News

Regulatory compliance and standard requirements

• November 23, 2020 23 Nov'20

  Telcos could face huge fines under new security laws

  Government boasts of unprecedented powers to boost the security standards of the UK’s critical national infrastructure

• November 20, 2020 20 Nov'20

  Security pros fear prosecution under outdated UK laws

  CyberUp, a group of campaigners who want to reform the Computer Misuse Act, finds 80% of security professionals are concerned that they may be prosecuted just for doing their jobs

• November 19, 2020 19 Nov'20

  Data silos and IT complexity stifle business potential

  A study from 451 Research highlights the problems organisations face in managing data

• November 17, 2020 17 Nov'20

  Automated image recognition: How using ‘free’ photos on the internet can lead to lawsuits and fines

  Germany-based photographer Marco Verch uses computer scripts to populate the internet with topical images and photographs. People and companies who make mistakes in following the complex licensing terms of his ‘free to share and adapt’ photographs ...

• November 17, 2020 17 Nov'20

  Kaspersky shuts down data-processing activities in Russia

  Cyber security provider’s data storage and processing activities for customers in Europe, the US and Canada, have now been fully relocated to Switzerland

• November 16, 2020 16 Nov'20

  How Standard Chartered approaches cyber security

  Bank uses security-by-design principles and conducts red-teaming exercises among other measures to fend off cyber breaches

• November 16, 2020 16 Nov'20

  Privacy advocates call for European probe into Palantir

  Dutch group SOMI is trying to raise awareness of Palantir’s data privacy practices and how it works with European government agencies

• November 16, 2020 16 Nov'20

  Human error blamed in Welsh Covid-19 patient data leak

  Public Health Wales accepts recommendations of independent probe into data breach that saw PII on 18,105 coronavirus patients leaked

• November 13, 2020 13 Nov'20

  Ticketmaster fined £1.25m by ICO for failing to protect customer data

  Ticket website’s customer data was exposed through an attack on a third-party chatbot

• November 11, 2020 11 Nov'20

  Amazon charged with breaching EU antitrust rules

  Tech giant accused of using data it collects on smaller retailers to benefit its own e-commerce business

• November 11, 2020 11 Nov'20

  EU aid funds used to train ‘unaccountable intelligence agencies’ in high-tech surveillance

  Hundreds of documents obtained by campaign group Privacy International show how the EU is supporting surveillance programmes in the Balkans, the Middle East and Africa

• November 10, 2020 10 Nov'20

  IT Priorities 2020: After Covid-19, security goes back to basics

  This year’s transition to remote working highlighted big gaps in the fundamentals of security, as updated TechTarget/Computer Weekly data reveals

• November 09, 2020 09 Nov'20

  EU moves closer to encryption ban after Austria, France attacks

  Draft resolution document setting up an EU-wide ban on end-to-end encryption is set to be waved through this week

• November 06, 2020 06 Nov'20

  ICO sued over ‘failure’ to address ad industry practices

  Privacy campaigner the Open Rights Group claims the advertising technology industry is systematically breaching the GDPR, and the ICO is doing nothing about it

• November 05, 2020 05 Nov'20

  Singapore government rolls out digital signature service

  Individuals and businesses will soon be able to sign documents digitally using a new service on the Singapore government’s SingPass digital identity platform

• November 04, 2020 04 Nov'20

  EU to introduce data-sharing measures with US in weeks

  The European Commission is to issue updated standard contractual clauses (SCCs) that will allow organisations in the EU to exchange data with the US, but they may arrive too late to incorporate into UK law

• November 04, 2020 04 Nov'20

  India and Japan report stronger concern over cyber threats

  Security operations teams in the two Asian giants see the increased volume of cyber threats as their biggest challenge amid the Covid-19 pandemic

• November 03, 2020 03 Nov'20

  GDPR lawsuit against Oracle and Salesforce moves forward

  Class action suit seeks claims worth more than £10bn over the processing of personal information

• October 30, 2020 30 Oct'20

  ICO slashes Marriott breach fine to £18.4m

  Reduced fine reflects both improvements made to hotel group’s cyber security and impact of coronavirus on the travel and hospitality sector

• October 28, 2020 28 Oct'20

  Privacy and online safety are focus of new UKRI research funding

  Online safety research centre of excellence will look into technology to boost privacy and tackle disinformation, fake news, conspiracies and other online harms

