News

Regulatory compliance and standard requirements

• October 25, 2018 25 Oct'18

  ICO issues maximum £500,000 fine to Facebook

  The UK privacy watchdog has confirmed that Facebook has escaped a fine of more than $1bn under the GDPR, but will face the maximum under the DPA for failing to protect users’ personal information

• October 25, 2018 25 Oct'18

  Cathay Pacific under fire over breach affecting 9.4 million passengers

  Hong Kong-based airline reveals massive data breach of the most sensitive personal data of passengers five months after loss was confirmed

• October 25, 2018 25 Oct'18

  Becrypt security platform helps ease cloud adoption

  Becrypt’s secure operating system is driving a new service aimed at helping organisations reduce cost and increase agility in using cloud-based services and online applications

• October 23, 2018 23 Oct'18

  Morrisons loses appeal against data breach liability ruling

  Supermarket chain has lost its appeal against a High Court ruling that found it liable for a data leak by a former employee, underlining the importance of managing insider threats

• October 19, 2018 19 Oct'18

  Learn lessons from attacks, says McAfee investigations chief

  Organisations should use every cyber attack as an opportunity to learn, identify weaknesses and improve security posture, according to McAfee’s head of cyber investigations

• October 18, 2018 18 Oct'18

  NHS standards framework aims to set the bar for quality and efficiency

  NHS Digital’s standards framework sets out renewed commitment to implement and use open standards across the NHS

• October 18, 2018 18 Oct'18

  Time to implement new cyber security protections, says McAfee CEO Chris Young

  Convergence of threats and technologies and an increasingly complex regulatory environment are driving the need to implement new cyber security protections, says McAfee chief

• October 16, 2018 16 Oct'18

  UK faces 10 cyber attacks a week as hostile states step up hacking, says NCSC

  The UK’s National Cyber Security Centre has thwarted more than 1,600 attacks over the past two years – many by hostile nation states

• October 15, 2018 15 Oct'18

  Tech companies should not be under legal duty to remove terrorist material, says watchdog

  The internet should not be a safe place for terrorists, but making it compulsory for technology companies to trawl for radical content risks interfering with the rights of innocent people, says Max Hill QC, the independent reviewer of terrorism ...

• October 15, 2018 15 Oct'18

  Good data governance is good business

  Organisations are failing to understand the importance of getting their data relationship with customers right and seeing the business opportunities that it enables, an industry analyst warns

• October 15, 2018 15 Oct'18

  Apple challenges Australia’s proposed decryption law

  Tech giant Apple argued that the lack of judicial oversight could reduce customer trust and security, among other reservations over Australia’s draft decryption legislation

• October 11, 2018 11 Oct'18

  MEPs urge Facebook to roll out election fraud prevention measures

  Facebook is coming under pressure from European lawmakers to do more to prevent its user data from being misappropriated during elections

• October 10, 2018 10 Oct'18

  Detail of Dutch reaction to Russian cyber attack made public deliberately

  Four Russian intelligence officials were expelled from the Netherlands after an attempted hack on the global chemical weapons watchdog. The Dutch government has been open about the detail

• October 08, 2018 08 Oct'18

  High Court blocks Google iPhone privacy lawsuit

  The UK High Court has thrown out a group action lawsuit against Google for tracking iPhone browsing data, but campaign group Google You Owe Us, which brought the litigation, will appeal the decision

• October 08, 2018 08 Oct'18

  ICO hits Heathrow Airport with £120,000 data breach fine over lost USB stick

  Information Commissioner’s Office fines airport after a member of the public came across a USB stick containing sensitive personal information about airport staff

• October 05, 2018 05 Oct'18

  GDPR case work swamps Denmark’s data protection agency

  The agency investigating alleged breaches of GDPR in Denmark is recruiting additional resources to cope with the increase in work

• October 01, 2018 01 Oct'18

  Facebook could face up to $1.6bn fine for data breach

  Facebook is under increased pressure to demonstrate that users’ personal data is protected as it faces a potential fine of more than a billion dollars for a data breach affecting millions of users

• September 28, 2018 28 Sep'18

  EU sees eIDAS regulation come into full force

  A regulation aimed at cutting red tape to enable a digital single market in Europe will soon be in full force, but it could present some challenges to the UK after Brexit

• September 26, 2018 26 Sep'18

  ICO threatens fines for outstanding fees

  The UK’s privacy watchdog has issued warning letters to organisations, including some NHS trusts and government organisations, for failing to pay a new data protection fee

• September 26, 2018 26 Sep'18

  Financial services firms face potential security bombshell

  UK financial services are facing a security crisis over outdated services and applications, a survey shows

• September 25, 2018 25 Sep'18

  PCI DSS compliance falls despite security benefit

  Despite the benefits of the payment card industry security standard, there is a concerning downward trend in compliance, a report reveals

• September 19, 2018 19 Sep'18

  Europol cyber crime report highlights emerging threats to enterprise security

  Research highlights increase in sophistication of ransomware attacks, while revealing details of new and emerging threats to enterprises

• September 13, 2018 13 Sep'18

  No Deal Brexit may hinder free flow of personal data from EU to UK

  The government’s No Deal Brexit planning document on data protection warns free flow of personal data from EU isn’t guaranteed, and organisations must take action to ensure they will still be able receive data from Europe

• September 13, 2018 13 Sep'18

  GCHQ mass surveillance regime was in breach of human rights law, European court rules

  The European Court of Human Rights in Strasbourg has ruled that the UK’s collection of bulk interception of communications data lacked adequate oversight and safeguards and was in breach of human rights law

• September 12, 2018 12 Sep'18

  FCA warns it cannot manage financial crime risks without sharing data with EU

  FCA admits it will be unable to manage financial crime effectively if it cannot share data with EU authorities.

