News
Regulatory compliance and standard requirements
-
March 21, 2024
21
Mar'24
US sues Apple, alleging smartphone monopoly
A major legal action against Apple over its dominance of the smartphone market has kicked off in the US, alleging anticompetitive practices on Apple’s part that have damaged the sector and restricted consumer choice
-
March 21, 2024
21
Mar'24
NCSC guidance to help CEOs work through cyber incidents
The NCSC has published in-depth guidance on how business leaders should respond to a cyber attack or data breach. Learn about some of the key steps you will need to follow
-
March 20, 2024
20
Mar'24
UK’s cyber resilience stagnates as more fall victim to attacks
The government is calling on businesses to ramp up their cyber protections as study shows improvements to resilience are stagnating amid an ever-growing volume of attacks
-
March 19, 2024
19
Mar'24
Australia’s cyber security spending to grow 11.5% this year
Highly publicised cyber attacks and growing regulatory obligations are keeping security and risk top of mind for Australian organisations this year, says Gartner
-
March 18, 2024
18
Mar'24
The Security Interviews: Alex Yampolskiy, SecurityScorecard
Alex Yampolskiy conceived the idea for risk management specialist SecurityScorecard after getting stung by a SaaS supplier that was being cavalier with its customer data. He tells his story to Computer Weekly
-
March 18, 2024
18
Mar'24
Cohesity: We won’t abandon NetBackup customers or force migration
CEO promises no forced migration to Cohesity and not to abandon any NetBackup product while building new leadership in artificial intelligence and security around Cohesity Gaia
-
March 17, 2024
17
Mar'24
UK’s AI ambitions pointless while cyber security is still neglected
The UK’s AI ambitions may be at considerable risk without stronger cyber defences across the private and public sectors
-
March 15, 2024
15
Mar'24
London Mayor’s Office reprimanded over data breach
The London Mayor’s Office has been reprimanded by the ICO after an internal error exposed the data of people who had made complaints against the Metropolitan Police
-
March 14, 2024
14
Mar'24
Questions raised over NHS deletion of thousands of emails during whistleblower tribunal
NHS doctor Chris Day has won the right to challenge a tribunal ruling that found no procedural unfairness when an NHS trust deleted thousands of emails. The case that raises wider questions about the use of electronic evidence
-
March 13, 2024
13
Mar'24
British Library opens up over ransomware attack to help others
The British Library has opted for full transparency after experiencing a devastating ransomware attack, publishing details of the intrusion, its response and the lessons it has learned
-
March 11, 2024
11
Mar'24
Government not facing up to CNI cyber risks, committee warns
The Joint Committee on the National Security Strategy has accused the government of burying its head in the sand over the cyber threat to UK critical infrastructure
-
March 08, 2024
08
Mar'24
OSS leaders detail commitments to bolster software security
CISA has announced a number of actions to help secure the global open source ecosystem, as leading package repositories including the Python and Rust foundations advance their own initiatives
-
March 07, 2024
07
Mar'24
PSNI chief denies ‘industrial’ use of surveillance powers against journalists
PSNI chief constable Jon Boutcher has agreed to provide a report on police surveillance of journalists and lawyers to Northern Ireland’s policing watchdog
-
March 07, 2024
07
Mar'24
NI Policing Board pressed to open inquiry into PSNI spying on journalists’ phones
Amnesty International and the Committee on the Administration of Justice have asked Northern Ireland’s policing watchdog to open an inquiry into the Police Service of Northern Ireland’s use of surveillance powers against journalists
-
March 05, 2024
05
Mar'24
Rapid7 hits out over botched vulnerability disclosure
Software development firm JetBrains and security specialist Rapid7 fall out over the handling of a critical vulnerability disclosure, while customers are left rushing to patch
-
March 05, 2024
05
Mar'24
American Express customers exposed through third-party breach
US card giant warns customers that their personal details may have been exposed after a third party experienced a systems breach
-
March 05, 2024
