News
Regulatory compliance and standard requirements
-
April 19, 2024
19
Apr'24
Report reveals Northern Ireland police put up to 18 journalists and lawyers under surveillance
Disclosures that the Police Service of Northern Ireland obtained phone communications data from journalists and lawyers leads to renewed calls for inquiry
-
April 18, 2024
18
Apr'24
CSA warns of emerging security risks with cloud and AI
Few users appreciate the security risks of cloud and have the expertise to implement the complex security controls, says CSA chief executive David Koh
-
April 18, 2024
18
Apr'24
TUC publishes legislative proposal to protect workers from AI
Proposed bill for regulating artificial intelligence in the UK seeks to translate well-meaning principles and values into concrete rights and obligations that protect workers from systems that make ‘high-risk’ decisions about them
-
April 16, 2024
16
Apr'24
CW Innovation Awards: Balancing security and user experience
The National University of Singapore’s Safe initiative has strengthened the security of IT systems and end-user devices while prioritising user experience through passwordless access
-
April 15, 2024
15
Apr'24
EU’s AI Act fails to protect the rule of law and civic space
Analysis reveals that the AI Act is ‘riddled with far-reaching exceptions’ and its measures to protect fundamental rights are insufficient
-
April 12, 2024
12
Apr'24
Executive interview: Balancing AI with human creativity
We speak to the chief product officer at Getty Images and iStock about the role generative AI can play in the image-making process.
-
April 09, 2024
09
Apr'24
UK plc failing on multiple cyber measures
Government report shows 50% of businesses and 32% of charities reported a cyber attack or breach in the past 12 months and organisations across the UK are failing on multiple cyber measures
-
April 09, 2024
09
Apr'24
Is a cyber arms control treaty out of reach?
The world needs cyber arms control more than ever, but the challenges facing a multilateral agreement will be hard to surmount, according to researchers at Germany’s Digital Society Institute
-
April 09, 2024
09
Apr'24
Greek government fined over AI surveillance in refugee camps
Greece’s Data Protection Authority has issued a €175,000 fine against the country’s migration ministry over its deployment of artificial intelligence-powered security systems in refugee camps after the watchdog’s investigation found ‘serious ...
-
April 04, 2024
04
Apr'24
Changes needed for SOCs and CSIRTs, claims Dutch research institute
Cyber security specialists need a game-changer to keep up with their adversaries, who increasingly use automation and AI for their attacks
-
March 29, 2024
29
Mar'24
Organisations getting better at spotting identity fraud
As the barriers to committing identity fraud continue to drop, organisations should consider more sophisticated technical measures to successfully up their game, according to a report
-
March 28, 2024
28
Mar'24
UK plc going backwards on cyber maturity, Cisco report claims
Fewer UK organisations believe their cyber security postures have reached a mature level than did so 12 months ago, as they struggle to keep up with new challenges and a fast-evolving threat landscape
-
March 28, 2024
28
Mar'24
Sellafield to be prosecuted over alleged cyber compliance failure
Sellafield Ltd, the organisation responsible for cleaning up and decommissioning the UK's largest nuclear waste site, is to be prosecuted over alleged cyber security failings dating back to 2019
-
March 28, 2024
28
Mar'24
Counter-eavesdropping agency unlawfully used surveillance powers to identify journalist’s source
More than 750 journalists had their communications data accessed by law enforcement and government agencies between 2018 and 2022
-
March 27, 2024
27
Mar'24
Ransomware gang leaks data stolen from Scottish NHS board
Data stolen from an earlier attack on NHS Dumfries and Galloway has been leaked by a ransomware gang that claims to be in possession of much more content
-
March 25, 2024
25
Mar'24
Which? calls for government action on fake banking sites
Amid high volumes of spoofed, fraudulent banking websites, Which? is calling for the government to implement new legal obligations for domain registrars
-
March 22, 2024
22
Mar'24
Court finds EncroChat hacked messages admissible as former footballer is jailed
A judge in ‘lead’ EncroChat case found that messages obtained by police from the encrypted phone network can be lawfully used in evidence
-
