News

Regulatory compliance and standard requirements

March 20, 2013 20 Mar'13
IDL activates ‘cat-signal’ to protest against Cispa

Activists use an internet signalling system to co-ordinate protests against the proposed US Cyber Intelligence Sharing and Protection Act (Cispa)
March 20, 2013 20 Mar'13
CESG says BlackBerry’s new BB10 software not secure enough

The government's technical security advisor CESG says BlackBerry's new BB10 software is not secure enough for essential work
March 19, 2013 19 Mar'13
Cyber attacks must avoid civilian targets, says Nato manual

State-sponsored cyber attacks must avoid sensitive civilian targets such as hospitals, dams and nuclear power stations, according to an advisory manual on cyber warfare compiled for Nato
March 18, 2013 18 Mar'13
Court rules FBI access to private data unconstitutional

A US court has ruled that “national security letters” to obtain citizens’ private data are a breach of the constitution’s first amendment

March 07, 2013 07 Mar'13
EU states likely to force changes to proposed data protection rules

A group of EU member states is likely to force the European Commission to soften proposals for tough new data protection regulations
March 07, 2013 07 Mar'13
UK laxity on BYOD raises data loss risk, says ICO

YouGov survey reveals many UK employers are not providing guidance on the usage of own devices at work, putting personal information at risk
March 07, 2013 07 Mar'13
Barclays streamlines phone banking with voice biometrics

Barclays wealth investment management has been using voice biometrics from Nuance to streamline authentication when clients call
March 05, 2013 05 Mar'13
ICO highlights funding challenges as it launches new three-year plan

The Information Commissioner’s Office (ICO) highlights funding challenges as it launches its new three-year corporate plan
March 05, 2013 05 Mar'13
Commentators cast doubt on Pirate Bay's North Korea relocation claims

Technology websites cast doubt on claims by file-sharing site The Pirate Bay that it has moved to North Korea after being ejected from Sweden
March 04, 2013 04 Mar'13
Government opens consultation on cyber risk

The UK government plans to select an organisational standard that best meets the requirements for effective cyber risk management

March 01, 2013 01 Mar'13
RSA 2013: Standards core to LA County security strategy

Standards are the key to a successful security strategy, says Robert Pittman, chief information security officer of Los Angeles County
February 28, 2013 28 Feb'13
RSA 2013: Suppliers need to prepare for new security vulnerability handling standards

Software makers and online service providers need to prepare for two ISO standards on vulnerability handling processes due by the end of 2013
February 26, 2013 26 Feb'13
RSA 2013: Despite the gloom, there is cause for optimism in IT security, says Microsoft

Despite escalating security challenges, there is a case for optimism, says Scott Charney of Microsoft's Trustworthy Computing Group
February 21, 2013 21 Feb'13
US will pile diplomatic pressure on cyber crime nations, says attorney general Eric Holder

Attorney general Eric Holder says the US will put diplomatic pressure on foreign governments over cyber crime and plans to prosecute offenders
February 19, 2013 19 Feb'13
How will EU cyber security directive affect business?

Much focus on EU’s proposed cyber security strategy and directive has been on implementation, but what effect will it really have on business?
February 19, 2013 19 Feb'13
Information security salaries flattening out

Salaries for most information security professionals are growing more slowly as pressure on corporate spending continues
February 19, 2013 19 Feb'13
Google may soon face action by EU privacy regulators

Google may face action by privacy regulators across Europe if it does not change the way it manages user data
February 15, 2013 15 Feb'13
ICO issues £150,000 penalty, urging more care with personal data

ICO urges review of personal data policies after issuing a £150,000 fine to Nursing and Midwifery Council for breaching data protection laws
February 13, 2013 13 Feb'13
UK companies use IAM for business not security, study shows

UK businesses use Identity and access management (IAM) mainly for cloud and collaboration rather than security, a Quocirca study reveals
February 13, 2013 13 Feb'13
Barack Obama signs cyber security executive order

