News

Regulatory compliance and standard requirements

• May 12, 2020 12 May'20

  Draft Covid-19 contact tracing legislation proposes formal oversight

  Human Rights Committee chair Harriet Harman has outlined a proposed bill to guarantee the security and privacy of data generated by the UK’s Covid-19 contact tracing app

• May 12, 2020 12 May'20

  Details released of second UK contact-tracing app development

  Contractual documents show Zuhlke Engineering receiving an official start date of 6 May to supply a managed delivery team to support and run proximity mobile application and services for the UK

• May 12, 2020 12 May'20

  Police failing to consult public on new technologies

  A freedom of information campaign has revealed that UK police are largely failing to consult the public on their use of new technologies, with the potential to undermine the principle of policing by consent

• May 12, 2020 12 May'20

  APAC firms still coming to grips with data protection

  More governments in Asia are implementing data protection regimes, but challenges such as checkbox compliance and the lack of effective staff training remain

• May 12, 2020 12 May'20

  How Australian firms can plug data protection gaps

  Australian organisations can address data protection challenges by creating roles such as a data governance lead, classifying data and improving employee awareness of cyber hygiene

• May 12, 2020 12 May'20

  Banks failing to protect customers from coronavirus fraud

  Just 13 of the 64 banks accredited for the government’s Coronavirus Business Interruption Loan Scheme have implemented Dmarc protection

• May 07, 2020 07 May'20

  Contact-tracing app fails to protect privacy and human rights

  Reassurances over the security and human rights implications of NHSX’s approach to developing its Covid-19 contact-tracing app are insufficient, says the cross-bench Human Rights Committee

• May 07, 2020 07 May'20

  Facebook announces oversight board members

  New board will rule on freedom of expression issues and make policy recommendations to social media giant.

• May 07, 2020 07 May'20

  FBI search warrants reveal Trump aide’s messages to WikiLeaks founder Julian Assange

  FBI search warrants reveal Trump campaigner Roger Stone sent private messages to WikiLeaks founder Julian Assange after the site published thousands of documents that damaged Hillary Clinton’s election campaign

• May 05, 2020 05 May'20

  Building security and privacy into contact-tracing apps

  Governance and data decentralisation are among measures that organisations can take to allay security and privacy concerns over contact-tracing apps, according to RSA

• May 04, 2020 04 May'20

  NHSX contact-tracing app needs legislative oversight

  Legal experts have told Parliament’s Human Rights Committee that legislation is desirable to ensure public trust in the data security of the Covid-19 coronavirus contact-tracing app

• May 04, 2020 04 May'20

  IT Priorities 2020: Compliance and risk are top security concerns

  When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study

• May 01, 2020 01 May'20

  NCSC tackles unconscious bias in security terminology

  The terms whitelisting and blacklisting are out at the UK’s National Cyber Security Centre

• April 29, 2020 29 Apr'20

  IMDA to issue 5G spectrum to Singtel and StarHub-M1 venture

  Singapore’s telco regulator will award 5G spectrum to major operators whose proposals have exceeded its requirements in some cases

• April 29, 2020 29 Apr'20

  Coronavirus: Call for extension to European payment security standard deadline

  Payment processors across Europe want more time to meet the SCA payment security standard

• April 27, 2020 27 Apr'20

  Julian Assange extradition hearing postponed amid coronavirus lockdown

  Julian Assange’s lawyers say they have been unable to communicate or share legal documents with the WikiLeaks founder to enable them to prepare a defence in time for a planned extradition hearing in May

• April 27, 2020 27 Apr'20

  UK tech companies launch online safety body

  Online Safety Tech Industry Association unites 14 technology companies to drive conversation and policy around online safeguarding

• April 27, 2020 27 Apr'20

  Australia’s CovidSafe app debuts, source codes to follow

  Australia’s contact tracing app has been downloaded more than 1.1 million times, even as privacy concerns linger on

• April 23, 2020 23 Apr'20

  Ransomware-stricken Travelex up for sale

  Travelex’s parent Finablr is washing its hands of the ransomware-stricken forex provider as it struggles with the twin shocks of the Covid-19 pandemic and a developing fraud scandal

• April 23, 2020 23 Apr'20

  Public authorities set to receive expanded surveillance powers

  UK government wants to extend the number of public authorities able to obtain communications data using mass surveillance

• April 20, 2020 20 Apr'20

  IT services company Cognizant warns customers after ‘Maze’ ransomware attack

  US IT services company Cognizant alerts customers after the Maze ransomware group launches a cyber attack