• October 28, 2020 28 Oct'20

  Barracuda eyes Indochina markets

  Barracuda is looking to expand its local presence and headcount in fast-growing emerging markets of Vietnam, Cambodia and Laos

• October 27, 2020 27 Oct'20

  ICO slams Experian over ‘invisible’ data processing

  Data processing practices used by Experian broke data protection law, says Information Commissioner’s Office

• October 27, 2020 27 Oct'20

  Calls for clarity over Amazon insider breach

  Security experts call for more clarity from Amazon over an apparent leak of customer data

• October 27, 2020 27 Oct'20

  Sopra Steria hit by new version of Ryuk ransomware

  IT services company Sopra Steria says it has contained the ransomware virus, but systems will take a few weeks to be fully operational

• October 26, 2020 26 Oct'20

  Forrester: CIOs must prepare for Brexit data transfer

  With the end of the Brexit transition period just weeks away, multi-national organisations will need to re-evaluate how intercompany data is transmitted

• October 26, 2020 26 Oct'20

  Cooperation between Norway’s security agencies planned following cyber attack on parliament

  Government seeks to develop enhanced national IT infrastructure with an embedded early warning system and defence shield to protect the IT systems of public and private organisations

• October 22, 2020 22 Oct'20

  Protecting remote workers an opportunity to do security better

  Securing the fully remote workforce has been a challenge for IT teams, but it presents an opportunity to commit to a higher standard of cyber security, according to a Cisco report

• October 21, 2020 21 Oct'20

  NSA’s top CVE list a timely reminder to patch

  Many of the CVEs detailed on the NSA’s top 25 chart are golden oldies

• October 21, 2020 21 Oct'20

  Charities warned over ‘Robin Hood’ cyber criminals

  Accepting donations from cyber criminal groups could be deemed as profiting from crime, money laundering or handling stolen goods – so don’t do it

• October 20, 2020 20 Oct'20

  Police given access to self-isolation data

  NHS Test and Trace self-isolation data will be made available to police after new guidance changes data-sharing rules

• October 20, 2020 20 Oct'20

  BA breach penalty sets new GDPR precedents

  The 90% reduction in the fine levied on BA over a 2018 data breach has legal experts talking about the ramifications for the future of data protection

• October 16, 2020 16 Oct'20

  BA argues ICO data breach fine down to £20m

  Information Commissioner’s Office levies fine of £20m on British Airways for failing to protect the personal data of hundreds of thousands of passengers – a vast reduction on the initial £183m penalty

• October 16, 2020 16 Oct'20

  Spanish court to question witnesses over ‘illegal surveillance’ of WikiLeaks founder Julian Assange

  The Spanish National Court in Madrid is to hear evidence from information security expert Andy Müller-Maguhn and two lawyers who were subject to ‘illegal surveillance’  of their meetings with Julian Assange at the Ecuadorian Embassy in London

• October 15, 2020 15 Oct'20

  Cloud data protection keeps the Crick’s medical research Covid-secure

  Cloud data management services from Rubrik gave the Francis Crick Institute a data protection edge and have helped keep its vital work going through the pandemic

• October 14, 2020 14 Oct'20

  Public sector security failings leave UK at risk, says think tank

  Reform report urges adoption of new policies in the next version of the UK’s National Cyber Security Strategy

• October 14, 2020 14 Oct'20

  US Elections: Malicious internet domains spike as campaigns heat up

  Internet domains related to the US presidential election are 56% more likely to be malicious than regular ones

• October 14, 2020 14 Oct'20

  Fintech ‘unicorn’ Klarna probed over data misuse

  Online bank blames misuse of user data on human error as Information Commissioner’s Office weighs in

• October 13, 2020 13 Oct'20

  Suppliers neglecting virtual appliance security, putting users at risk

  Software suppliers are often distributing their products on virtual appliances that contain known vulnerabilities or are running outdated or unsupported operating systems, according to a report

• October 12, 2020 12 Oct'20

  Trickbot forced offline in major cyber security victory

  Coalition led by Microsoft obtained a court order enabling them to take down the infamous Trickbot botnet’s back-end server infrastructure

• October 12, 2020 12 Oct'20

  Five Eyes spy group again demands access to private messages

  Spooks are once again calling for the tech industry to break end-to-end encryption in messaging platforms

• October 12, 2020 12 Oct'20

  Making sense of zero-trust security

  Implementing zero-trust security is not an easy feat, but enterprises can still get it right if they approach it from a process perspective and get a handle on their infrastructure footprint