US President Barack Obama has signed an executive order requiring federal agencies to share cyber threat information with private companies
February 11, 2013 11 Feb'13
IT expert in Microsoft monopoly case faces £2.5m legal fight

A computer expert who advised the European Commission in its investigation into anti-competitive behaviour by Microsoft faces £2.5bn legal battle
February 07, 2013 07 Feb'13
Europe tops Microsoft cyber security policy report

A report from Microsoft on factors that differentiate malware infection rates around the world shows Europe leading the fight for cyber security
February 06, 2013 06 Feb'13
EU cyber strategy aimed at boosting preparedness and cooperation

The European cyber security strategy addresses insufficient national preparedness and boosting co-operation in the region, says the EC
February 06, 2013 06 Feb'13
Business avoids cloud over fear of government snooping

Almost half of IT professionals are deterred from keeping sensitive data in the cloud because of fear of government intervention and possible legal action, a survey has revealed
February 06, 2013 06 Feb'13
Snooping bill needs more work, say MPs

The government’s proposed Communications Data Bill needs more work, says a report from the cross-party intelligence and security committee
February 01, 2013 01 Feb'13
Google just meets EU competition commissioner’s deadline

Google has submitted last-minute proposals to address the EC’s concerns over alleged abuse of its dominant market position
January 31, 2013 31 Jan'13
Kaspersky calls for international cooperation on cyber security

Governments must understand that cyber weapons are extremely dangerous and have to agree not to use them
January 28, 2013 28 Jan'13
Anonymous hackers hijack US agency website

Anonymous hackers embed a video statement on a US government agency website in response to the death of digital activist Aaron Swartz
January 25, 2013 25 Jan'13
EC calls for action on cyber strategy at WEF meeting

EC has called on leaders attending the World Economic Forum meeting to establish strategies to cope with and respond to cyber attacks
January 25, 2013 25 Jan'13
UK signs up to WEF cyber resilience plan

The UK has signed the World Economic Forum’s (WEF) new set of principles on cyber resilience
January 25, 2013 25 Jan'13
ICO wins round one of penalty challenge, but can it win round two?

The ICO has won the first appeal against a fine issued to an NHS Trust, but a second could pose a greater challenge
January 24, 2013 24 Jan'13
ICO hits Sony with £250,000 data breach penalty

The Information Commissioner’s office (ICO) has fined Sony Computer Entertainment Europe £250,000 for breaching the Data Protection Act
January 24, 2013 24 Jan'13
Government requests for user data increasing, says Google

The rise in government requests for users’ data continued in the second half of 2012, Google has revealed in its latest Transparency Report
January 22, 2013 22 Jan'13
Proposed EU data breach laws will require proactive security

Proposed European Union data breach notification laws will require proactive network security, says security management firm LogRhythm
January 14, 2013 14 Jan'13
Anonymous uses Aaron Swartz suicide to call for copyright reform

At least two MIT websites have been replaced with a political message in memory of digital activist and pioneer Aaron Swartz, who hanged himself
January 10, 2013 10 Jan'13
Software piracy international in scope, says Fast

The scale of software piracy is both international in scope and military in its execution, says the Federation Against Software Theft (Fast)
January 10, 2013 10 Jan'13
Internet firms concerned over EU data protection proposals

Internet firms such as Facebook may have to get permission to use data if the EU adopts proposals giving users more control over personal data
January 09, 2013 09 Jan'13
EC welcomes reports on proposed data protection reform

The European Commission (EC) has welcomed support for data protection laws by rapporteurs of two European parliamentary committees
January 08, 2013 08 Jan'13
Businesses overconfident about cyber security, says Deloitte

Businesses are overconfident about cyber security and should treat security breaches as inevitable, says business advisory firm Deloitte
January 07, 2013 07 Jan'13
Parliamentary commission calls for electrified banking ring fence