• April 20, 2020 20 Apr'20

  Dutch organisations address business email compromise fraud

  Public-private partnership in the Netherlands works to break the chains used by fraudsters to carry out BEC attacks

• April 20, 2020 20 Apr'20

  Australian workers are weakest link in fight against cyber attacks

  About four in 10 employees are sharing inappropriate data across mobile devices and half of all security incidents in 2019 occurred through inappropriate IT use, new study finds

• April 17, 2020 17 Apr'20

  Coronavirus: How Nominet fights back against malicious domains

  Domain name registry has thwarted hundreds of attempts to register malicious .uk domain names during the coronavirus pandemic

• April 17, 2020 17 Apr'20

  EU warns no compromise on privacy as NHS clashes with tech firms on contact tracing

  EU and UK regulators express data privacy concerns days after Silicon Valley giants announce collaboration on contact-tracing apps to prevent the spread of the Covid-19 coronavirus

• April 17, 2020 17 Apr'20

  Coronavirus: Security certification body puts exams online

  Candidates for certification by the International Association of Privacy Professionals will now be able to sit their exams remotely

• April 15, 2020 15 Apr'20

  Coronavirus: ICO temporarily relaxes regulatory approach

  The Information Commissioner’s Office sets out a revised approach to its regulatory duties during the Covid-19 coronavirus pandemic

• April 06, 2020 06 Apr'20

  BA and Marriott get GDPR fine reprieve

  Both British Airways and Marriott International have had their General Data Protection Regulation fines deferred until later in 2020

• April 03, 2020 03 Apr'20

  Covid-19 apps pose threat to digital privacy on a global scale

  Digital security firm Surfshark has reviewed a number of apps aimed at tackling the spread of coronavirus, and found that many pose a threat to people’s digital privacy

• April 02, 2020 02 Apr'20

  Morrisons appeal success is cold comfort for enterprises

  The success of Morrisons’ appeal against judgments that it should be held vicariously liable for an insider data breach will be welcomed by businesses, but may be of limited comfort to them

• April 01, 2020 01 Apr'20

  Swedbank to rebuild anti-money laundering systems after damning report

  Report finds that €36.7bn in transactions, all carrying a high risk for money laundering, were processed through the bank’s branch network in Estonia, Latvia and Lithuania

• March 31, 2020 31 Mar'20

  Marriott International hotel chain in second data breach

  Marriott International notifies customers of a major data breach that unfolded earlier in 2020 – the second it has experienced in the past two years

• March 27, 2020 27 Mar'20

  Lorca calls on security scaleups to tackle coronavirus challenge

  Lorca innovation programme has launched an open call for its next cohort of cyber security scaleups, with a timely focus on coronavirus challenges

• March 26, 2020 26 Mar'20

  Coronavirus: What are the latest free cyber security offers?

  We round up the latest free offers on cyber security products and services being made available during the Covid-19 coronavirus crisis

• March 26, 2020 26 Mar'20

  Developed APAC states most exposed to cyber risks

  Singapore, South Korea, Japan, Australia and New Zealand have the highest exposure to cyber risks, but they are also the most prepared to deal with cyber attacks, study finds

• March 25, 2020 25 Mar'20

  Almost half of UK businesses suffered a cyber attack in past year

  Latest government statistics reveal the scale of the cyber security challenge facing UK plc, but reveals some cause for optimism

• March 23, 2020 23 Mar'20

  Coronavirus: Kaspersky, Bitdefender make products free to NHS

  Kaspersky and Bitdefender have both made various products and services available free to healthcare customers as the Covid-19 coronavirus pandemic intensifies

• March 22, 2020 22 Mar'20

  Cyber gangsters hit UK medical firm poised for work on coronavirus with Maze ransomware attack

  The Maze ransomware group has published personal and medical details of thousands of former patients of a London-based medical research company after a failed attempt to disable the firm's computer systems

• March 20, 2020 20 Mar'20

  UK Coronavirus Bill relaxes restrictions on mass surveillance powers

  Emergency legislation would massively expand state surveillance and police detainment powers

• March 18, 2020 18 Mar'20

  Prudential turns to AI to secure computer networks against cyber attacks

  Prudential, the UK’s largest listed insurer, is turning to artificial intelligence to protect its computer networks in the US, Asia and Africa from malware hackers and internal threats

