News

Regulatory compliance and standard requirements

• August 25, 2020 25 Aug'20

  TikTok takes Trump to court

  Under-fire video app TikTok files a formal complaint in the federal courts challenging the Trump administration’s attempt to ban it in the US

• August 21, 2020 21 Aug'20

  TikTok’s GDPR compliance probed amid accusations of data misuse

  Dutch privacy organisation SOMI claims TikTok falls short in protecting young users, and that it is likely violating GDPR

• August 21, 2020 21 Aug'20

  MPs accuse ICO of failing to do its job on contact-tracing data

  Cross-party group of MPs say the ICO has failed to enforce data protection standards or hold the government to account over the unlawful Test and Trace programme

• August 21, 2020 21 Aug'20

  Australian regulator sues RI Advice for cyber security lapses

  The Australian Securities and Investments Commission is suing RI Advice for cyber security breaches at the financial firm’s authorised representatives

• August 20, 2020 20 Aug'20

  UKAS rejects ISO certification concerns

  UK’s certification body says refreshed guidance is in place to cover the possibility of lapsed ISO certifications

• August 20, 2020 20 Aug'20

  Social media data leak highlights murky world of data scraping

  A data brokerage left its database of 235 million Instagram, TikTok and YouTube profiles exposed to anybody who cared to access it

• August 19, 2020 19 Aug'20

  HMRC investigates over 10,000 Covid-19 phishing reports

  HM Revenue & Customs received thousands of reports of coronavirus phishing scams exploiting its name during April, May and June

• August 19, 2020 19 Aug'20

  Coronavirus: Thousands of ISO certifications set to lapse

  Delays and postponements in the auditing process are putting hard-earned security and data protection certifications at risk of lapsing

• August 19, 2020 19 Aug'20

  Marriott slapped with class action lawsuit over 2018 breach

  Group action brings together millions of victims who stayed at the Starwood hotel chain over a four-year period

• August 18, 2020 18 Aug'20

  Carnival cruise lines hit by ransomware, customer data stolen

  Cruise ship operator is likely to be the victim of a major data breach after customer information is apparently stolen in a ransomware attack

• August 18, 2020 18 Aug'20

  Reports Oracle to enter TikTok bidding war

  Oracle may be about to make a bid to acquire the US operations of TikTok from its Chinese parent ByteDance, according to the FT

• August 17, 2020 17 Aug'20

  The Security Interviews: How Crest is remaking the future of consultancy

  Crest president Ian Glover taught himself cyber security while working on government computing systems in the 1970s and 1980s. Now he is on a decade-spanning mission to change security consultancy models

• August 14, 2020 14 Aug'20

  ICO acknowledges GDPR concerns over A-level results scandal

  Information Commissioner’s Office says it has engaged with exams regulator Ofqual after its use of an algorithm to calculate A-level grades backfired

• August 14, 2020 14 Aug'20

  Oracle and Salesforce sued over online ad tracking

  Class action lawsuits filed in Amsterdam and London will accuse Oracle and Salesforce of breaching GDPR in their processing and sharing of personal data to sell online advertising

• August 13, 2020 13 Aug'20

  APAC consumers do not feel responsible for data security

  Just one in four consumers believe they should protect their own data, underscoring the tightrope between security and convenience that organisations have been walking on

• August 12, 2020 12 Aug'20

  EU and US start discussions on ‘enhanced’ Privacy Shield data-sharing agreement

  Talks begin on a successor to the Privacy Shield EU-US data-sharing agreement declared unlawful in July 2020 – a decision by the European Court of Justice that left thousands of businesses facing legal uncertainty

• August 12, 2020 12 Aug'20

  Police use of facial recognition found ‘unlawful’ in court

  In a landmark decision, the Court of Appeal has ruled that South Wales Police’s facial recognition deployments breached human rights and data protection laws

• August 11, 2020 11 Aug'20

  French data protection authorities to probe TikTok as suitors circle

  France’s CNIL has confirmed a new investigation into TikTok’s data protection practices

• August 11, 2020 11 Aug'20

  Hospitality sector is failing on contact-tracing obligations

  Cyber security experts urge the government to do more to help small hospitality businesses improve their contact-tracing data-handling practices

• August 07, 2020 07 Aug'20

  Data Standards Authority publishes guidance on government data sharing

  The Data Standards Authority (DSA) wants government departments to use new open data standards when sharing data, with the aim of improving public services

• August 07, 2020 07 Aug'20

  TikTok to be banned in US in 45 days

  Trump says his Executive Orders against Chinese mobile apps are in the interests of dealing with a national emergency

