News

Regulatory compliance and standard requirements

• July 19, 2019 19 Jul'19

  Latest ICO fine highlights privacy due diligence

  A week after issuing the first serious GDPR fines, the ICO has further underlined the importance of data stewardship and due diligence regarding privacy practices

• July 19, 2019 19 Jul'19

  MPs warn of data adequacy hole in no-deal Brexit

  Transferring data to and from the EU will only be possible if an agreement is in place before the UK leaves. No deal means no data agreement

• July 18, 2019 18 Jul'19

  Free tool reveals the true cost of ‘free’ online services

  New data discovery portal developed by Finnish security firm F-Secure helps to uncover what Facebook, Amazon, Google and other tech giants know about consumers

• July 18, 2019 18 Jul'19

  Parliamentary committee calls for halt to facial recognition trials

  Issues with biometrics and forensics pose a significant risk to effective functioning of the criminal justice system, according to a report by the Science and Technology Committee

• July 17, 2019 17 Jul'19

  Most security pros still concerned about public cloud security

  Despite accelerated adoption of public cloud services by companies keen to benefit from increased efficiency, scalability and agility, most security professionals have reservations

• July 16, 2019 16 Jul'19

  NCSC calls out Microsoft over Dmarc reports

  The UK’s cyber security agency has called out Microsoft for seriously undermining global email security by failing to provide crucial reports from its email platforms

• July 16, 2019 16 Jul'19

  UN resolution ignores special rapporteur’s call for halt to spyware sales

  UN’s Human Rights Council adopts resolution to explore the impact of new and emerging digital technologies on human rights, but the text ignores a damning report by the council’s own expert on freedom of expression

• July 15, 2019 15 Jul'19

  Billion-dollar privacy penalties put CEOs on notice

  Facebook’s potential $5bn settlement with the FTC follows notifications of planned GDPR fines for British Airways and Marriott International, underlining the importance of data stewardship

• July 15, 2019 15 Jul'19

  UK public sector needs to prioritise mobile device security

  Only 10% of public service stolen and lost mobile are recovered, underlining the need for mobile-centric, zero-trust model to reduce the risk, says MobileIron

• July 12, 2019 12 Jul'19

  New FinSpy versions extend surveillance capabilities

  New versions of the FinSpy malware for iOS and Android smartphones have extended targeted surveillance capabilities, warn security researchers

• July 11, 2019 11 Jul'19

  Dutch privacy watchdog tells banks not to use customer payment data for marketing

  Autoriteit Persoonsgegevens tells banks to respect client privacy and not to market products based on spending data

• July 10, 2019 10 Jul'19

  Max Schrems not calling for SCCs to be invalidated

  The privacy activist at the centre of legal battle against Facebook is not calling for all standard contractual clauses to be invalidated, according to his non-profit privacy organisation

• July 10, 2019 10 Jul'19

  Demand for ICO help escalates in GDPR's first year

  The past year has seen increased demand across all support services offered by the UK’s privacy watchdog as new data protection laws went into force

• July 09, 2019 09 Jul'19

  Marriott International facing £99m GDPR fine

  Hotel group Marriott International is the second major company to be fined by the UK privacy watchdog for infringements of the GDPR

• July 09, 2019 09 Jul'19

  ICO issues warning about using facial recognition technology

  The UK privacy watchdog has ruled that any police force or private organisation using live facial recognition technology is processing personal data and needs to pay attention to data protection laws

• July 09, 2019 09 Jul'19

  European Court hears case on EU-US data transfers

  Facebook could be forced to rethink its legal position regarding transfers of data of EU citizens to the US, as the CJEU considers the validity of standard contractual clauses that many businesses rely on

• July 09, 2019 09 Jul'19

  Drone tech and the roar of Malaysia’s flying dragons

  Malaysia is ramping up initiatives to speed up the global growth of local technology champions in the drone tech sector

• July 08, 2019 08 Jul'19

  British Airways facing £183m GDPR fine

  British Airways is to appeal against a record fine for infringement of data protection rules for a breach of customer data in 2018

• July 04, 2019 04 Jul'19

  Security and privacy key to smart buildings and cities

  Security and privacy capabilities are essential for stakeholders if they are to realise the benefits of smart buildings and cities, says expert whitepaper

• July 04, 2019 04 Jul'19

  APAC experts weigh in on cyber security trends

  The onslaught of cyber attacks being reported each day has been a wake-up call, but experts say businesses need to be mindful of the limitations of certain security measures