• March 17, 2020 17 Mar'20

  Travelex under threat as insolvency risk, hacking costs and coronavirus take their toll

  Foreign exchange group’s future remains uncertain as its parent company, Finablr, prepares for potential insolvency

• March 17, 2020 17 Mar'20

  UN identifies tech companies working in Occupied Palestinian Territories

  United Nations Human Rights Office report names a number of technology companies that could be involved in violating human rights

• March 17, 2020 17 Mar'20

  UK makes its case for post-Brexit data adequacy decision

  Government sets out an explanatory framework as it seeks adequacy decisions from the European Commission to maintain the free flow of personal data between the European Union, the UK and Gibraltar

• March 13, 2020 13 Mar'20

  Equality watchdog calls on police to stop using facial recognition

  Equalities and Human Rights Commission says use of automatic facial recognition and predictive algorithms by police is discriminatory, stifles freedom of expression and lacks a proper legislative framework

• March 11, 2020 11 Mar'20

  Cross-regulator taskforce on digital economy announced in 2020 Budget

  UK regulators will join forces to look at how the potential regulation of the digital platforms and advertising markets would work

• March 11, 2020 11 Mar'20

  Microsoft fixes 26 critical vulnerabilities in another heavy Patch Tuesday

  March’s Patch Tuesday is another big one for Microsoft, addressing 115 vulnerabilities, 26 of them critical

• March 10, 2020 10 Mar'20

  Inside Oracle’s cloud strategy

  Oracle may be late to the cloud infrastructure and platform game, but it believes it has what it takes to carve out a bigger slice of the Asia-Pacific’s cloud market

• March 09, 2020 09 Mar'20

  Bill Gates backs Crest fintech security scheme for Africa and Asia

  UK-based cyber security accreditation and certification non-profit Crest has been awarded a $1.4m grant from the Bill and Melinda Gates Foundation to expand cyber security capacity for fintechs in Africa and Asia

• March 06, 2020 06 Mar'20

  Virgin Media confirms 'misconfigured database' left personal data of 900,000 people exposed

  Telco provider Virgin Media confirms 'data incident' that left personal details of 900,000 people exposed, but denies its systems were hacked or that it suffered a data breach

• March 05, 2020 05 Mar'20

  Cathay Pacific hit with £500,000 data protection fine from ICO over 2018 breach

  Airline receives maximum financial penalty under Data Protection Act for data breach that led to nine million customers having their personal data accessed by hackers

• March 04, 2020 04 Mar'20

  Australian government pulls plug on cloud certification programme

  The Australian Signals Directorate is closing its cloud services certification programme to allow for more home-grown suppliers

• March 03, 2020 03 Mar'20

  Singapore among world’s top sources of online threats

  Singapore remained a hotspot for originating cyber attacks in 2019, with 11 million attacks launched from servers in the city-state

• March 01, 2020 01 Mar'20

  Data breaches in Australia showing no signs of abating

  Compromised login credentials and human error were the most common causes of data breaches reported under Australia’s notifiable data breach regime from July to December 2019

• February 27, 2020 27 Feb'20

  Clearview hack fuels debate over facial recognition

  Customers of Clearview AI, a controversial startup that scrapes and sells billions of photos of people from social media to police forces, have found themselves at the centre of a major data breach

• February 26, 2020 26 Feb'20

  FCA data breach could happen to anybody, but easy to avoid

  Minor data breach at the Financial Conduct Authority was the result of simple human error, and highlights the need for organisations to consider a wide range of potential threats

• February 26, 2020 26 Feb'20

  Met Police chief backs legislative framework for police tech

  Met Police commissioner has called for legislative framework to govern police use of new technologies, while defending the decision to use live facial recognition technology operationally without it

• February 25, 2020 25 Feb'20

  Google warns users not to mess with Huawei devices

  Google tells users of Huawei devices to try to avoid bypassing controls preventing them from loading its apps

• February 25, 2020 25 Feb'20

  Cloud data leaks compounded by lack of automation tools

  Data leaks caused by misconfigured clouds are being compounded because security teams lack appropriate automation and integration tools, according to a report

• February 24, 2020 24 Feb'20

  Thai university to roll out data protection certification

  Thailand’s National Institute of Development Administration is offering a certification programme to get organisations ready for the country’s data protection regime

• February 24, 2020 24 Feb'20

  Assange extradition is a politically motivated ‘abuse of power’, court hears

  US government’s attempt to extradite WikiLeaks founder Julian Assange to face espionage charges in the US is politically motivated and an abuse of process, court told

