News

Regulatory compliance and standard requirements

• March 09, 2019 09 Mar'19

  ICO data raises doubts over UK firms’ ability to manage breaches

  Most ICO data breach reports late and incomplete prior to full GDPR implementation, FoI request data reveals, raising doubts about breach prevention, detection and response capabilities

• March 07, 2019 07 Mar'19

  ICO head still in top three of DataIQ data leader list

  The UK’s information commissioner remains in the top three data leaders after claiming top spot in 2018 in the DataIQ 100 list of most influential data leaders, but GDPR is not the only focus in the industry

• March 07, 2019 07 Mar'19

  Zuckerberg commits to Facebook becoming privacy-focused

  After a storm of controversy and criticism over the way Facebook fails to protect users’ privacy, the company’s chief says he plans to transform it into a privacy-focused platform

• March 05, 2019 05 Mar'19

  Singapore can now certify security products based on Common Criteria

  The city-state is has attained the status of a Certificate Authorising Nation, enabling it to evaluate and certify security products under the Common Criteria standard

• March 04, 2019 04 Mar'19

  Cyber awareness of UK boards found wanting

  Boards of many of the UK’s biggest firms must do more to be cyber aware, according to a government report.

• March 02, 2019 02 Mar'19

  Facebook asked George Osborne to influence EU data protection law

  Facebook COO Sheryl Sandberg invited one of the chancellor’s children to Facebook’s office as part of a intensive lobbying programme to influence European data protection legislation

• March 01, 2019 01 Mar'19

  Facebook facing 10 GDPR investigations in Ireland

  Ireland’s Data Protection Commission has revealed it has 10 active probes into Facebook, Instagram and WhatsApp, as well as Apple, LinkedIn and Twitter, on its books

• February 27, 2019 27 Feb'19

  Most UK consumers say Facebook should be regulated

  Nearly three-quarters of UK consumers feel the social platform is damaging people’s mental health, survey shows

• February 25, 2019 25 Feb'19

  EU gathers momentum in cyber security legislation and cooperation

  The past two years have seen a step-change in the rate at which the European Union is putting legislation in place to support improved cyber security standards, collaboration and sharing of resources, says digital commissioner’s representative

• February 25, 2019 25 Feb'19

  Android now Fido2 certified

  Mobile operating system’s certification accelerates global migration beyond passwords, says Fido Alliance, which seeks to eliminate the world’s dependence on password-based security

• February 22, 2019 22 Feb'19

  Facebook planned to spy on Android phone users, internal emails reveal

  Facebook planned to use its Android app to track the location of its customers and to allow advertisers to send political advertising and invites to dating sites to ‘single’ people, confidential documents show

• February 21, 2019 21 Feb'19

  UK committed to working with EU cyber security partners

  NCSC CEO uses cyber security conference in Brussels to set out his agency’s position on Brexit, 5G security, Huawei, market incentives and international cooperation on active cyber defence

• February 19, 2019 19 Feb'19

  IT Priorities 2019: Cyber security and risk management among top priorities for 2019

  This year’s Computer Weekly/TechTarget IT Priorities research shows that cyber security and risk management are among the top investment priorities

• February 19, 2019 19 Feb'19

  Finding security in the cloud

  When choosing a cloud security provider, enterprises will need to consider the level of data privacy and data security risk involved

• February 13, 2019 13 Feb'19

  Australian government warns of blockchain gaps

  Digital Transformation Agency dispels some myths around blockchain, calling for government agencies to be cautious about using the technology

• February 12, 2019 12 Feb'19

  Dutch developer offers businesses nuclear security option for communications

  Startup that created the secure platform for communication between world leaders at the 2014 Nuclear Security Summit in the Netherlands seeks to revolutionise business mail

• February 12, 2019 12 Feb'19

  APAC healthcare providers losing $23m to cyber attacks

  Healthcare organisations in the Asia-Pacific region could lose an average of $23.3m to cyber attacks, including losses from productivity and customer churn, a study finds

• February 07, 2019 07 Feb'19

  Data breaches in Australia show no sign of abating

  Australia’s privacy watchdog recorded over 800 cases of data breaches, nearly one year into the country’s mandatory data breach notification regime

• February 05, 2019 05 Feb'19

  Civil liberties groups to challenge bulk surveillance and intelligence sharing in Strasbourg

  Coalition of campaigning groups wins the right to challenge the UK’s use of bulk surveillance powers, which allows suspicionless surveillance of the population and sharing of intercepted data with overseas intelligence agencies, in European Court of...