• July 02, 2019 02 Jul'19

  UK consumers still concerned about personal data security

  Most UK consumers are still concerned about the security of their personal data, indicating that organisations need to do more to gain consumer trust, such as implementing biometric controls

• July 02, 2019 02 Jul'19

  Sweden’s Protective Security Act targets cyber risks

  IT suppliers must comply with tighter cyber security requirements, but are being offered help from government agencies

• July 02, 2019 02 Jul'19

  Few UK firms are cyber insured despite financial losses

  More than one-fifth of UK firms have been impacted financially by cyber attacks, yet potentially more than three-quarters of companies polled have never been insured for cyber-related losses

• July 01, 2019 01 Jul'19

  Huge jump in cyber incidents reported by finance sector

  The number of cyber incidents reported by financial services firms increased nearly 12-fold in 2018 from 2017, mainly due to third-party failures, highlighting several key areas that need improvement

• June 26, 2019 26 Jun'19

  Fido Alliance announces new standards

  Fido Alliance announces new identity verification and IoT initiatives to expand the reach and impact of Fido authentication, which seeks to eliminate the world’s dependence on password-based security

• June 26, 2019 26 Jun'19

  Commercial interests put customer security at risk, survey shows

  Firms are bypassing security to push products and services into the market, increasing security risks for the organisation and its customers, a poll of information security professionals shows

• June 26, 2019 26 Jun'19

  Singapore government forms digital industry office

  New office will help local tech firms grow their regional footprint and build new capabilities in order to thrive in APAC’s booming digital economy

• June 26, 2019 26 Jun'19

  UK cyber security progress stalled, says report

  UK firms rank cyber attacks as a top business issue, but are stalling in cyber security best practice, lagging behind top performers in India

• June 21, 2019 21 Jun'19

  UK takes world lead in surveillance camera security

  Although the UK is sometimes referred to as “the most surveilled country” in the world, it has taken the lead in setting minimum security requirements for surveillance cameras. But how will this make a difference internationally?

• June 21, 2019 21 Jun'19

  Surveillance camera czar calls for stronger UK code of practice

  Surveillance cameras are for supporting communities, not spying on them, but the UK needs stronger regulation and citizen engagement in this area, says surveillance camera commissioner

• June 18, 2019 18 Jun'19

  UK to host world’s first surveillance camera day

  The UK is to host the world’s first surveillance camera day to raise awareness about surveillance cameras and generate a debate about how they are used

• June 18, 2019 18 Jun'19

  Singapore faced fewer cyber threats in 2018

  Despite the fall in the number of common cyber threats last year, Singapore will continue to face advanced persistent threats, CSA warns

• June 17, 2019 17 Jun'19

  Inside F5’s cyber security playbook

  F5 Networks' CISO talks up measures that the application delivery and security specialist is employing to fend off cyber attackers that come knocking on its doors

• June 12, 2019 12 Jun'19

  Austrian Supreme Court green-lights GDPR case against Facebook

  A potential landmark case against Facebook for violating General Data Protection Regulation rights has been given the go-ahead by the Austrian Supreme Court

• June 11, 2019 11 Jun'19

  In a cyber data breach, preparation is key

  The importance of preparation was strongly emphasised at a breach response workshop hosted by DAC Beachcroft as part of London Tech Week

• June 11, 2019 11 Jun'19

  MP brands Huawei exec a ‘moral vacuum’ as operators demand 5G clarity

  Huawei chief security officer John Suffolk faces tough questions from parliament’s Science and Technology Select Committee over the firm’s links to the Chinese government

• June 07, 2019 07 Jun'19

  How ASEAN firms are using AI to combat cyber threats

  Artificial intelligence tools are becoming a vital part of the security arsenal for organisations and cyber criminals alike

• June 04, 2019 04 Jun'19

  Beware of security blind spots in encrypted traffic

  The growth of encrypted traffic has put the spotlight on intrusion prevention systems that help to surface cyber attacks conducted under the cloak of network encryption

• June 03, 2019 03 Jun'19

  Australia’s Notifiable Data Breaches scheme drives compliance but issues remain

  Australia’s data breach notification rules have largely been complied with, but some quarters are calling for more clarity on the reporting threshold and tougher action against errant firms

• May 31, 2019 31 May'19

  Facebook loses bid to halt European court decision on EU-US data sharing

  Irish Supreme Court dismisses attempt by Facebook to prevent the European Court of Justice considering the validity of US-EU data transfers, after Austrian lawyer Max Schrems argued that they put the privacy of EU citizens at risk