• August 06, 2020 06 Aug'20

  Australia updates cyber security strategy but offers little new

  The nation’s latest cyber security strategy includes centralised management of networks and a voluntary code of practice for deploying internet-connected devices, among other areas

• August 06, 2020 06 Aug'20

  Canon said to be latest Maze ransomware victim

  Canon may have had up to 10TB of its data exfiltrated by the Maze ransomware gang

• August 05, 2020 05 Aug'20

  Seven questions you need to ask when buying security insurance

  Find out what you need to ask to make an informed decision on cyber security insurance with new help from the UK’s NCSC

• August 05, 2020 05 Aug'20

  Netherlands investigates innovative privacy technology SSI

  Dutch research organisation is looking into areas where self-sovereign identity technology could be used in society and business

• August 04, 2020 04 Aug'20

  Five signs you’re about to get hit with ransomware

  A series of Sophos reports on the ransomware threat landscape shows how security professionals can sniff out a potential ransomware attack before it happens

• August 04, 2020 04 Aug'20

  Liam Fox hack raises questions over government security

  The hack of a former cabinet minister’s emails casts doubt over the effectiveness of safeguards and security training processes at the highest levels of the British government

• August 04, 2020 04 Aug'20

  New foundation to bolster security of open source software

  The Open Source Security Foundation will bring together key open source security initiatives across the industry to improve and support the security of open source software

• August 03, 2020 03 Aug'20

  Estonian police and border services need better IT to block criminals from becoming e-residents

  Police and Border Guard Board of Estonia needs to improve its IT systems to stop criminals from becoming e-residents, says report

• August 03, 2020 03 Aug'20

  Microsoft offers way out of TikTok impasse

  Microsoft offers to buy TikTok from its Chinese parent to ease security fears in the US

• August 02, 2020 02 Aug'20

  More data breaches from ransomware attacks in Australia

  The number of data breaches caused by ransomware rose to 33 in the first half of 2020 from 13 in the previous six-month period, according to the latest report from the Office of the Australian Information Commissioner

• July 31, 2020 31 Jul'20

  Labour Party is latest victim of Blackbaud ransomware attack

  Widening Blackbaud data breach ensnares the Labour Party as the cloud software firm continues to duck questions about its behaviour

• July 31, 2020 31 Jul'20

  US lawmakers grill big tech chiefs over market power

  Sixth antitrust hearing sees CEOs of major technology companies face combative questioning from members of Congress over their market power and dominance

• July 31, 2020 31 Jul'20

  EU sanctions China and Russia over cyber attacks

  The EU is applying restrictive measure to six individuals and three entities accused of conducting disruptive cyber attacks in Europe, including the Russian GRU

• July 30, 2020 30 Jul'20

  List of Blackbaud breach victims tops 120

  More than 120 education and third-sector organisations may have had their data compromised through the breach of Blackbaud’s cloud platform

• July 29, 2020 29 Jul'20

  Bank of Ireland fined for six-year-old IT breach

  Bank of Ireland fined by regulator for its failings to prevent fraud six years ago

• July 29, 2020 29 Jul'20

  Campaigners urge government to resist big tech lobbying pressure

  Lobbyists for big tech, supported by senior US politicians, have rallied against stricter regulation of technology companies, and threatened the US-UK trade deal unless Britain scraps plans to levy a digital services tax

• July 29, 2020 29 Jul'20

  Schrems steps up pressure on Irish data protection commissioner on Facebook’s data sharing with US

  Austrian lawyer is considering ‘other’ options if the Irish data protection commissioner does not make a decision by October on his seven-year-old complaint against Facebook

• July 28, 2020 28 Jul'20

  De Montfort, KCL, Newcastle universities join list of Blackbaud victims

  Embattled cloud services provider now has big questions to answer over its handling of data belonging to UK universities and charities

• July 28, 2020 28 Jul'20

  NCSC names national security expert Lindy Cameron as new CEO

  New National Cyber Security Centre head joins from the Northern Ireland Office and has spent 20 years in government at home and abroad

• July 28, 2020 28 Jul'20

  NCSC inducts six security startups to Cyber Accelerator

  10-week programme will guide some of the UK’s most innovative security startups as they scale their businesses for future growth

• July 27, 2020 27 Jul'20

  MI6 apologises after attempt to interfere with intelligence court

  The UK Secret Intelligence Service, MI6, has apologised after attempting to persuade the secretary of Britain’s most secret court to withhold documents from senior judges in a case about crimes by undercover agents

• July 26, 2020 26 Jul'20

  Australia issues new cloud computing guidelines

  The new guidance, which comes after the expiry of the government’s cloud services certification programme, will help to bolster Australia’s cyber security resilience

• July 23, 2020 23 Jul'20

  Post-Privacy Shield, what chance for a Brexit data adequacy deal?