• October 08, 2020 08 Oct'20

  NCSC relaunches SME security guide with home working focus

  The NCSC is issuing an updated version of its guide to security for SMEs, reflecting the long-lasting changes to the world of work seen in 2020

• October 08, 2020 08 Oct'20

  Coronavirus face mask spammer fined by ICO

  The director of software company Studios MG spammed members of the public at the height of the pandemic as one of its directors tried to shift a job lot of face masks

• October 08, 2020 08 Oct'20

  Crown Prosecution Service suffers 1,600 data breaches in 12 months

  CPS sees a spike in data security incidents, many of them serious enough to be reported to the Information Commissioner’s Office

• October 08, 2020 08 Oct'20

  Threat of GDPR fines increasingly driving security buying decisions

  Scaring the people who hold the purse strings may be the best option for CISOs who need a little extra budget

• October 07, 2020 07 Oct'20

  5G regulation failures are a threat to UK’s national security

  Defence Committee report on the security of 5G brands existing regulations outdated and unsatisfactory

• October 07, 2020 07 Oct'20

  Department for Education failed to protect data on millions of children, says ICO

  The Department for Education’s National Pupil Database, which contains millions of items of data on the UK’s schoolchildren, was found to be non-compliant with data protection regulations across the board

• October 07, 2020 07 Oct'20

  ICO wraps up Cambridge Analytica investigation

  Information Commissioner’s Office concludes its investigation into Cambridge Analytica, saying no additional evidence has come to light that would change its previous assessments

• October 07, 2020 07 Oct'20

  Southeast Asia remains hotspot for cyber attacks

  Geopolitics and Covid-19 have been fodder for cyber criminals to advance their motives in Southeast Asia in 2020

• October 06, 2020 06 Oct'20

  EU’s top court questions legality of UK phone and internet data surveillance

  European Court of Justice rules that the UK and EU member states must comply with EU privacy laws when harvesting people’s sensitive communications data from telecoms and internet companies

• October 06, 2020 06 Oct'20

  CISOs struggle to keep up with MITRE ATT&CK framework

  Despite its proven benefits for security, the MITRE ATT&CK framework is proving difficult for many, according to a joint study from McAfee and UC Berkeley

• October 05, 2020 05 Oct'20

  FBI seized ‘legally privileged’ material from Ecuador Embassy, claims Julian Assange’s lawyer

  The US struck a secret deal with Ecuador to seize WikiLeaks founder Julian Assange’s property from the Ecuadorian Embassy in London days before his arrest. The haul included legally privileged documents, says his solicitor

• October 02, 2020 02 Oct'20

  Honesty is the best policy: Forging a security culture in the NHS

  Clinician and technologist Sam Shah helped set up NHSX in 2019. Now he’s helping advance digital transformation in healthcare from the outside, and a big part of that is addressing security in the sector

• October 02, 2020 02 Oct'20

  Security pros face sanctions if they help ransomware victims pay

  New advisory from the US government warns cyber insurance and incident response specialists that they could be skating on thin ice if they help ransomware victims pay their attackers off

• October 01, 2020 01 Oct'20

  Judge to give verdict on Julian Assange’s extradition after Christmas

  Judge Vanessa Baraitser said today that she would make a ruling in early January on whether WikiLeaks founder Julian Assange should be extradited to the US

• October 01, 2020 01 Oct'20

  WikiLeaks revelations ‘shed light of truth’ on war on terror, court hears

  WikiLeaks disclosures led to ‘revelations of extraordinary journalistic importance’ about detention in Guantamo Bay and civilian casualties in Iraq and Afghanistan

• September 30, 2020 30 Sep'20

  ‘American friends’ spied on Julian Assange in Ecuadorian Embassy, court hears

  Two former employees of UC Global, which provides security services to the Ecuadorian Embassy in London, claim the company shared surveillance footage with the US of the WikiLeaks founder meeting with lawyers and other visitors

• September 29, 2020 29 Sep'20

  NatWest offers online banking customers free security services

  Bank responds to a surge in cyber crime targeting users of online banking services

• September 28, 2020 28 Sep'20

  Julian Assange would be held in ‘solitary confinement’ in US jail

  WikiLeaks founder would be held in a cell the size of a parking space for 22 or 23 hours a day without contact with other inmates before trial

• September 28, 2020 28 Sep'20

  Sustrans opens door to NCSC cyber certification via the cloud

  Sustainable transport charity turned to Qualys to help it attain needed certifications to bid for government work