• May 31, 2019 31 May'19

  GCHQ urged to abandon plans to access encrypted chats

  Tech companies and security and policy experts are calling for more dialogue with GCHQ on encryption, urging it to ditch its proposal for eavesdropping on encrypted chats

• May 30, 2019 30 May'19

  2.3 billion business and consumer data files exposed online

  In the year since the GDPR compliance deadline, the number of data files exposed online without adequate protection is up more than 50% due to misconfigured security controls, report reveals

• May 29, 2019 29 May'19

  ICO to shortlist Sandbox applicants

  Privacy watchdog’s Sandbox service aims to help develop innovative and beneficial products and services that are privacy compliant

• May 28, 2019 28 May'19

  Many search engine users unaware of personal data collection

  Many users of online search engines are still unaware that data is being collected about them for personalised advertising, a study has revealed

• May 26, 2019 26 May'19

  Australian firms coming to grips with AI ethics

  Australian businesses are warming up to AI, but just two in five have standards and guidelines for AI ethics, a study finds

• May 24, 2019 24 May'19

  Just over half of UK firms don’t have a cyber resilience plan

  Many UK firms still lack cyber resilience and data protection capabilities covering email a year after the implementation of the GDPR aimed at improving personal data protection

• May 24, 2019 24 May'19

  GDPR: Are we there yet?

  A full year since the General Data Protection Regulation was implemented, there has not been the severe punitive action expected by many and personal data breaches continue to happen, leaving many wondering if any progress has been made

• May 24, 2019 24 May'19

  Effect of GDPR yet to be felt, says law firm Hogan Lovells

  Despite the fact that the GDPR has been in full effect for a year, the true effect of the regulation is yet to be felt and organisations should ensure they keep their eye on the ball, says leading privacy law firm

• May 24, 2019 24 May'19

  No real change a year into GDPR, says privacy expert

  A year after the GDPR compliance deadline, many organisations still have a lot of work to do to make real changes and shift focus away from fines to business value and gain, says PwC’s GDPR and data protection lead

• May 24, 2019 24 May'19

  SurveyMonkey opens Dublin datacentre region to court data-security conscious enterprises in Europe

  Online survey software provider SurveyMonkey is on a Europe-wide enterprise charm offensive, and is focusing on winning over CIOs with the offer to locally host their data within its European datacentre region

• May 23, 2019 23 May'19

  Arm China seeks solutions to US export controls with Huawei

  Chip design firm in communication with Huawei-owned semiconductor firm HiSilicon following US move to halt exports of US technology to Chinese tech giant

• May 23, 2019 23 May'19

  IBM’s investment in automation pays off in GDPR’s first year

  The first year of the EU’s General Data Protection Regulation has demonstrated the value of IBM’s investment in machine learning-based automation and the importance of having the right strategy and systems in place, according to the firm’s data ...

• May 22, 2019 22 May'19

  TalkTalk admits new failings in 2015 data breach notification

  TalkTalk’s failure to notify all those affected by its 2015 data breach highlights the importance of data visibility so that breach notifications are fast and accurate – a key requirement of the GDPR

• May 22, 2019 22 May'19

  Singapore proposes data portability provisions

  The Personal Data Protection Commission is seeking public feedback on proposed provisions that will let consumers move their personal data across organisations

• May 20, 2019 20 May'19

  GDPR an opportunity to improve data systems and processes

  A year after the official implementation of the GDPR, it is important to highlight the positive opportunities that compliance provides and the insights breach reports are providing, say Deloitte consultants

• May 20, 2019 20 May'19

  ICO to support GDPR certification schemes

  The UK data protection watchdog is accepting enquiries from organisations considering developing GDPR certification schemes, which the ICO says could help recipients achieve competitive advantage

• May 15, 2019 15 May'19

  Facebook engaged in ‘calculated’ campaign to eliminate competition, claims businessman

  A US businessman is seeking damages from Facebook after accusing the social media company of unfairly blocking “humorous” Facebook pages which generated hundreds of thousands of dollars in advertising revenue

• May 15, 2019 15 May'19

  Microsoft working to support decentralised identity

  Microsoft is among the big tech players aiming to help enable personalisation of products and services without putting privacy at risk

• May 14, 2019 14 May'19

  Electronic ID in the Nordics – a model for other countries?

  Use of electronic identity schemes in Sweden, Norway, Finland and Denmark is far ahead of other countries – but why?