  The striking down of Privacy Shield has been hailed as a victory for digital rights and privacy campaign groups, but it will have consequences that go beyond transatlantic data transfers

• July 21, 2020 21 Jul'20

  Coronavirus: Government drags its feet on online misinformation

  Online misinformation about Covid-19 continues to spread unchecked, according to a DCMS committee report which has accused the government of dragging its feet over online harms

• July 21, 2020 21 Jul'20

  Russia Report reveals long-running cyber warfare campaign against UK

  Russia has been hacking the UK for years and the British government has also known about it for years, according to the Intelligence and Security Committee’s report

• July 21, 2020 21 Jul'20

  Australian industry panel calls for ‘clear consequences’ of cyber attacks

  A government-appointed panel recommends strong deterrence and other measures to be implemented in Australia’s next cyber security strategy

• July 20, 2020 20 Jul'20

  ICO hails transformative year as average fine trebles

  Information Commissioner’s Office annual report reflects on a busy period, during which it levied two of the largest fines so far seen under the GDPR

• July 16, 2020 16 Jul'20

  Schrems v Facebook: European court strikes down EU-US Privacy Shield agreement

  The European Court of Justice has struck down Privacy Shield, the EU-US data-sharing agreement, creating uncertainty for European countries that share data with the US and pressuring the US to reform surveillance laws

• July 16, 2020 16 Jul'20

  Coronavirus shines spotlight on cyber security

  Programme committee chair of this year's RSA Conference Asia-Pacific and Japan talks up the challenges that IT security professionals in APAC are facing to mitigate security risks amid the Covid-19 pandemic

• July 15, 2020 15 Jul'20

  Government proposes IoT security enforcement body

  The government is today publishing new proposals concerning planned legislation that will protect users of smart IoT devices from cyber criminals

• July 15, 2020 15 Jul'20

  Singapore’s Project Ubin hits commercialisation milestone

  A blockchain payments network prototype spearheaded by Singapore’s central bank and its partners could speed up and lower the cost of cross-border payments

• July 14, 2020 14 Jul'20

  European court to decide legality of EU-US data sharing in dispute between Schrems and Facebook

  A ruling by the European Court of Justice will have ramifications for hundreds of thousands of companies that share data with the US. The case aims to balance US surveillance laws with the rights of EU citizens to keep their data private

• July 14, 2020 14 Jul'20

  Recon vulnerability puts thousands of SAP customers at risk

  Users of multiple SAP products including S4/HANA should apply the security update as soon as possible to protect their systems

• July 14, 2020 14 Jul'20

  Australian enterprises facing more cyber attacks

  The volume of cyber attacks in Australia jumped from 90% in October 2019 and 81% in February 2019, underscoring the worsening threat landscape in the country

• July 09, 2020 09 Jul'20

  Tencent Cloud teams up with ADBC on banking services

  Singapore’s Asia Digital Bank Corporation could leverage Tencent Cloud’s financial cloud platform to provide banking services to small businesses

• July 08, 2020 08 Jul'20

  Oracle ups ante in cloud wars with dedicated customer regions

  Oracle’s Dedicated Region Cloud at Customer will let enterprises run an entire cloud region in their own datacentres in a potentially game-changing move

• July 07, 2020 07 Jul'20

  MSP Xchanging attacked in ransomware incident

  Specialist managed services provider is restoring customer access to systems after an unspecified ransomware incident

• July 07, 2020 07 Jul'20

  Australian government foreshadows ‘sovereign data’ classification

  The Australian government will examine if certain government datasets should be declared sovereign and only be hosted in the country

• July 06, 2020 06 Jul'20

  Need to secure industrial IoT more acute than ever

  A report from the Lloyd’s Register Foundation is calling for urgent action to secure industrial infrastructure, as the IoT leaves it increasingly exposed

• July 02, 2020 02 Jul'20

  Police secrecy over ‘IMSI-catcher’ mass surveillance of mobile phones

  Following a tribunal ruling, constabularies in England and Wales can refuse to confirm or deny whether they use mass surveillance devices, known as IMSI-catchers to monitor people’s location, phone calls and text messages