A parliamentary report on plans to separate retail and investment banking calls for legislation to prevent breaches of the ring fence
January 07, 2013 07 Jan'13
Dutch government publishes security flaw disclosure guide

The Netherlands has published guidelines to encourage the responsible release of security flaws
January 07, 2013 07 Jan'13
German state accuses Facebook of violating privacy

A German state claims Facebook is violating local privacy laws by not allowing users of the social network to use pseudonyms
December 10, 2012 10 Dec'12
UK CIOs see EU regulation as key

A third of UK CIOs are more concerned with EU regulation, such as the data protection directive, than their own local laws, a study has revealed.
December 05, 2012 05 Dec'12
Computer Weekly European User Awards Criteria and Information

Read the entry criteria and general information about entering the Computer Weekly European User Awards.
November 29, 2012 29 Nov'12
ICO fines text spammers Tetrus Telecoms £440,000

The Information Commissioner’s Office (ICO) fines marketing firm Tetrus Telecoms £440,000 for sending millions of spam texts to mobile users
November 15, 2012 15 Nov'12
Cyber security will change ideas of the nation state, says Stonesoft

The lack of cyber security is a major threat to the civilised world and will change how people see the nation state, says security firm Stonesoft
November 13, 2012 13 Nov'12
Will the ICO’s 'big stick' approach backfire long-term?

The ICO claims to be about helping organisations to do the right thing, yet it punishes those that report breaches. Is this really a good policy?
November 13, 2012 13 Nov'12
NHS set to challenge ICO fine

An NHS trust is to challenge a monetary penalty notice issued by the Information Commissioner's Office in a case that could set an important precedent
November 09, 2012 09 Nov'12
BlackBerry 10 approved for US government

RIM's yet-to-be-launched BlackBerry 10 platform has been awarded the US government’s security certification
November 08, 2012 08 Nov'12
Get involved in forming new data rules, says Information Commissioner

Proposals for new EU data protection framework are over-engineered and need work, says Information Commissioner Christopher Graham
November 05, 2012 05 Nov'12
Security Think Tank: Essential security questions for M&As

What is the role of IT security professionals in mergers and acquisitions?
October 30, 2012 30 Oct'12
UK website users opt in to advertising cookies

Most UK website users are allowing third-party advertising cookies, according to a study on the effect of the cookie law from TRUSTe
October 25, 2012 25 Oct'12
ICO hits Stoke-on-Trent City Council with £120,000 fine

Stoke City Council has breached the Data Protection Act, for the second time in two years, after details of a child protection legal case were emailed to the wrong person.
October 16, 2012 16 Oct'12
Theresa May: Hacker Gary McKinnon to stay in UK

Hacker Gary McKinnon will stay in UK, home secretary Theresa May has told MPs
October 16, 2012 16 Oct'12
EU advises Google to rethink privacy policy

The EU is to tell Google to change the way it gathers information on users to reduce the risk of infringing on their privacy
October 15, 2012 15 Oct'12
Austrian hospital improves access to patient data with Imprivata

Klinikum Wels-Grieskirchen hospital in Austria explains how it improved speed of access and security to its works stations.
October 15, 2012 15 Oct'12
Cookie law needs more than ‘do not track’, says Neelie Kroes

Website owners still need consent to use cookies even if web users' browsers offer 'do not track' (DNT), says EC vice-president Neelie Kroes
October 09, 2012 09 Oct'12
Three million employees lose corporate mobile data

Survey highlights security and privacy flaws as one in eight UK employees admit to losing corporate data on mobile devices
October 08, 2012 08 Oct'12
Most US citizens reject online tracking, survey finds

Most US citizens do not want any information collected about which websites they visit, according to a survey by the University of California
October 05, 2012 05 Oct'12
Social media presents risk of data overload

Employees are at risk of information overload as social media technologies are increasingly used in the workplace
October 02, 2012 02 Oct'12
Businesses to face tougher penalties for data breaches