05
Mar'24
Banning ransomware payments back on the agenda
The idea of banning ransomware payments to cyber criminals is back on the agenda, with former NCSC chief Ciaran Martin arguing that tougher measures need to be taken
-
March 04, 2024
04
Mar'24
The Security Interviews: Cyber security is about managing risk effectively
Effective cyber security must lead to cyber resilience – that is, the ability to anticipate, protect against, withstand and recover from any adverse condition, disruption or compromise, as Kyndryl’s security practice leader explains
-
February 29, 2024
29
Feb'24
Police arrested journalists as part of surveillance operation to identify confidential sources
Three police forces took part in surveillance operations between 2011 and 2018 to identify sources that leaked information to journalists Trevor Birney and Barry McCaffrey, the Investigatory Powers Tribunal hears
-
February 28, 2024
28
Feb'24
75% of third-party breaches target software, IT supply chains
Data drawn from SecurityScorecard’s telemetry reveals how supply chain breaches are becoming a weapon of choice for threat actors
-
February 28, 2024
28
Feb'24
Users love their cyber teams, but find them frustrating
Despite strong support for security teams, a good number of ordinary workers see them as obstructive to business goals, and would like to see them operate more transparently
-
February 27, 2024
27
Feb'24
VulnCheck bug listing to help track new threats quicker
Exploit intelligence firm VulnCheck launches a proprietary Known Exploited Vulnerabilities catalogue in hopes of improving end-user access to intel on emerging threats and reaching those that the likes of CISA do not
-
February 27, 2024
27
Feb'24
Hycu uses AI to develop APIs for SaaS application backup
SaaS applications don’t usually come with built-in data protection, but Hycu plans to tackle that gap in the market with AI to generate the connectors needed to backup user data
-
February 26, 2024
26
Feb'24
Storage and backup spend in 2024 targets risk and resilience
The TechTarget and ESG spending intentions survey finds big bias towards averting risk and building organisational resilience, but on-premise storage a significant planned outlay
-
February 21, 2024
21
Feb'24
Australian data breach report highlights supply chain risks
The OAIC has called for organisations to proactively address privacy risks from outsourcing personal information handling to third parties
-
February 21, 2024
21
Feb'24
How Indian fintechs can address compliance issues
Fintechs will need to bolster their know-your-customer practices and establish self-regulatory mechanisms, among other measures, to address compliance issues that have come under the spotlight
-
February 20, 2024
20
Feb'24
US extradition of Julian Assange is ‘state retaliation’ for exposing war crimes, court hears
Lawyers argue that the US extradition case against WikiLeaks founder Julian Assange is politically motivated and in is breach of the UK-US extradition treaty
-
February 20, 2024
20
Feb'24
Government agrees law to protect confidential journalistic material from state hacking
The government will update Investigatory Powers Act to require secret intelligence agencies to seek independent approval before accessing confidential journalistic material obtained by bulk hacking, but journalists remain vulnerable to other bulk ...
-
February 15, 2024
15
Feb'24
Security-by-design push prompts new ISC2 accreditations
Security-by-design has become a hot-button regulatory issue. ISC2 has decided now is the time to upskill cyber pros around these vital software and hardware development principles
-
February 14, 2024
14
Feb'24
Met Police to scrap and replace ‘racist’ Gangs Violence Matrix
A database used by the Metropolitan Police to identify and track people linked with gang violence is being decommissioned and replaced. The decision follows a long-running controversy over its discriminatory impacts on young black people, but ...
-
February 14, 2024
14
Feb'24
Security experts: Investigatory powers plans will delay security updates
Cyber security experts warn that government proposals to amend the Investigatory Powers Act will limit tech companies’ ability to respond to security threats and could hamper the use of end-to-end encryption
-
February 13, 2024
13
Feb'24
What will result from Cohesity’s Veritas acquisition?