• May 09, 2019 09 May'19

  Facebook co-founder: ‘It is time to break up Facebook’

  Co-founder of Facebook, Chris Hughes, has published an op-ed in The New York Times calling for Facebook to be broken up, as it faces investigations from the US Federal Trade Commission

• May 07, 2019 07 May'19

  HMRC begins deleting unlawful voice biometric data

  HM Revenue and Customs is to forge ahead with Voice ID despite beginning to delete the largest state-held voice biometric database gathered without consent after UK privacy and data protection watchdog issues order

• May 03, 2019 03 May'19

  Zero trust: A 21st century security model

  Traditional corporate security models date back to a time when there were fewer, lower-level threats, but a zero trust model is better suited to the 21st century, according to the originator of the idea

• April 29, 2019 29 Apr'19

  Privacy and data protection an opportunity, says entrepreneur

  Organisations should see data protection and privacy compliance as an opportunity to build trust with customers, according to startup One.Thing.Less

• April 26, 2019 26 Apr'19

  GDPR cases drive bigger budgets for Nordic regulators

  High-profile General Data Protection Regulation cases in Finland and Sweden have increased the workload for regulators, which are to receive an increase in funding

• April 25, 2019 25 Apr'19

  NCSC and ICO pledge to support data breach victims

  The UK’s cyber security agency and privacy watchdog have agreed to work together to improve support for data breach victims and enhance cyber guidance

• April 25, 2019 25 Apr'19

  European Union to create central biometrics database

  New rules will see the introduction of a repository of personal data from hundreds of millions of citizens to support law enforcement across member states

• April 17, 2019 17 Apr'19

  Morrisons to launch fresh appeal against breach liability ruling

  Supermarket chain Morrisons is to launch a second appeal against a High Court ruling that found it liable for a data leak by a former employee

• April 12, 2019 12 Apr'19

  Bounty UK fined £400,000 for sharing personal data unlawfully

  UK pregnancy and parenting club fined for “unprecedented” level of unauthorised sharing of personal data by operating as a data broking service

• April 11, 2019 11 Apr'19

  Most organisations still lack incident response plans

  Most companies lack incident response plans, others fail to test them and nearly half are not GDPR compliant, but some report improved security through automation, a study shows

• April 09, 2019 09 Apr'19

  UK councils team up to boost cyber security

  Three UK councils and data analysis firm Splunk have teamed up to improve cyber defence capabilities and maintain their security systems

• April 08, 2019 08 Apr'19

  GDPR at a critical stage, says information commissioner

  The ICO is calling on data protection officials to help kick off the next phase of the GDPR by embedding sound data governance at its annual conference, where another DPO was recognised for excellence

• April 08, 2019 08 Apr'19

  How APAC firms can tame the data beast

  Companies and data management experts across Asia-Pacific reveal how they are tackling data management challenges that have been compounded by growing cloud usage and compliance requirements

• April 05, 2019 05 Apr'19

  London council fined by the ICO for disclosing personal information held on Met Police Gangs Matrix

  The London Borough of Newham has been fined for disclosing the sensitive personal information of more than 200 individuals that police held information on

• April 05, 2019 05 Apr'19

  European firms see value in ‘known good’ approach to security

  European data protection regulations are driving enterprise interest in an approach to security being championed by virtualisation software maker VMware, says the company’s security lead

• April 04, 2019 04 Apr'19

  Third-party Facebook apps expose 540 million users’ details

  Researchers have discovered another trove of Facebook users’ details, showing there is still no control over data shared with third parties, potentially exposing Facebook to more regulatory and legal action

• April 03, 2019 03 Apr'19

  Government urges businesses and charities to up cyber security

  The UK government is urging businesses and charities to take action to prevent cyber attacks as the costs go up, despite an overall reduction in breaches, partly driven by new data protection laws

• April 01, 2019 01 Apr'19

  Black Hat Asia 2019: Get ready for the cyber arms race

  The arms race is now squarely in the cyber realm as defence teams and threat actors arm themselves with AI tools

• April 01, 2019 01 Apr'19

  Zuckerberg calls for new internet regulation

  Facebook chief calls for new internet regulation in four key areas to define clear responsibilities for people, companies and governments, including more GDPR-aligned data protection rules

• April 01, 2019 01 Apr'19

  Singapore government to review data security in public sector

  A high-level committee comprising ministers and private sector security experts will review data security practices and recommend measures to better protect citizens’ data

• March 29, 2019 29 Mar'19

  ICO kicks off sandbox beta to support innovation

  The UK’s privacy watchdog has launched the first phase of an initiative aimed at enhancing data protection while supporting business innovation