March 21, 2024
21
Mar'24
US sues Apple, alleging smartphone monopoly
A major legal action against Apple over its dominance of the smartphone market has kicked off in the US, alleging anticompetitive practices on Apple’s part that have damaged the sector and restricted consumer choice
-
March 21, 2024
21
Mar'24
NCSC guidance to help CEOs work through cyber incidents
The NCSC has published in-depth guidance on how business leaders should respond to a cyber attack or data breach. Learn about some of the key steps you will need to follow
-
March 20, 2024
20
Mar'24
UK’s cyber resilience stagnates as more fall victim to attacks
The government is calling on businesses to ramp up their cyber protections as study shows improvements to resilience are stagnating amid an ever-growing volume of attacks
-
March 19, 2024
19
Mar'24
Australia’s cyber security spending to grow 11.5% this year
Highly publicised cyber attacks and growing regulatory obligations are keeping security and risk top of mind for Australian organisations this year, says Gartner
-
March 18, 2024
18
Mar'24
The Security Interviews: Alex Yampolskiy, SecurityScorecard
Alex Yampolskiy conceived the idea for risk management specialist SecurityScorecard after getting stung by a SaaS supplier that was being cavalier with its customer data. He tells his story to Computer Weekly
-
March 18, 2024
18
Mar'24
Cohesity: We won’t abandon NetBackup customers or force migration
CEO promises no forced migration to Cohesity and not to abandon any NetBackup product while building new leadership in artificial intelligence and security around Cohesity Gaia
-
March 17, 2024
17
Mar'24
UK’s AI ambitions pointless while cyber security is still neglected
The UK’s AI ambitions may be at considerable risk without stronger cyber defences across the private and public sectors
-
March 15, 2024
15
Mar'24
London Mayor’s Office reprimanded over data breach
The London Mayor’s Office has been reprimanded by the ICO after an internal error exposed the data of people who had made complaints against the Metropolitan Police
-
March 14, 2024
14
Mar'24
Questions raised over NHS deletion of thousands of emails during whistleblower tribunal
NHS doctor Chris Day has won the right to challenge a tribunal ruling that found no procedural unfairness when an NHS trust deleted thousands of emails. The case that raises wider questions about the use of electronic evidence
-
March 13, 2024
13
Mar'24
British Library opens up over ransomware attack to help others
The British Library has opted for full transparency after experiencing a devastating ransomware attack, publishing details of the intrusion, its response and the lessons it has learned
-
March 11, 2024
11
Mar'24
Government not facing up to CNI cyber risks, committee warns
The Joint Committee on the National Security Strategy has accused the government of burying its head in the sand over the cyber threat to UK critical infrastructure
-
March 08, 2024
08
Mar'24
OSS leaders detail commitments to bolster software security
CISA has announced a number of actions to help secure the global open source ecosystem, as leading package repositories including the Python and Rust foundations advance their own initiatives
-
March 07, 2024
07
Mar'24
PSNI chief denies ‘industrial’ use of surveillance powers against journalists
PSNI chief constable Jon Boutcher has agreed to provide a report on police surveillance of journalists and lawyers to Northern Ireland’s policing watchdog
-
March 07, 2024
07
Mar'24
NI Policing Board pressed to open inquiry into PSNI spying on journalists’ phones
Amnesty International and the Committee on the Administration of Justice have asked Northern Ireland’s policing watchdog to open an inquiry into the Police Service of Northern Ireland’s use of surveillance powers against journalists
-
March 05, 2024
05
Mar'24
Rapid7 hits out over botched vulnerability disclosure
Software development firm JetBrains and security specialist Rapid7 fall out over the handling of a critical vulnerability disclosure, while customers are left rushing to patch
-
March 05, 2024
05
Mar'24
American Express customers exposed through third-party breach
US card giant warns customers that their personal details may have been exposed after a third party experienced a systems breach
-
March 05, 2024
05
Mar'24
Banning ransomware payments back on the agenda
The idea of banning ransomware payments to cyber criminals is back on the agenda, with former NCSC chief Ciaran Martin arguing that tougher measures need to be taken