• July 01, 2020 01 Jul'20

  UK’s unsung cyber security heroes sought

  Nominations have opened for the fifth annual Security Serious Unsung Heroes Awards

• July 01, 2020 01 Jul'20

  Remote workers more aware of security, but still flout the rules

  Almost three-quarters of remote workers reckon they have gained in cyber security awareness during lockdown, but don’t seem to be especially bothered about keeping themselves safe

• June 30, 2020 30 Jun'20

  Australia to invest a record A$1.35bn in cyber security

  The Australian government is making its largest ever investment in cyber security over the next decade to identify cyber threats, disrupt foreign cyber criminals and build new capabilities

• June 30, 2020 30 Jun'20

  The Security Interviews: What CISOs can learn from Covid-19

  Mike Lloyd, CTO at Redseal, holds 21 cyber security patents and a PhD in stochastic epidemic modelling from Heriot-Watt University in Edinburgh, so is probably the man to talk to when it comes to cyber security in the world of Covid-19

• June 29, 2020 29 Jun'20

  Making the case for cloud-based security

  Cloud-based security tools can hasten threat detection and response, but adoption will depend on where an enterprise is on the cloud readiness scale

• June 29, 2020 29 Jun'20

  Out of date security laws leave UK plc at risk during pandemic

  The CyberUp coalition has written to Boris Johnson to urge him to reform the UK’s 30 year-old cyber crime laws

• June 29, 2020 29 Jun'20

  Airports deploy thermal cameras to control Covid-19, science suggests it’s merely ‘safety theatre’

  UK airports are rolling out thermal surveillance cameras to identify people who may have coronavirus, but science says the technology is ineffective at detecting and preventing the spread of the disease

• June 25, 2020 25 Jun'20

  CBI: Digital economy needs joined-up regulations and gigabit broadband

  The coronavirus pandemic has shown the need for fast, reliable networking across the UK. The CBI is urging the government to do more

• June 25, 2020 25 Jun'20

  Veeam bullish on growth in APAC

  Veeam’s top executive in Asia-Pacific expects the company’s growth momentum in the region to continue despite the Covid-19 pandemic, and is setting sights on growth areas such as container backups

• June 24, 2020 24 Jun'20

  EU judges GDPR an overall success, but changes still needed

  Two years after its implementation, an EU report says that the GDPR is achieving what it set out to do, with a few reservations

• June 24, 2020 24 Jun'20

  Political parties harvest personal data to create profiles on voters, most of it wrong

  The UK’s three main political parties are collecting personal data on voters, but much of it is wrong and its use may fall foul of data protection laws

• June 19, 2020 19 Jun'20

  Facebook allows US users to disable political ads

  Users of the social media platform will soon be able to opt out of seeing politically motivated posts

• June 18, 2020 18 Jun'20

  US pulls out of talks with Europe for global digital tax

  Despite the US’s resistance to an international digital services tax, the UK and other European countries plan to continue pushing for a global solution to taxing technology giants

• June 18, 2020 18 Jun'20

  Data protection watchdog calls for controls on police mobile phone stop-and-searches

  Information commissioner wants new safeguards on the use of police powers to download sensitive personal data from the mobile phones of suspects and crime victims

• June 18, 2020 18 Jun'20

  Zoom U-turns on end-to-end encryption

  Embattled video-conferencing provider Zoom backtracks on previous refusals to provide end-to-end encryption to free users

• June 17, 2020 17 Jun'20

  Amnesty identifies most privacy-invasive Covid-19 contact-tracing apps

  Bahrain’s ‘BeAware Bahrain’, Kuwait’s ‘Shlonik’ and Norway’s ‘Smittestopp’ are the most privacy-invasive contact-tracing apps, reveals Amnesty International study

• June 17, 2020 17 Jun'20

  Coronavirus: 50% of security pros had no pandemic contingency plan

  A survey of security professionals conducted on behalf of Bitdefender reveals the lack of forward planning for events such as the Covid-19 coronavirus pandemic

• June 17, 2020 17 Jun'20

  Malaysia’s telco industry on edge amid new developments, appointments

  Spotlight trained on newly appointed key regulatory personnel that could see a change in Malaysia’s telco policy, including a deferment of 5G roll-out

• June 17, 2020 17 Jun'20

  Macquarie eyes government contracts with new Canberra datacentre

  New Macquarie datacentre in the Australian capital designed to achieve Tier 4 datacentre standards will deliver 1.5MW of capacity by December 2020