• March 27, 2019 27 Mar'19

  Mind the overlap between GDPR and ePD, warns privacy lawyer

  Organisations need to be aware of the overlaps between European data protection and privacy rules, and which takes precedence, a privacy lawyer warns

• March 25, 2019 25 Mar'19

  Mike Lynch heads to High Court to defend against HP allegations

  The UK’s biggest fraud case commences, with the former CEO of Autonomy, Mike Lynch, attempting to clear his name

• March 25, 2019 25 Mar'19

  Small businesses hit hardest by cyber crime costs

  Small businesses felt the biggest impact of the UK’s cyber crime bill in 2018, research shows

• March 22, 2019 22 Mar'19

  Facebook security policy and practices unfit, say infosec pros

  Confidence in Facebook’s ability to keep users’ data safe has once again been shaken by revelations of poor password protection practices, prompting calls for a security review

• March 22, 2019 22 Mar'19

  UK police should not deploy live facial recognition technology until issues are resolved, MPs told

  The Science and Technology Committee has heard from the information and biometrics commissioners about the flawed use of live facial recognition technology by UK police

• March 15, 2019 15 Mar'19

  Brexit complicating already complex data protection

  GDPR impact is yet to be felt and data protection is set to become increasingly complex, with Brexit adding even more complexity that could be overwhelming, warns head of international privacy association

• March 14, 2019 14 Mar'19

  National Cyber Security Programme at risk of missing targets

  The National Audit Office has sharply criticised the Cabinet Office over failings in how it set up the National Cyber Security Programme that mean it may struggle to meet its goals

• March 14, 2019 14 Mar'19

  Met Police collaborated with US prosecutors in WikiLeaks investigation

  The Metropolitan Police has confirmed it exchanged information on WikiLeaks staff in the UK with the US Department of Justice, which is conducting criminal investigations into the organisation

• March 13, 2019 13 Mar'19

  ICO pledges to support innovation

  UK data privacy watchdog is increasingly gearing up to support innovation to ensure developers of tech and digital services do not lose society’s trust

• March 09, 2019 09 Mar'19

  ICO data raises doubts over UK firms’ ability to manage breaches

  Most ICO data breach reports late and incomplete prior to full GDPR implementation, FoI request data reveals, raising doubts about breach prevention, detection and response capabilities

• March 07, 2019 07 Mar'19

  ICO head still in top three of DataIQ data leader list

  The UK’s information commissioner remains in the top three data leaders after claiming top spot in 2018 in the DataIQ 100 list of most influential data leaders, but GDPR is not the only focus in the industry

• March 07, 2019 07 Mar'19

  Zuckerberg commits to Facebook becoming privacy-focused

  After a storm of controversy and criticism over the way Facebook fails to protect users’ privacy, the company’s chief says he plans to transform it into a privacy-focused platform

• March 05, 2019 05 Mar'19

  Singapore can now certify security products based on Common Criteria

  The city-state is has attained the status of a Certificate Authorising Nation, enabling it to evaluate and certify security products under the Common Criteria standard

• March 04, 2019 04 Mar'19

  Cyber awareness of UK boards found wanting

  Boards of many of the UK’s biggest firms must do more to be cyber aware, according to a government report.

• March 02, 2019 02 Mar'19

  Facebook asked George Osborne to influence EU data protection law

  Facebook COO Sheryl Sandberg invited one of the chancellor’s children to Facebook’s office as part of a intensive lobbying programme to influence European data protection legislation

• March 01, 2019 01 Mar'19

  Facebook facing 10 GDPR investigations in Ireland

  Ireland’s Data Protection Commission has revealed it has 10 active probes into Facebook, Instagram and WhatsApp, as well as Apple, LinkedIn and Twitter, on its books

• February 27, 2019 27 Feb'19

  Most UK consumers say Facebook should be regulated

  Nearly three-quarters of UK consumers feel the social platform is damaging people’s mental health, survey shows

• February 25, 2019 25 Feb'19

  EU gathers momentum in cyber security legislation and cooperation

  The past two years have seen a step-change in the rate at which the European Union is putting legislation in place to support improved cyber security standards, collaboration and sharing of resources, says digital commissioner’s representative

• February 25, 2019 25 Feb'19

  Android now Fido2 certified

  Mobile operating system’s certification accelerates global migration beyond passwords, says Fido Alliance, which seeks to eliminate the world’s dependence on password-based security

• February 22, 2019 22 Feb'19

  Facebook planned to spy on Android phone users, internal emails reveal

  Facebook planned to use its Android app to track the location of its customers and to allow advertisers to send political advertising and invites to dating sites to ‘single’ people, confidential documents show