Businesses will face tougher penalties for failing to secure personal data under new European legislation
September 27, 2012 27 Sep'12
ICO publishes cloud data guidelines

The ICO has published new guidelines that underline businesses’ sole responsibility for the protection of data
September 27, 2012 27 Sep'12
EC sets out strategy for EU cloud data and standards

The European Commission (EC) has unveiled a strategy for standards and a legal framework for cloud computing in European Union (EU) states
September 26, 2012 26 Sep'12
Move to cloud still all about security for UK firms, survey shows

Security and data privacy are still the top concerns for UK businesses adopting cloud-based services, research shows
September 24, 2012 24 Sep'12
EU mulls plans for police to monitor web

Police across Europe could soon monitor social media for content supporting terrorism, a leaked EU report has revealed
September 24, 2012 24 Sep'12
Facebook suspends photo tagging tool in Europe

Facebook has suspended its facial recognition photo tagging service in Europe following a privacy audit by the Irish Data Protection Commission
September 21, 2012 21 Sep'12
UK faces BlackBerry outage again

People in the UK, Middle East and Europe are again facing disruption to the BlackBerry email messaging service
September 21, 2012 21 Sep'12
Investec banks on policy to make social media work

Investment bank Investec sees social media as part of the insider threat to information security, but has policies and technologies to make it work
September 20, 2012 20 Sep'12
Arrogant firms hoodwink customers on data breaches

Customers are having the wool pulled over their eyes by organisations that fail to report data breaches, says document management firm Simplexo
May 11, 2012 11 May'12
ICO fines Welsh health board £70,000 for patient record loss

For the first time, the ICO fines an NHS organisation for sending patient data to the wrong person.
April 26, 2012 26 Apr'12
Infosecurity 2012: ICO opposes mandatory data breach notification

Information Commissioner Christopher Graham calls mandatory breach disclosure for all companies unnecessary, saying voluntary disclosure is working.
March 30, 2012 30 Mar'12
SIEM deployment case study shows patience is required

Williams Lea’s SIEM is already helping reduce manual log reviews. But there’s still a lot of work to be done before the SIEM can be fully deployed.
March 27, 2012 27 Mar'12
For website owners, UK cookie law causing confusion, uncertainty

A survey of digital marketing professionals found some companies plan to take no action to comply with UK cookie law before the May 26 deadline.
March 26, 2012 26 Mar'12
Costs of a data breach falling, but cost per record rising

The cost of a data breach in the UK is falling, data from Ponemon Institute shows, but the news isn't all good.
January 26, 2012 26 Jan'12
European Commission data protection proposals draw hostile reaction

Reaction to the European Commission data protection proposals has been largely negative, as many believe the new rules are costly and misdirected.
December 29, 2011 29 Dec'11
Emerging 2012 security trends demand information security policy changes

2012 security trends involving cookies, fines, devices and threats will demand more skills -- and a little finesse -- from security professionals.
December 21, 2011 21 Dec'11
ICO stands by unpopular UK cookie legislation with advice, warnings

Website owners have resisted compliance with cookie legislation so the ICO has issued more guidance and warnings to nudge them along.
November 17, 2011 17 Nov'11
Tougher data protection rules will push up cost of email marketing

The EU will announce tougher rules for collecting information from consumers. Security pros can plan now for the new rules, expected in January 2012.
October 24, 2011 24 Oct'11
PCI DSS implementation can boost entire data security program

Not just for payment card data, a PCI DSS implementation can be applied to all data, underpinning an organization’s overall data security efforts.
October 20, 2011 20 Oct'11
Private companies can expect more ICO fines, regulator warns

A regulator warned private companies who do not adequately protect data will face ICO fines up to £500,000.
October 05, 2011 05 Oct'11
e-Crimes India conference 2011 to be held in November