The $7bn backup giant will leverage huge assets in enterprise customer base, compliance and governance intelligence, AI, R&D, and Kubernetes backup and storage
-
February 09, 2024
09
Feb'24
MoD ethical hacking programme expands after initial success
The Ministry of Defence has expanded the scope of its defensive security partnership with HackerOne
-
February 08, 2024
08
Feb'24
Executive alleged to be behind EncroChat encrypted phone network arrested
A businessman allegedly behind EncroChat, an encrypted phone network that was used by organised crime groups, has been extradited from the Dominican Republic to France
-
February 07, 2024
07
Feb'24
Dozens of surveillance companies are supplying spyware to governments, says Google
Google’s Threat Analysis Group has identified 40 companies involved in selling and supplying security exploits and spyware services to governments
-
February 07, 2024
07
Feb'24
South Staffs Water faces group action over Clop ransomware attack
South Staffordshire Plc, the parent company of South Staffordshire and Cambridge Water, is facing legal action from customers whose data was compromised in a 2022 Clop ransomware attack
-
February 06, 2024
06
Feb'24
UK’s McPartland Cyber Review to probe trust in technology
The UK government has launched a cyber security review that will investigate how best to give businesses the confidence they need to use new technologies
-
February 06, 2024
06
Feb'24
Inquiry to explore cyber risk to Sunak-Starmer showdown
The UK’s Joint Committee on National Security Strategy is opening an inquiry into securing the democratic process ahead of the next general election
-
February 06, 2024
06
Feb'24
UK and France push for international agreement on spyware
The UK and France are hosting diplomats, big tech companies and civil society groups, in a two-day conference in London targeting the proliferation of spyware tools and ‘hackers for hire’
-
February 05, 2024
05
Feb'24
Blackbaud blasted for failing to prevent customer breaches
A supply chain attack at software supplier Blackbaud in 2020 saw data on multiple UK organisations compromised. The US authorities are now taking steps to ensure it can’t happen again
-
February 05, 2024
05
Feb'24
US sanctions Iranians behind CNI cyber attacks
US government issues new sanctions against six Iranians suspected of being behind a series of cyber attacks targeting critical national infrastructure, notably water supply systems
-
January 30, 2024
30
Jan'24
We need backup! Pennsylvania police data loss shows why
Police evidence systems data was lost during ‘routine maintenance’, with human error blamed – the case clearly illustrates why data protection can’t be left to chance
-
January 26, 2024
26
Jan'24
GenAI tools ‘could not exist’ if firms are made to pay copyright
AI firm Anthropic hits out at copyright lawsuit filed by music publishers, claiming the content ingested into its models falls under ‘fair use’ and that any licensing regime would be too complex and costly
-
January 25, 2024
25
Jan'24
Bugcrowd sees surge in vulnerability submissions, led by public sector
Crowdsourced vulnerability disclosure and bug bounty platform Bugcrowd says it saw a 151% uptick in submissions related to government and public sector organisations in 2023
-
January 24, 2024
24
Jan'24
AI will heighten global ransomware threat, says NCSC
The benefits of artificial intelligence to cyber criminals being well-known, the NCSC now assesses it’s likely AI will soon be widely used to enhance ransomware attacks
-
January 23, 2024
23
Jan'24
Treat cyber risk like financial or legal issue, says UK government
UK government and NCSC launch proposed code of practice on cyber security governance to help directors and business leaders toughen their defences
-
January 23, 2024
23
Jan'24
SEC bitcoin hack was result of SIM-swapping
A cyber attack on the US financial regulator earlier in January 2024 occurred after hackers took over one of its mobile phone accounts in a so-called SIM-swapping attack
-
January 22, 2024
22
Jan'24
Chat control: Tech companies warn ministers over EU encryption plans
Tech companies have written to EU ministers to urge them to back the European Parliament, rather than the European Commission, over proposed regulations to police child abuse
-
January 19, 2024
19
Jan'24
ICO prompts confusion over police cloud legality
The UK data regulator has suggested that, despite major data protection concerns, it is likely to greenlight police cloud deployments because of an information-sharing agreement with the US government
-
January 18, 2024
18
Jan'24
Cyber non-profit enlists ex-NCSC head as technical chair
Founding NCSC chief exec Ciaran Martin is to join the newly launched Cyber Monitoring Centre non-profit as chair of its technical committee