• February 19, 2020 19 Feb'20

  Blasé directors put business data at risk

  The higher up within a business you go, the more likely you are to find people intentionally leaking confidential data, says Egress

• February 18, 2020 18 Feb'20

  Most CISOs ready to move jobs if something better comes along

  The shortage of skilled security pros is creating an active recruitment market, with over 80% of CISOs saying they would consider a new role if approached

• February 18, 2020 18 Feb'20

  Veeam Availability Suite v10 adds NAS backup and cloud tiering

  Availability Suite is mostly about consolidating the company’s data management platform idea, but it has added incremental forever NAS backup, cloud tiering and recovery to vSphere

• February 17, 2020 17 Feb'20

  Mastercard opens European security resilience unit

  Mastercard’s European Cyber Resilience Centre will bring together its partners and other industry bodies to support enterprise resilience

• February 14, 2020 14 Feb'20

  PM Johnson shuffles technology and digital ministers again

  Boris Johnson has changed all the key Cabinet appointments responsible for tech and digital policy for the second time since becoming prime minister last year

• February 11, 2020 11 Feb'20

  MI5 failed to disclose failings in handling intercepted data, court hears

  MI5 failed to disclose serious failures in the way it handled intelligence data to the Investigatory Powers Tribunal, the surveillance regulator and ministers.

• February 11, 2020 11 Feb'20

  Tencent Cloud gains multi-tier cloud security certification

  China's Tencent Cloud joins major cloud suppliers in securing tier three of Singapore’s Multi-Tier Cloud Security standard in a bid to grow its presence in Asia

• February 10, 2020 10 Feb'20

  Police use of facial recognition ‘unjustifiable’, says Scottish Justice Committee

  Members of the Scottish Parliament have said police use of live facial recognition technology is “not fit for purpose”

• February 10, 2020 10 Feb'20

  What should be in Australia’s next cyber security strategy

  The Australian government is reviewing the nation’s cyber security strategy, but is it looking at the right issues?

• February 10, 2020 10 Feb'20

  Norway braces for possible China backlash over 5G loss

  Norway fears trading relationship with China will suffer as a result of Huawei losing 5G contract to Ericsson

• February 06, 2020 06 Feb'20

  Stressed, overworked CISOs losing £23k a year in unpaid overtime

  Nominet’s latest CISO Stress Report has revealed the extent to which organisations are taking advantage of their security staff, and the deleterious effects of overwork and stress on mental health

• February 04, 2020 04 Feb'20

  Social media targeting algorithms need regulation, says CDEI

  The Centre for Data Ethics and Innovation is recommending regulation of social media algorithms as part of a drive to make user targeting safe and ethical

• February 04, 2020 04 Feb'20

  MI5 faces court ruling over unlawful surveillance warrants

  Privacy groups Liberty and Privacy International ask the Investigatory Powers Tribunal to order MI5 to disclose full details of ‘unlawful’ conduct, after classified documents reveal the spy agency failed to comply with surveillance laws

• February 03, 2020 03 Feb'20

  NHS adds supplier security audits to procurement platform

  A new feature in the NHS’s Edge4Health procurement platform will help NHS suppliers improve their cyber security posture and NHS organisations make better buying decisions

• January 31, 2020 31 Jan'20

  Davos: The clock is ticking on climate change but cyber crime and emerging technologies add to risks

  Climate change, natural disasters, extreme weather and loss of biodiversity are the greatest risks we face. With cyber conflicts, state-sponsored hacking and internet fragmentation, doing nothing is not an option, says the World Economic Forum

• January 30, 2020 30 Jan'20

  NCSC launches study on cyber security diversity

  The UK’s National Cyber Security Centre wants to improve the diversity of the cyber security sector

• January 30, 2020 30 Jan'20

  Avast cans data harvesting subsidiary after outcry

  Avast will close its Jumpshot big data unit following repeated allegations of inappropriate handling of customer data

• January 29, 2020 29 Jan'20

  UK cyber security sector worth more than £8bn

  The UK’s cyber security industry employs 43,000 full-time workers, and contributed nearly £4bn to the UK economy in 2019, according to DCMS

• January 29, 2020 29 Jan'20

  NHS suffers fewer ransomware attacks, but threat persists

  Ransomware attacks against the NHS have tapered off dramatically, according to statistics obtained under FoI legislation, but this does not mean the threat has diminished