• February 01, 2019 01 Feb'19

  Innocent people arrested following surveillance blunders, IPCO reveals

  Interception of communications commissioner Adrian Fulford warns of “grave” repercussions for people wrongly identified as suspects due to errors made when government bodies access email, phone and telephone data

• February 01, 2019 01 Feb'19

  ICO to audit Leave.EU and Eldon Insurance

  UK privacy watchdog will audit the data protection practices at Leave.EU and Eldon Insurance and has confirmed fines for both companies for unlawful marketing messages

• January 31, 2019 31 Jan'19

  Airbus investigates personnel data breach

  Intruders were detected in the information systems of manufacturer’s commercial aircraft business, highlighting the need for a new approach to data protection

• January 31, 2019 31 Jan'19

  Facebook profit up despite privacy failings

  Social media giant reports profit gains for the last quarter and the past year, despite a string of privacy blunders that came to light in 2018

• January 30, 2019 30 Jan'19

  Unconfigured IoT is a security risk, warns researcher

  Internet of things researcher says unconfigured internet-connected devices are a largely unrecognised cyber security risk to businesses and consumers, and welcomes the increased likelihood of UK IoT legislation

• January 29, 2019 29 Jan'19

  No-deal Brexit would undermine digital economy, BCS warns

  Skills, funding and the free flow of data are all at risk, says the chartered institute for IT

• January 28, 2019 28 Jan'19

  Data protection practices still poor, survey shows

  Despite concerns over privacy and data protection and a greater understanding of best security practices, individuals and businesses are still falling short, a survey reveals

• January 28, 2019 28 Jan'19

  Minister urges UK firms to prepare for no-deal Brexit

  On International Data Protection Day, the UK’s digital minister has added her voice to calls by the data protection watchdog for UK firms to prepare for a no-deal Brexit

• January 25, 2019 25 Jan'19

  ICO adds to guidance on ‘no-deal’ Brexit

  The UK’s privacy watchdog has been advising UK firms to prepare for a no-deal Brexit and has added some guidance for SMEs

• January 25, 2019 25 Jan'19

  Former EU data protection tsar joins ICO

  Former EU data protection supervisor joins the UK’s privacy watchdog as non-executive director, strengthening its commitment to international work

• January 24, 2019 24 Jan'19

  Poor practices expose 24 million financial records

  Failure to maintain appropriate security controls has again led to the exposure of millions of sensitive data records, this time from the banking world

• January 24, 2019 24 Jan'19

  IoT application vulnerabilities leave devices open to attack

  Barracuda Networks calls for internet of things devices to be subject to regular security review after researchers detail the application vulnerabilities of an internet-connected security camera

• January 24, 2019 24 Jan'19

  Thales eSecurity spins out nCipher

  After just over a decade, Thales eSecurity has announced that it has spun out HSM specialist nCipher, the UK-based encryption firm it acquired for $100m in 2008

• January 24, 2019 24 Jan'19

  Business failing to see strategic value of cyber security

  UK businesses are failing to get value out of cyber security because they fail to see its strategic importance and often have a negative attitude towards security professionals, a study has revealed

• January 24, 2019 24 Jan'19

  AWS now accredited to run protected workloads in Australia

  Accreditation from the Australian Cyber Security Centre will enable organisations to store and process sensitive data in the Amazon Web Services Sydney region

• January 23, 2019 23 Jan'19

  Facebook’s objections to court concerns over privacy more about ‘optics’ than facts

  Facebook’s challenge to a High Court ruling that raises serious concerns about data transfers between Europe and the US is more about appearance than facts, lawyers for the Irish Data Protection Commission told Dublin's Supreme Court

• January 23, 2019 23 Jan'19

  Time to deploy strong authentication, says Fido

  The time has come for organisations to deploy cryptographically backed strong authentication, according to the Fido Alliance, which seeks to eliminate the world’s dependence on password-based security

• January 22, 2019 22 Jan'19

  €50m GDPR fine for Google is a wake-up call for tech giants

  The French data protection authority has fined Google €50m for contravening EU data protection laws, which has been hailed as a warning for tech giants and other data handling firms

• January 21, 2019 21 Jan'19

  Home Office vetoes privacy campaigner from senior post in surveillance watchdog

  The Home Office refuses academic and privacy campaigner, Eric King, security clearance for a senior role at the intelligence services watchdog, despite high-level backing from officials

• January 18, 2019 18 Jan'19

  Five issues for SMEs to consider when adopting encryption

  Encryption is still considered difficult to deploy and use as a data protection method, especially by small businesses, but considering five key factors can make adoption easier, says Becrypt

• January 18, 2019 18 Jan'19

  Prepare for no-deal Brexit, says ICO

  The UK data protection authority is urging businesses to prepare for a no-deal Brexit to ensure there is no interruption in data flows from Europe

