating human rights

• March 17, 2020 17 Mar'20

  UK makes its case for post-Brexit data adequacy decision

  Government sets out an explanatory framework as it seeks adequacy decisions from the European Commission to maintain the free flow of personal data between the European Union, the UK and Gibraltar

• March 13, 2020 13 Mar'20

  Equality watchdog calls on police to stop using facial recognition

  Equalities and Human Rights Commission says use of automatic facial recognition and predictive algorithms by police is discriminatory, stifles freedom of expression and lacks a proper legislative framework

• March 11, 2020 11 Mar'20

  Cross-regulator taskforce on digital economy announced in 2020 Budget

  UK regulators will join forces to look at how the potential regulation of the digital platforms and advertising markets would work

• March 11, 2020 11 Mar'20

  Microsoft fixes 26 critical vulnerabilities in another heavy Patch Tuesday

  March’s Patch Tuesday is another big one for Microsoft, addressing 115 vulnerabilities, 26 of them critical

• March 10, 2020 10 Mar'20

  Inside Oracle’s cloud strategy

  Oracle may be late to the cloud infrastructure and platform game, but it believes it has what it takes to carve out a bigger slice of the Asia-Pacific’s cloud market

• March 09, 2020 09 Mar'20

  Bill Gates backs Crest fintech security scheme for Africa and Asia

  UK-based cyber security accreditation and certification non-profit Crest has been awarded a $1.4m grant from the Bill and Melinda Gates Foundation to expand cyber security capacity for fintechs in Africa and Asia

• March 06, 2020 06 Mar'20

  Virgin Media confirms 'misconfigured database' left personal data of 900,000 people exposed

  Telco provider Virgin Media confirms 'data incident' that left personal details of 900,000 people exposed, but denies its systems were hacked or that it suffered a data breach

• March 05, 2020 05 Mar'20

  Cathay Pacific hit with £500,000 data protection fine from ICO over 2018 breach

  Airline receives maximum financial penalty under Data Protection Act for data breach that led to nine million customers having their personal data accessed by hackers

• March 04, 2020 04 Mar'20

  Australian government pulls plug on cloud certification programme

  The Australian Signals Directorate is closing its cloud services certification programme to allow for more home-grown suppliers

• March 03, 2020 03 Mar'20

  Singapore among world’s top sources of online threats

  Singapore remained a hotspot for originating cyber attacks in 2019, with 11 million attacks launched from servers in the city-state

• March 01, 2020 01 Mar'20

  Data breaches in Australia showing no signs of abating

  Compromised login credentials and human error were the most common causes of data breaches reported under Australia’s notifiable data breach regime from July to December 2019

• February 27, 2020 27 Feb'20

  Clearview hack fuels debate over facial recognition

  Customers of Clearview AI, a controversial startup that scrapes and sells billions of photos of people from social media to police forces, have found themselves at the centre of a major data breach

• February 26, 2020 26 Feb'20

  FCA data breach could happen to anybody, but easy to avoid

  Minor data breach at the Financial Conduct Authority was the result of simple human error, and highlights the need for organisations to consider a wide range of potential threats

• February 26, 2020 26 Feb'20

  Met Police chief backs legislative framework for police tech

  Met Police commissioner has called for legislative framework to govern police use of new technologies, while defending the decision to use live facial recognition technology operationally without it

• February 25, 2020 25 Feb'20

  Google warns users not to mess with Huawei devices

  Google tells users of Huawei devices to try to avoid bypassing controls preventing them from loading its apps

• February 25, 2020 25 Feb'20

  Cloud data leaks compounded by lack of automation tools

  Data leaks caused by misconfigured clouds are being compounded because security teams lack appropriate automation and integration tools, according to a report

• February 24, 2020 24 Feb'20

  Thai university to roll out data protection certification

  Thailand’s National Institute of Development Administration is offering a certification programme to get organisations ready for the country’s data protection regime