• June 16, 2020 16 Jun'20

  UK-US data deal puts Brexit data adequacy pact at risk

  European Data Protection Board writes to MEPs saying the UK is at risk of failing to strike a post-Brexit data adequacy accord if its data protection agreements with the US don’t strike the right note

• June 12, 2020 12 Jun'20

  Hospital uses thermal surveillance cameras to protect patients against second wave of Covid-19

  A North Midlands NHS trust claims to be the first NHS trust to deploy thermal surveillance cameras to protect patients and staff against the coronavirus

• June 10, 2020 10 Jun'20

  Nasty surprises lurking in furloughed employees’ inboxes

  Research conducted by KnowBe4 points to a looming email security problem as furloughed employees head back to work

• June 10, 2020 10 Jun'20

  How Australian firms can defend against supply chain attacks

  Supply chain security risks can wreak havoc if measures are not taken to deter cyber attackers from exploiting a supplier’s security gaps to target another firm

• June 04, 2020 04 Jun'20

  The Security Interviews: How the BSI protects the IoT from itself

  David Mudd of the BSI reveals how a pragmatic and realistic approach to security vulnerabilities underpins its internet of things kitemark, helping give users the confidence to buy smart devices safely

• June 04, 2020 04 Jun'20

  Malaysian minister backtracks on spectrum allocation decision

  Amid reports of a surreptitious decision to allocate spectrum to five Malaysian operators, the communications minister rescinds his own order, calling for a more transparent review of the allocation process

• June 02, 2020 02 Jun'20

  NIS security regulations proving effective, but more work to do

  The UK’s NIS cyber security and risk regulations are proving somewhat effective, according to a government report

• May 29, 2020 29 May'20

  Government launches IoT security funding round

  A £400,000 funding pot is on offer for innovators to design schemes that boost internet-of-things security

• May 29, 2020 29 May'20

  Singapore’s contact-tracing app tops privacy study

  Singapore’s TraceTogether is least intrusive in terms of privacy communications compared with similar apps in the region, study finds

• May 28, 2020 28 May'20

  Public Health England to keep contact-tracing data for 20 years

  PHE will retain the data it collects via the NHS Test and Trace programme for 20 years

• May 27, 2020 27 May'20

  Revealed: Surveillance camera network that covered Dominic Cummings’ lockdown travel

  A network of automatic number plate recognition and local authority traffic cameras could help police track Downing Street chief of staff Dominic Cummings’ journeys to Durham and Barnard Castle during the Covid-19 lockdown

• May 26, 2020 26 May'20

  Max Schrems accuses Ireland of ‘Kafkaesque’ delay in Facebook GDPR investigation

  Privacy campaigner Max Schrems has urged the European Commission to intervene after the Irish Data Protection Commission allegedly used ‘Kafkaesque’ tactics to delay investigations into Facebook’s compliance with GDPR

• May 26, 2020 26 May'20

  The Security Interviews: Temper tantrums ahead as GDPR enters its terrible twos?

  On the General Data Protection Regulation’s second birthday, Tim Hickman, a data protection lawyer and partner at White & Case LLP, discusses the regulation’s teething troubles and assesses how best to maintain optimum compliance

• May 25, 2020 25 May'20

  Coronavirus: Australia calls for stronger defences amid cyber attacks

  The Australian Cyber Security Centre offers guidance for critical infrastructure operators to guard against cyber attacks which have already hit the healthcare sector

• May 22, 2020 22 May'20

  EasyJet to be sued over customer data breach

  If successful, airline’s potential liability for the loss of millions of customer records could be as high as £18bn

• May 22, 2020 22 May'20

  Hancock to Harman: No contact-tracing privacy law

  Health secretary claims existing data protection law is good enough to guarantee the security of contact-tracing data

• May 20, 2020 20 May'20

  NCSC discloses multiple vulnerabilities in contact-tracing app

  National Cyber Security Centre has received mountains of feedback on the security of the government’s Covid-19 contact-tracing app, and has now taken the step of making multiple disclosures

• May 20, 2020 20 May'20

  Responsible Cyber acquires Secucial in S$7m deal

  Singapore startup Responsible Cyber plans to bolster its Immune platform with access control management capabilities, and sets out to expand its global footprint

• May 19, 2020 19 May'20

  Cancelled NCSC CyberUK event gets green light for 2021

  The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales

• May 19, 2020 19 May'20

  GDPR wholly inappropriate to govern contact-tracing data

  Human Rights Committee Chair Harriet Harman says current data protection law is not up to the job of governing the data collected by the Covid-19 contact-tracing app