• January 16, 2019 16 Jan'19

  New Zealand faces more state-sponsored attacks

  Nearly four in 10 cyber security incidents recorded by the National Cyber Security Centre were the work of state-sponsored threat actors

• January 15, 2019 15 Jan'19

  Less than half of firms able to detect IoT breaches, study shows

  UK firms have one of the lowest internet-of-things device breach detection capabilities in Europe, a study reveals

• January 15, 2019 15 Jan'19

  SingHealth and IT supplier fined S$1m for data breach

  Singapore’s data protection commission considered the fact that both SingHealth and its IT supplier fell prey to sophisticated threat actors, among other factors, when meting out the fine

• January 10, 2019 10 Jan'19

  Right to be forgotten is not global, says EU court adviser

  The right to be forgotten should apply only in the European Union, according to the chief adviser to the European Court of Justice

• January 04, 2019 04 Jan'19

  Data breaches affected more than a billion people in 2018

  The personal information of more than a billion people was compromised in 2018 as companies holding the data failed to keep it safe

• January 03, 2019 03 Jan'19

  IT regulators and practitioners need common language

  There needs to be greater understanding between lawmakers and technologists to ensure regulations do not have unintended consequences, says a US computer security researcher and bug bounty pioneer

• January 03, 2019 03 Jan'19

  Fortinet to lead cyber security discussion at WEF annual summit

  The head of cyber security firm Fortinet has been named as a discussion leader at the upcoming World Economic Forum annual meeting in Davos, Switzerland

• December 20, 2018 20 Dec'18

  Marriott data breach losses could be over half a billion dollars

  Direct losses related to a huge data breach at US hotel group could reach $600m

• December 19, 2018 19 Dec'18

  Lauri Love battles police for return of computers as NCA confirms live investigation

  The National Crime Agency (NCA) confirms there is a live investigation into Lauri Love in the UK, as Love brings legal action against UK police for the return of seized computer equipment

• December 13, 2018 13 Dec'18

  ICO and government help UK businesses prepare for no-deal Brexit

  The Information Commissioner’s Office (ICO) and the government are providing guidance for UK businesses, particularly SMEs, on how to prepare for a possible no-deal Brexit

• December 13, 2018 13 Dec'18

  UK trade sector risks GDPR fines over poor data disposal

  UK businesses in the trade sector are risking GDPR fines for failing to wipe data from old IT equipment, a survey shows

• December 11, 2018 11 Dec'18

  Large disparity in NHS cyber skills and training spend

  Despite government pledges to up cyber security spending across the NHS, there are still huge disparities in cyber security skills and spending on cyber security training, FoI requests reveal

• December 05, 2018 05 Dec'18

  UK consumers threaten data breach backlash

  Most UK and global consumers are willing to walk away from businesses that fail to look after personal data, with retailers most at risk, research shows

• December 03, 2018 03 Dec'18

  Liberty heads for judicial review over Investigatory Powers Act

  The UK's powers to conduct supsicionless bulk surveillance on individuals and organisations face a legal challenge in the high court next year

• December 03, 2018 03 Dec'18

  UK government commits to opening up data in bid to push adoption of AI

  Opening up data is vital to government plans to push adoption of artificial intelligence across all sectors of the UK economy

• November 30, 2018 30 Nov'18

  Marriott data breach highlights basic failings

  A breach of a guest reservation database of the Starwood division of the Marriott International hotel group highlights basic personal data protection failures

• November 29, 2018 29 Nov'18

  UK cyber security strategy making ‘good progress’

  The National Cyber Security Strategy is making good progress, but there is much left to be done, according to a Cabinet Office official

• November 28, 2018 28 Nov'18

  Cyber resilience lacking due to apathy of UK leaders

  An unwillingness to accept that cyber is a real threat to critical national infrastructure by UK political and business leaders has resulted in a lack of resilience, says security industry veteran

• November 28, 2018 28 Nov'18

  CIO interview: Stephen Docherty on NHS data sharing

  The Cambridge Analytica scandal raised awareness about privacy. Stephen Docherty, CIO of South London and Maudsley NHS Trust, explains why

• November 27, 2018 27 Nov'18

  Businesses failing to win consumer trust

  Businesses are still largely failing to win the trust of consumers to keep their personal data safe as data breaches continue to make headlines

• November 27, 2018 27 Nov'18

  ICO fines Uber £385,000 for data protection failings

  Like Facebook, Uber has escaped a potentially much higher fine for data protection failings because the 2016 breach that affected millions of UK customers is not covered by the GDPR