• September 28, 2020 28 Sep'20

  Police Scotland to set up new cyber crime centre

  National Centre of Excellence will employ specially trained officers to tackle a vertiginous rise in cyber crime

• September 28, 2020 28 Sep'20

  Security now main driving force behind digital transformation

  Organisations are urgently remodelling their core technology stack in the light of the Covid-19 pandemic, and this is pushing security to the top of the agenda

• September 24, 2020 24 Sep'20

  ‘Not unjust’ to extradite WilkiLeaks founder Julian Assange, court hears

  Nigel Blackwood, NHS consultant psychiatrist, told the Old Bailey court that WikiLeaks founder Julian Assange had ‘moderate depression’ and autistic traits, but said they did not prevent his extradition

• September 24, 2020 24 Sep'20

  NHS whistleblower privacy concerns passed on to regulator, but campaigners not holding their breath

  NHS Improvement chair Dido Harding acknowledges receiving concerns raised about the anonymity of whistleblowers, but campaigners have little faith that anything will be done

• September 24, 2020 24 Sep'20

  Government blasted over ‘reckless’ contact-tracing security

  The Open Rights Group and Big Brother Watch accuse the government of endangering public health with a reckless attitude to contact-tracing data security

• September 24, 2020 24 Sep'20

  Australians want more control over privacy

  Nearly nine in 10 Australians want more control and choice over the collection and use of their personal information amid declining trust in how organisations handle personal data, survey finds

• September 23, 2020 23 Sep'20

  Over half of firms intend to continue US data transfers despite Schrems II

  Survey shows many organisations do not intend to significantly change their data-sharing practices, at least until there is more guidance from regulators or governments

• September 22, 2020 22 Sep'20

  GDS reviewing Cloud First policy post-Schrems II

  Review seeks to determine the future of government engagement with cloud hosting services as they relate to cross-border data flows

• September 21, 2020 21 Sep'20

  Big questions to be answered over TikTok and WeChat reprieve

  TikTok and WeChat seem to have received a stay of execution, but big questions and contradictions remain

• September 21, 2020 21 Sep'20

  WikiLeaks video ‘electrified’ public to civilian war deaths, court hears

  New Zealand investigative journalist and author Nicky Hager said that WikiLeaks’ publication of a video showing a US helicopter firing on civilians, along with the publication of secret war logs, ‘electrified’ the world to civilian deaths

• September 18, 2020 18 Sep'20

  Congressman offered Julian Assange a ‘win-win’ deal that would help President Trump

  Details have emerged of US congressman Dana Rohrabacher’s offer of a pardon to WikiLeaks founder Julian Assange in a ‘win-win deal that would benefit US President Donald Trump

• September 17, 2020 17 Sep'20

  Saudi Arabia sees cyber security boom as coronavirus bites

  Saudi Arabian CIOs have been forced to increase their security posture as the Covid-19 pandemic transforms working methods

• September 17, 2020 17 Sep'20

  What are the habits of highly effective CISOs?

  Data crunched by Gartner analysts reveals the behaviours that differentiate the top-performing chief information security officers from the pack

• September 16, 2020 16 Sep'20

  NCSC steps up ransomware support for schools and universities

  New alert and updated guidance comes after several academic institutions were targeted in ransomware attacks

• September 15, 2020 15 Sep'20

  Gartner Security Summit: Covid-19 brings agile security to the fore

  The evolving threat landscape is the top driver impacting cyber security during the next three to five years, and Covid-19 has accelerated the trend towards more agile security deployments

• September 15, 2020 15 Sep'20

  TikTok-Oracle partnership moves forward for consideration

  Joint venture proposal could create thousands of jobs and secure TikTok’s future outside China

• September 15, 2020 15 Sep'20

  Data of every Welsh Covid-19 patient leaked online

  Data on all 18,105 people in Wales who have received positive tests for the coronavirus was uploaded to a public-facing web server in error

• September 11, 2020 11 Sep'20

  Travel industry websites are laughably insecure, claims Which?