• January 28, 2020 28 Jan'20

  Data privacy benefits outweigh spend, says Cisco

  Cisco’s 2020 data privacy study shows organisations can generate substantial returns on their data privacy and protection spending

• January 27, 2020 27 Jan'20

  Interpol uncovers cyber crime operation in Indonesia

  An Interpol-coordinated cyber operation leads to the arrest of three people in Indonesia who allegedly used a JavaScript-sniffer malware to steal payment card details of online shoppers

• January 27, 2020 27 Jan'20

  Met Police to launch facial recognition operationally

  Despite the continuing controversy around its use, the Metropolitan Police will be deploying live facial recognition across the capital

• January 27, 2020 27 Jan'20

  SANS Institute calls on Manchester security pros

  Manchester will play host to a week-long cyber security training event during February

• January 24, 2020 24 Jan'20

  Cyber gangsters publish staff passwords following ‘Sodinokibi’ attack on car parts group Gedia

  Sodinokibi hacking group steps up pressure on German automotive manufacturer by publishing information, including the CEO’s computer password and sensitive details of its IT systems, on the internet

• January 23, 2020 23 Jan'20

  Seven projects funded to explore CAV security

  The winners of the Cyber Securities Feasibility Studies contest, exploring cyber security for self-driving cars, have been revealed

• January 23, 2020 23 Jan'20

  End-user security ignorance laid bare in new report

  Proofpoint’s 2020 State of the Phish report highlights an urgent need for better user training and reporting

• January 22, 2020 22 Jan'20

  Computer Misuse Act ‘crying out for reform’

  Group of campaigners says the Computer Misuse Act of 1990 risks criminalising cyber security professionals and needs reforming

• January 22, 2020 22 Jan'20

  ICO code sets out digital privacy standards for children

  The Information Commissioner’s Office has published its Age Appropriate Design Code, a set of 15 standards that online platforms must meet to protect the privacy of younger users

• January 21, 2020 21 Jan'20

  Singapore updates model AI governance framework

  Second edition of Singapore’s artificial intelligence governance framework includes new guidance, use cases and a self-assessment guide

• January 21, 2020 21 Jan'20

  5G builders test vulnerabilities in Finnish hackathon

  University hackathon puts 5G security to the test as new wireless technology’s roll-out nears

• January 21, 2020 21 Jan'20

  High-street banks face disruption three weeks after Travelex hack

  Foreign exchange services still disrupted, three weeks after Travelex received a $6m ransom demand from cyber gangsters

• January 20, 2020 20 Jan'20

  GDPR nets more than €100m in fines, with more to come

  Fines totalling €114m have already been collected under GDPR, and this figure will spike in 2020 if the UK regulator succeeds in imposing record fines on BA and Marriott

• January 17, 2020 17 Jan'20

  CAA debuts aviation cyber security assurance scheme

  Civil Aviation Authority and Crest announce the first companies to be accredited under the CAA’s new cyber security oversight scheme, Assure

• January 16, 2020 16 Jan'20

  UK’s phone and internet bulk data surveillance unlawful, says EU court opinion

  The Advocate General of the European Court of Justice issues legal opinions finding that the UK, French and Belgian bulk surveillance regimes are unlawful

• January 16, 2020 16 Jan'20

  Thailand gets ready for data protection law

  Thailand’s personal data protection law comes into effect in May 2020, subjecting organisations to new rules that safeguard the personal data of individuals

• January 15, 2020 15 Jan'20

  LGBTQ+ social app Grindr accused of breaching GDPR

  Norwegian Consumer Council files complaints about LGBTQ+ social networking app, alleging it is in breach of the General Data Protection Regulation

• January 15, 2020 15 Jan'20

  Threat landscape grew in complexity in 2019, no respite in sight

  Check Point’s annual state of security report shares some 2019 trends and looks ahead to 2020

• January 14, 2020 14 Jan'20

  Two-thirds of UK healthcare organisations breached last year

  The majority of healthcare organisations in the UK experienced a cyber security incident during 2019, with almost half the result of viruses and malware introduced on third party devices

• January 14, 2020 14 Jan'20

  Turn the end of Windows 7 support into a security advantage

  CISOs can take advantage of the end of support for Microsoft Windows 7 by making the case for more investment in cyber security

• January 09, 2020 09 Jan'20

  Travelex hackers threaten to sell credit card data on dark web

  Sodinokibi cyber gangsters have threatened to sell Travelex customers’ private data on a Russian underground cyber crime forum if it fails to pay a $6m ransom