• November 27, 2018 27 Nov'18

  GDPR is encouraging UK IT directors to pay cyber ransoms

  As predicted ahead of the General Data Protection Regulation enforcement deadline, research shows that fear of fines under the new laws is making some firms more likely to pay cyber ransoms

• November 26, 2018 26 Nov'18

  Unprecedented actions by Commons committee augur badly for Facebook

  House of Commons’ serjeant-at-arms effectively arrested the CEO of a US software company and frogmarched him to Parliament, where he was told he would be imprisoned if he failed to hand over papers on Facebook

• November 22, 2018 22 Nov'18

  ICO finds Metropolitan Police's Gangs Matrix seriously breaches data protection laws

  A year-long ICO investigation has highlighted major problems with how the Metropolitan Police handles and shares the personal data of individuals on its Gangs Matrix

• November 20, 2018 20 Nov'18

  Dutch audit finds Microsoft Office leaks confidential data

  The diagnostics Microsoft Office collects from users should be a source of concern for any government CISO, according to a DPIA audit

• November 20, 2018 20 Nov'18

  Police challenged over refusal to disclose files on WikiLeaks staff

  Lawyers will challenge the Metropolitan Police Service today to confirm or deny whether it holds correspondence with US law enforcement about three WikiLeaks staff – including two UK citizens – in a freedom of information tribunal

• November 19, 2018 19 Nov'18

  Government lacks cyber resilience leadership, according to MPs

  The government lacks political leadership and urgency in dealing with cyber threats, according to Joint Committee on National Security Strategy, calling for a minister in charge of delivering cyber resilience

• November 17, 2018 17 Nov'18

  Credit card fraud in ANZ showing no signs of abating

  The value of fraudulent transactions more than doubled that of legitimate purchases during the third quarter this year

• November 16, 2018 16 Nov'18

  Three factors marginalising the CISO role

  Chief information security officers are typically marginalised due to three factors, and de-coupling the technical and managerial aspects of the job will enable empowerment, says consultant

• November 16, 2018 16 Nov'18

  Many firms still stuck in GDPR prep phase six months after its initiation

  Six months after the GDPR compliance deadline, many companies are struggling to make data protection principles part of everyday business, says PwC’s GDPR and data protection lead

• November 16, 2018 16 Nov'18

  Why is hiring a government chief security officer such a tricky business?

  Security bosses and CIOs weigh in on why they think the government is struggling to recruit a chief security officer

• November 15, 2018 15 Nov'18

  DeepMind won’t share patient data with Google ‘at this stage’, says company’s health boss

  Amid concerns and questions around Google’s takeover of the DeepMind’s Streams app, Dominic King, the company’s health lead, promises that ‘at this stage’, nothing will change, and it won’t share any patient data with the internet giant

• November 15, 2018 15 Nov'18

  Members of Parliament should back EU Withdrawal Agreement, says industry

  Industry experts say the government’s EU Withdrawal Agreement is far from perfect and still requires more clarity, but call on MPs to back it, as it’s better than a No-Deal Brexit

• November 13, 2018 13 Nov'18

  Thailand’s Democrat Party holds election with blockchain

  The Zcoin blockchain was used to store file hashes of voting data and identities of voting members of Thailand’s main opposition party

• November 12, 2018 12 Nov'18

  EU regulation set to advance single market for non-personal data

  The European Union Council and Parliament have approved a regulation, to take effect in six months’ time, to ensure the free movement of non-personal data, such as IoT data, across the bloc

• November 08, 2018 08 Nov'18

  GDPR a challenge to AI black boxes

  Most artificial intelligence “black boxes” do not comply with EU data protection laws and will have to be re-engineered, warns security researcher and consultant

• November 08, 2018 08 Nov'18

  Increasing value of personal data a 21st century challenge

  The increasing value of personal data presents the challenge of managing a personal data economy, says identity and security expert

• November 07, 2018 07 Nov'18

  Cyber security high on European Commission agenda

  The European Commission is recognising the growing importance of cyber security to the digital economy and is increasing funding to support research, resilience and cooperation

• November 05, 2018 05 Nov'18

  Banking sector leading CIAM innovation, say Big Four

  Maturity in consumer identity and access management (CIAM) differs from sector to sector, with the banking sector taking the lead in terms of innovation, according to the Big Four accounting firms

• November 02, 2018 02 Nov'18

  DevSecOps not limited to coding, says analyst

  DevSecOps is seen as a way of ensuring application security, but security leaders must understand that embedding a security culture and taking the inter-dependencies of new development frameworks into account is key, says KuppingerCole