• February 24, 2020 24 Feb'20

  Assange extradition is a politically motivated ‘abuse of power’, court hears

  US government’s attempt to extradite WikiLeaks founder Julian Assange to face espionage charges in the US is politically motivated and an abuse of process, court told

• February 19, 2020 19 Feb'20

  Blasé directors put business data at risk

  The higher up within a business you go, the more likely you are to find people intentionally leaking confidential data, says Egress

• February 18, 2020 18 Feb'20

  Most CISOs ready to move jobs if something better comes along

  The shortage of skilled security pros is creating an active recruitment market, with over 80% of CISOs saying they would consider a new role if approached

• February 18, 2020 18 Feb'20

  Veeam Availability Suite v10 adds NAS backup and cloud tiering

  Availability Suite is mostly about consolidating the company’s data management platform idea, but it has added incremental forever NAS backup, cloud tiering and recovery to vSphere

• February 17, 2020 17 Feb'20

  Mastercard opens European security resilience unit

  Mastercard’s European Cyber Resilience Centre will bring together its partners and other industry bodies to support enterprise resilience

• February 14, 2020 14 Feb'20

  PM Johnson shuffles technology and digital ministers again

  Boris Johnson has changed all the key Cabinet appointments responsible for tech and digital policy for the second time since becoming prime minister last year

• February 11, 2020 11 Feb'20

  MI5 failed to disclose failings in handling intercepted data, court hears

  MI5 failed to disclose serious failures in the way it handled intelligence data to the Investigatory Powers Tribunal, the surveillance regulator and ministers.

• February 11, 2020 11 Feb'20

  Tencent Cloud gains multi-tier cloud security certification

  China's Tencent Cloud joins major cloud suppliers in securing tier three of Singapore’s Multi-Tier Cloud Security standard in a bid to grow its presence in Asia

• February 10, 2020 10 Feb'20

  Police use of facial recognition ‘unjustifiable’, says Scottish Justice Committee

  Members of the Scottish Parliament have said police use of live facial recognition technology is “not fit for purpose”

• February 10, 2020 10 Feb'20

  What should be in Australia’s next cyber security strategy

  The Australian government is reviewing the nation’s cyber security strategy, but is it looking at the right issues?

• February 10, 2020 10 Feb'20

  Norway braces for possible China backlash over 5G loss

  Norway fears trading relationship with China will suffer as a result of Huawei losing 5G contract to Ericsson

• February 06, 2020 06 Feb'20

  Stressed, overworked CISOs losing £23k a year in unpaid overtime

  Nominet’s latest CISO Stress Report has revealed the extent to which organisations are taking advantage of their security staff, and the deleterious effects of overwork and stress on mental health

• February 04, 2020 04 Feb'20

  Social media targeting algorithms need regulation, says CDEI

  The Centre for Data Ethics and Innovation is recommending regulation of social media algorithms as part of a drive to make user targeting safe and ethical

• February 04, 2020 04 Feb'20

  MI5 faces court ruling over unlawful surveillance warrants

  Privacy groups Liberty and Privacy International ask the Investigatory Powers Tribunal to order MI5 to disclose full details of ‘unlawful’ conduct, after classified documents reveal the spy agency failed to comply with surveillance laws

• February 03, 2020 03 Feb'20

  NHS adds supplier security audits to procurement platform

  A new feature in the NHS’s Edge4Health procurement platform will help NHS suppliers improve their cyber security posture and NHS organisations make better buying decisions

• January 31, 2020 31 Jan'20

  Davos: The clock is ticking on climate change but cyber crime and emerging technologies add to risks

  Climate change, natural disasters, extreme weather and loss of biodiversity are the greatest risks we face. With cyber conflicts, state-sponsored hacking and internet fragmentation, doing nothing is not an option, says the World Economic Forum

• January 30, 2020 30 Jan'20

  NCSC launches study on cyber security diversity

  The UK’s National Cyber Security Centre wants to improve the diversity of the cyber security sector