-
March 04, 2024
04
Mar'24
The Security Interviews: Cyber security is about managing risk effectively
Effective cyber security must lead to cyber resilience – that is, the ability to anticipate, protect against, withstand and recover from any adverse condition, disruption or compromise, as Kyndryl’s security practice leader explains
-
February 29, 2024
29
Feb'24
Police arrested journalists as part of surveillance operation to identify confidential sources
Three police forces took part in surveillance operations between 2011 and 2018 to identify sources that leaked information to journalists Trevor Birney and Barry McCaffrey, the Investigatory Powers Tribunal hears
-
February 28, 2024
28
Feb'24
75% of third-party breaches target software, IT supply chains
Data drawn from SecurityScorecard’s telemetry reveals how supply chain breaches are becoming a weapon of choice for threat actors
-
February 28, 2024
28
Feb'24
Users love their cyber teams, but find them frustrating
Despite strong support for security teams, a good number of ordinary workers see them as obstructive to business goals, and would like to see them operate more transparently
-
February 27, 2024
27
Feb'24
VulnCheck bug listing to help track new threats quicker
Exploit intelligence firm VulnCheck launches a proprietary Known Exploited Vulnerabilities catalogue in hopes of improving end-user access to intel on emerging threats and reaching those that the likes of CISA do not
-
February 27, 2024
27
Feb'24
Hycu uses AI to develop APIs for SaaS application backup
SaaS applications don’t usually come with built-in data protection, but Hycu plans to tackle that gap in the market with AI to generate the connectors needed to backup user data
-
February 26, 2024
26
Feb'24
Storage and backup spend in 2024 targets risk and resilience
The TechTarget and ESG spending intentions survey finds big bias towards averting risk and building organisational resilience, but on-premise storage a significant planned outlay
-
February 21, 2024
21
Feb'24
Australian data breach report highlights supply chain risks
The OAIC has called for organisations to proactively address privacy risks from outsourcing personal information handling to third parties
-
February 21, 2024
21
Feb'24
How Indian fintechs can address compliance issues
Fintechs will need to bolster their know-your-customer practices and establish self-regulatory mechanisms, among other measures, to address compliance issues that have come under the spotlight
-
February 20, 2024
20
Feb'24
US extradition of Julian Assange is ‘state retaliation’ for exposing war crimes, court hears
Lawyers argue that the US extradition case against WikiLeaks founder Julian Assange is politically motivated and in is breach of the UK-US extradition treaty
-
February 20, 2024
20
Feb'24
Government agrees law to protect confidential journalistic material from state hacking
The government will update Investigatory Powers Act to require secret intelligence agencies to seek independent approval before accessing confidential journalistic material obtained by bulk hacking, but journalists remain vulnerable to other bulk ...
-
February 15, 2024
15
Feb'24
Security-by-design push prompts new ISC2 accreditations
Security-by-design has become a hot-button regulatory issue. ISC2 has decided now is the time to upskill cyber pros around these vital software and hardware development principles
-
February 14, 2024
14
Feb'24
Met Police to scrap and replace ‘racist’ Gangs Violence Matrix
A database used by the Metropolitan Police to identify and track people linked with gang violence is being decommissioned and replaced. The decision follows a long-running controversy over its discriminatory impacts on young black people, but ...
-
February 14, 2024
14
Feb'24
Security experts: Investigatory powers plans will delay security updates
Cyber security experts warn that government proposals to amend the Investigatory Powers Act will limit tech companies’ ability to respond to security threats and could hamper the use of end-to-end encryption
-
February 13, 2024
13
Feb'24
What will result from Cohesity’s Veritas acquisition?
The $7bn backup giant will leverage huge assets in enterprise customer base, compliance and governance intelligence, AI, R&D, and Kubernetes backup and storage
-
February 09, 2024
09
Feb'24
MoD ethical hacking programme expands after initial success
The Ministry of Defence has expanded the scope of its defensive security partnership with HackerOne