The annual e-Crimes Inda conference is slated to be held in the second week of November this year. Hurry up and register for this event now!
October 03, 2011 03 Oct'11
UK banks bracing for new financial services regulations compliance

A research director for Gartner lists the top five financial services regulations that UK banks will have to deal with in the coming years.
September 29, 2011 29 Sep'11
E-discovery laws: Having an information governance framework matters

A recent increase in privacy litigation proves that UK companies, too, need e-discovery and data governance plans.
August 20, 2011 20 Aug'11
ICO approves policy changes after Google Street View privacy issues

The ICO has approved updates to Google's Street View policies following a data compromise last year, but asserts there's room for improvement.
August 11, 2011 11 Aug'11
Gartner: Corporate privacy policy requirements demand urgent review

The research firm says corporate privacy policy requirements are outdated, due to new technology and legislation, and should be revisited now.
July 15, 2011 15 Jul'11
Concern follows police convictions for Data Protection Act violations

A Freedom of Information request reveals that 243 police officers were convicted of Data Protection Act violations in the last three years.
July 07, 2011 07 Jul'11
Many private firms decline ICO audit, finds 2011 ICO annual report

The 2011 ICO annual report shows that of the private companies offered an ICO audit last year, only 19% accepted.
June 30, 2011 30 Jun'11
DPA compliance: Tracking changes to Data Protection Act guidelines

Can organisations expect a more prescriptive Data Protection Act in the future? UK Bureau Chief Ron Condon examines the law's prospects.
June 17, 2011 17 Jun'11
Demystifying IT Rules 2011: What it means for you

The first of a two-part series on the IT Rules 2011 notification under IT Act 2000, looking into its stipulations and their implications for businesses.
June 14, 2011 14 Jun'11
PCI virtualisation: With new guidelines, compliance may be harder

New guidelines on virtualisation issued by the PCI SSC show PCI compliance is possible within a virtualised environment, but may not be feasible.
May 19, 2011 19 May'11
European Commission Digital Agenda seeks input on EU cloud computing

The European Commission's Digital Agenda is inviting organisations to complete an online cloud questionnaire as it considers creating cloud standards.
May 13, 2011 13 May'11
Industry experts: ICO guidelines on cookies get cautious welcome

New ICO guidelines give leeway for a more nuanced approach to compliance, but some say more clarity is needed.
May 10, 2011 10 May'11
New ICO guidance issued on EU cookie law

The Information Commissioner's Office has released practical guidance for companies to comply with the new EU cookie law.
April 21, 2011 21 Apr'11
PECR amendments feature tighter rules on cookies, security risk

Beginning May 25, organisations will have to request permission from website visitors before planting cookies on their machines.
March 29, 2011 29 Mar'11
Open Group launches guide to boost ISO 27005 efforts

A new guide from the Open Group is designed to help organisations meet ISO 27005 standards, but some risk management professionals feel it may not be so effective.
March 22, 2011 22 Mar'11
UK PCI compliance slow, but card fraud trends downward

Compliance with PCI DSS is still slow in the UK, but card fraud continues to fall, perhaps in part due to measures mandated or encouraged by the standard.
March 18, 2011 18 Mar'11
ISSA standard aims to improve small business IT security

ISSA is crafting a small-business standard to improve information security, but one group questions whether a single standard for all small companies makes sense.
February 07, 2011 07 Feb'11
PCI SSC: Europeans sought to shape credit card security policy

Nominations recently opened for organisations to join the PCI SSC's advisory board, and PCI European Director Jeremy King is keen to see more UK companies elected.
February 02, 2011 02 Feb'11
PCI PTS aims to stop retail IT security breaches, but progress is slow

The new PCI PTS requirements are intended to help stores shore up insecure point-of-sale systems and other common retail IT security weaknesses.
November 30, 2010 30 Nov'10
PCI-DSS standard compliance becomes reality for Bank of India

Financial player Bank of India claims to be the first Indian bank to achieve PCI-DSS standard certification for its debit card environment.