  The travel industry is failing to take the data security of its customers seriously, according to a Which? investigation

• September 10, 2020 10 Sep'20

  Cyber security is next frontier for open source

  Open security will facilitate the interoperability and capabilities of cyber security tools while alleviating vendor lock-in for enterprises, says IBM

• September 08, 2020 08 Sep'20

  Julian Assange warned against interrupting witnesses in extradition hearing

  On the second day of his extradition hearing at the Old Bailey, judge informs the WikiLeaks founder he could be removed and potentially banned from court for interrupting witnesses

• September 07, 2020 07 Sep'20

  Court rejects request to exclude ‘11th hour’ US evidence against WikiLeaks founder Julian Assange

  Lawyers for Julian Assange say the US has introduced an 11th hour indictment against the WikiLeaks founder that provides additional grounds for his extradition

• September 07, 2020 07 Sep'20

  Government DPOs challenged by volume of GDPR work

  Data protection officers working across the UK government are finding it tough to keep up with the increased workload generated by GDPR, according to a report

• September 06, 2020 06 Sep'20

  Why predictive threat intelligence is key

  Threat intelligence startup Cyfirma is using virtual agents to gather intelligence on potential cyber attacks that are being coordinated in underground forums before they occur

• September 02, 2020 02 Sep'20

  Northumbria University suffers major disruption after cyber attack

  Some exams cancelled as university appoints external specialists to investigate incident

• September 01, 2020 01 Sep'20

  Vint Cerf: Why everyone has a role in internet safety

  The Covid-19 pandemic has demonstrated the power of internet connectivity. Vint Cerf talks to Computer Weekly about the challenges the internet now faces

• August 28, 2020 28 Aug'20

  Benefit fraud: Underground trade in stolen identities revealed

  A roaring underground trade in stolen identities is undermining the Universal Credit system and could potentially defraud it out of millions of pounds

• August 27, 2020 27 Aug'20

  DDoS downs New Zealand stock exchange for third day

  Distributed denial of service attack from overseas has left stock exchange offline for days

• August 27, 2020 27 Aug'20

  NHS whistleblowers’ anonymity at mercy of inadequate trust IT policies and processes

  They were clapped in the streets for their bravery at the height of the Covid-19 pandemic, but some NHS staff who raise workplace concerns are suffering abuse as a result

• August 25, 2020 25 Aug'20

  TikTok takes Trump to court

  Under-fire video app TikTok files a formal complaint in the federal courts challenging the Trump administration’s attempt to ban it in the US

• August 21, 2020 21 Aug'20

  TikTok’s GDPR compliance probed amid accusations of data misuse

  Dutch privacy organisation SOMI claims TikTok falls short in protecting young users, and that it is likely violating GDPR

• August 21, 2020 21 Aug'20

  MPs accuse ICO of failing to do its job on contact-tracing data

  Cross-party group of MPs say the ICO has failed to enforce data protection standards or hold the government to account over the unlawful Test and Trace programme

• August 21, 2020 21 Aug'20

  Australian regulator sues RI Advice for cyber security lapses

  The Australian Securities and Investments Commission is suing RI Advice for cyber security breaches at the financial firm’s authorised representatives

• August 20, 2020 20 Aug'20

  UKAS rejects ISO certification concerns

  UK’s certification body says refreshed guidance is in place to cover the possibility of lapsed ISO certifications

• August 20, 2020 20 Aug'20

  Social media data leak highlights murky world of data scraping

  A data brokerage left its database of 235 million Instagram, TikTok and YouTube profiles exposed to anybody who cared to access it

• August 19, 2020 19 Aug'20

  HMRC investigates over 10,000 Covid-19 phishing reports

  HM Revenue & Customs received thousands of reports of coronavirus phishing scams exploiting its name during April, May and June

• August 19, 2020 19 Aug'20

  Coronavirus: Thousands of ISO certifications set to lapse

  Delays and postponements in the auditing process are putting hard-earned security and data protection certifications at risk of lapsing

• August 19, 2020 19 Aug'20

  Marriott slapped with class action lawsuit over 2018 breach

  Group action brings together millions of victims who stayed at the Starwood hotel chain over a four-year period

• August 18, 2020 18 Aug'20

  Carnival cruise lines hit by ransomware, customer data stolen

  Cruise ship operator is likely to be the victim of a major data breach after customer information is apparently stolen in a ransomware attack

• August 18, 2020 18 Aug'20

  Reports Oracle to enter TikTok bidding war

  Oracle may be about to make a bid to acquire the US operations of TikTok from its Chinese parent ByteDance, according to the FT

• August 17, 2020 17 Aug'20

  The Security Interviews: How Crest is remaking the future of consultancy

  Crest president Ian Glover taught himself cyber security while working on government computing systems in the 1970s and 1980s. Now he is on a decade-spanning mission to change security consultancy models