• September 11, 2018 11 Sep'18

  British Airways data breach: Security researchers name suspects and query attack timeline

  Security researchers claim to have pinpointed the cause and perpetrators of the British Airways data breach, and also claim the attackers may have had access to its customer data for far longer than previously thought

• September 10, 2018 10 Sep'18

  Cyber criminals outspend businesses in cyber security battle

  Cybercriminals are flexing their financial might and UK organisations are facing more attacks as a result

• September 07, 2018 07 Sep'18

  BA praised for swift GDPR-aligned action on data breach

  British Airways has been praised for its swift response to a customer data breach, which could be the first test case under the EU’s GDPR and new UK GDPR-aligned data protection laws

• September 03, 2018 03 Sep'18

  Majority of UK firms not insured for data breaches

  Many UK firms are not insured against information security breaches and data loss, and would have to spend £1m on average to recover from a breach, a report reveals

• August 30, 2018 30 Aug'18

  Blockchain gains foothold in Australia

  A number of blockchain projects are under way in Australia, but questions remain about whether the technology is wanted

• August 29, 2018 29 Aug'18

  Improving security is top driver for ISO 27001

  Organisations are implementing the ISO 27001 standard in recognition of the fact that cyber attacks are increasingly inevitable and that it is best to be well-prepared to fend off attacks and mitigate their effect

• August 28, 2018 28 Aug'18

  Challenge to anti-GDPR immigration exemption in DPA to go ahead

  Two human rights groups are challenging a controversial clause in new UK data protection legislation that they say is in conflict with the EU’s Charter of Fundamental Rights and undermines the General Data Protection Regulation

• August 23, 2018 23 Aug'18

  Australian government agency trials secure cloud service

  The Digital Transformation Agency has become the first government agency in Australia to test the use of Microsoft Office 365 in a secure cloud environment

• August 22, 2018 22 Aug'18

  Nearly a third of organisations still not GDPR ready

  As the UK and other states implement the EU’s GDPR, many organisations admit they are still not fully compliant, but most claim to be able to respond to data subject access requests

• August 22, 2018 22 Aug'18

  Superdrug denies data breach

  Superdrug has warned online customers it believes may have had personal details exposed, but claims its systems were not compromised, in what could be the first GDPR-related extortion attempt

• August 21, 2018 21 Aug'18

  New Zealand to run national cyber security exercise

  The island-nation will test the resilience of its critical infrastructure in November 2018, bringing together multiple agencies to protect assets of national significance

• August 21, 2018 21 Aug'18

  Malaysia’s financial sector warms up to cloud, but lacks security leadership

  Almost two-thirds of Malaysia’s financial services firms are developing a cloud strategy, but not all have a security plan in place

• August 20, 2018 20 Aug'18

  Planned Australian law raises tech firms’ security concerns

  A digital industry group representing some of the world’s largest tech firms is opposed to proposed Australian laws aimed at compelling them to help security agencies and police

• August 16, 2018 16 Aug'18

  Trump sparks speculation after repealing cyber attack restraints

  The US president has sparked speculation about US policy on launching cyber attacks by repealing Obama-era restraints, underlining the need for international rules on cyber warfare

• August 14, 2018 14 Aug'18

  UK banks under pressure to improve downtime reporting under new FCA rules

  To make it easier for customers to compare and switch between current account providers, UK banks are under pressure to improve their reporting processes for downtime and security incidents

• August 13, 2018 13 Aug'18

  ICO strengthens commitment to technology and innovation

  Information Commissioner’s Office has demonstrated its commitment to technology and innovation by appointing a new executive director to focus on this area

• August 13, 2018 13 Aug'18

  UK firms concerned about cyber arms race

  Continuous investment and activity are key in the cyber arms race, according to Databarracks, as research shows UK firms are worried about keeping up with security challenges

• August 12, 2018 12 Aug'18

  Over 146 billion records to be stolen over next five years

  The US will bear the brunt of data exfiltration efforts by cyber criminals, though Asia-Pacific nations such as Singapore will not be spared

• August 10, 2018 10 Aug'18

  Butlin’s warns of potential personal data breach

  Holiday camp chain blames cyber breach on a phishing attack, implying that attackers were able to steal user credentials to access customer data – and underlining the need for security awareness training

• August 09, 2018 09 Aug'18

  ICO fines Emma’s Diary £140,000

  The UK’s privacy watchdog has fined a marketing company for illegally collecting and selling personal information for political campaigning

• August 08, 2018 08 Aug'18

  Australia calls for interventionist approach in new cyber agenda

  The Australian government is forming a cyber defence network comprising security agencies and private sector partners to support a more interventionist approach towards cyber security

• August 07, 2018 07 Aug'18

  Starbucks to advise on development of bitcoin trading platform

  Coffee giant Starbucks has joined a group of firms advising Intercontinental Exchange on the development of a digital assets platform

• August 06, 2018 06 Aug'18

  Half of UK consumers to exercise GDPR rights within a year

  More than half of UK consumers will exercise their General Data Protection Regulation rights within a year and almost two-thirds will retract or review data use because of the Facebook-Cambridge Analytica scandal, a study shows

• August 03, 2018 03 Aug'18

  UK security centre to launch IoT security standard

  The London-based Centre for Strategic Cyber Space and Security Science is working on an internet of things security standard and has roped in participants from eight markets

• July 31, 2018 31 Jul'18

  UK business overestimating level of consumer trust, study shows

  UK consumer trust is low, with the majority of UK businesses admitting to selling customer data, a report reveals