• November 02, 2018 02 Nov'18

  Facebook to appeal EU-US data transfer ruling in Irish Supreme Court

  Facebook will appeal a decision by the Irish High Court to refer questions over the legality of EU-US data transfers to the European Court of Justice in January, as the Dublin court rejects attempt by a UK IT expert to join the case

• November 02, 2018 02 Nov'18

  Radisson hotel group could be GDPR test case

  Privacy watchers say the breach of personal data of members of the Radisson Hotel Group’s loyalty scheme could be an interesting test case for how the GDPR will be applied

• November 01, 2018 01 Nov'18

  Key elements to success in consumer identity management

  Success in consumer identity management is not just about getting the technology right, it is also about keeping in mind the consumer needs, preferences and concerns, says KuppingerCole

• October 31, 2018 31 Oct'18

  GDPR driving data protection maturity

  The EU data protection laws are helping to drive data protection maturity internationally, but five months after enforcement many companies are still playing catch-up, says consultant

• October 30, 2018 30 Oct'18

  Australia’s data breaches are a ‘sign of naiveté’

  McAfee executive attributes Australia’s poor cloud security record to the lack of data protection measures amid “new and confusing” cloud configurations

• October 26, 2018 26 Oct'18

  IoT ecosystem needs to be investigated, say experts

  A conference of IoT experts convened by Enisa and Europol has made key recommendations to ensure security vulnerabilities do not overshadow benefits

• October 25, 2018 25 Oct'18

  MEPs call for action in wake of Facebook-Cambridge Analytica scandal

  European members of parliament demand action to protect citizens’ privacy from abuses such as those uncovered in the Facebook-Cambridge Analytica data sharing scandal

• October 25, 2018 25 Oct'18

  ICO issues maximum £500,000 fine to Facebook

  The UK privacy watchdog has confirmed that Facebook has escaped a fine of more than $1bn under the GDPR, but will face the maximum under the DPA for failing to protect users’ personal information

• October 25, 2018 25 Oct'18

  Cathay Pacific under fire over breach affecting 9.4 million passengers

  Hong Kong-based airline reveals massive data breach of the most sensitive personal data of passengers five months after loss was confirmed

• October 25, 2018 25 Oct'18

  Becrypt security platform helps ease cloud adoption

  Becrypt’s secure operating system is driving a new service aimed at helping organisations reduce cost and increase agility in using cloud-based services and online applications

• October 23, 2018 23 Oct'18

  Morrisons loses appeal against data breach liability ruling

  Supermarket chain has lost its appeal against a High Court ruling that found it liable for a data leak by a former employee, underlining the importance of managing insider threats

• October 19, 2018 19 Oct'18

  Learn lessons from attacks, says McAfee investigations chief

  Organisations should use every cyber attack as an opportunity to learn, identify weaknesses and improve security posture, according to McAfee’s head of cyber investigations

• October 18, 2018 18 Oct'18

  NHS standards framework aims to set the bar for quality and efficiency

  NHS Digital’s standards framework sets out renewed commitment to implement and use open standards across the NHS

• October 18, 2018 18 Oct'18

  Time to implement new cyber security protections, says McAfee CEO Chris Young

  Convergence of threats and technologies and an increasingly complex regulatory environment are driving the need to implement new cyber security protections, says McAfee chief

• October 16, 2018 16 Oct'18

  UK faces 10 cyber attacks a week as hostile states step up hacking, says NCSC

  The UK’s National Cyber Security Centre has thwarted more than 1,600 attacks over the past two years – many by hostile nation states

• October 15, 2018 15 Oct'18

  Tech companies should not be under legal duty to remove terrorist material, says watchdog

  The internet should not be a safe place for terrorists, but making it compulsory for technology companies to trawl for radical content risks interfering with the rights of innocent people, says Max Hill QC, the independent reviewer of terrorism ...

• October 15, 2018 15 Oct'18

  Good data governance is good business

  Organisations are failing to understand the importance of getting their data relationship with customers right and seeing the business opportunities that it enables, an industry analyst warns

• October 15, 2018 15 Oct'18

  Apple challenges Australia’s proposed decryption law

  Tech giant Apple argued that the lack of judicial oversight could reduce customer trust and security, among other reservations over Australia’s draft decryption legislation

• October 11, 2018 11 Oct'18

  MEPs urge Facebook to roll out election fraud prevention measures

  Facebook is coming under pressure from European lawmakers to do more to prevent its user data from being misappropriated during elections

• October 10, 2018 10 Oct'18

  Detail of Dutch reaction to Russian cyber attack made public deliberately

  Four Russian intelligence officials were expelled from the Netherlands after an attempted hack on the global chemical weapons watchdog. The Dutch government has been open about the detail