Opinion

Opinion

IT legislation and regulation

• The dangers of the UK’s illogical war on encryption

  The unintended consequences of the Online Safety Bill will have a dramatic effect on our ability to communicate securely, including in Ukraine, where it is needed most  Continue Reading

• Reimagining ethical digital technology

  With ever-increasing digitisation leading to greater dependence on a range of digital technologies, enterprises need to urgently look at how they can incorporate ethical and social considerations into the tech they develop  Continue Reading

• Security Think Tank: Don’t rely on insurance alone

  Cyber insurance is a useful addition to the cyber protection toolbox. However, it cannot be regarded as a replacement for the controls that should be in operation, says Turnkey Consulting’s Tom Venables  Continue Reading

• Security Think Tank: Now is the time to think about cyber insurance

  Many IT leaders shy away from cyber insurance, but new, innovative developments in the market can help organisations take an approach that suits their needs  Continue Reading

• Finding the balance between innovation and data security in healthcare

  As the government launches its data strategy for health and social care, a fine line must be trodden between innovating through privacy-enhancing technologies, and retaining data security for patients  Continue Reading

• What will the Data Reform Bill mean for UK businesses operating in the EU?

  Following the government’s response to the Data Reform Bill consultation, Peter Galdies of DQM GRC looks at what might lie ahead for UK organisations working in the European Union  Continue Reading

• Governance and progression of AI in the UK

  Artificial intelligence and machine learning are essential to growth in the global digital economy, and the UK has ambitions to lead the way  Continue Reading

• Government wrong to pass the buck on computer evidence reform

  IT expert James Christie tells Computer Weekly why he is disappointed that the government has no plans to change the rules on the use of computer evidence in court  Continue Reading

• Naivety of computer evidence leaves door ajar for more miscarriages of justice

  Barrister Paul Marshall explains why the government’s lack of action on reforming the legal rules around computer evidence, which presume it is correct, mean the Post Office Horizon scandal could be the tip of a miscarriages of justice iceberg  Continue Reading

• What does the EU’s NIS 2 cyber directive cover?

  We run the rule over the European Union’s updated NIS2 security directive  Continue Reading

• Mobile digital transformation – from fast to deep

  The first half of 2022 has been a busy time, with much happening in the mobile industry. We consider what the rest of year might hold  Continue Reading

• Online Safety Bill: Collaborating to make the internet safer for all

  The UK government's plan to regulate the internet and social media includes some positive and progressive measures – but by working with industry, a lot more could be achieved  Continue Reading

• Spring Statement lays the foundation for a make-or-break Budget for business in the autumn

  The tech sector has welcomed much of the chancellor’s latest financial plans, but says there is more to do if technology is to achieve its full potential for driving economic growth  Continue Reading

• Revised scope of UK security strategy reflects digitised society

  The omission of the word ‘security’ from the title of the UK government’s new National Cyber Strategy is a telling one, reflecting our increasingly digitised society, say Maximillian Brook and Arunoshi Singh of the ISF  Continue Reading

• How 2022’s most significant data privacy trends affect your organisation

  Data privacy and protection are now core responsibilities for most, but as we all know by now, compliance is a moving target. Here, expert Alan Calder looks ahead at what to expect in the coming months  Continue Reading

• UK Cyber Strategy a welcome injection of progress

  The National Cyber Strategy should be seen as a welcome injection of both focus and investment in bettering cyber defence for everyone, says Turnkey Consulting senior consultant Louise Barber  Continue Reading

• National Cyber Strategy will enhance UK’s cyber power status

  The UK punches above its weight when it comes to wielding cyber power around the world, but challenges to this status are clear. The National Cyber Strategy has a clear role to play in maintaining and enhancing this status, writes Paddy Francis of ...  Continue Reading

• Achieving agility, collaboration and data control in the cloud

  Organisations have historically had to make a trade-off between the proven benefits of the cloud and maintaining full control of their data, but with the right strategy it is possible to have both  Continue Reading

• National Cyber Strategy misses the mark in one important way

  The National Cyber Strategy is full of fine words, says Petra Wenham, but as the old expression goes, fine words butter no parsnips, and it misses the mark in one very important way  Continue Reading

• Assessing the aims of the Government Cyber Security Strategy

  The clear aims of the Government Cyber Security Strategy are welcome, but are they realistic or achievable?  Continue Reading

• Technology is the key to the door of levelling up the UK

  We finally have a better idea of what the government’s ‘levelling-up’ policy means in practice – but national progress on digital adoption will be a key measure of its success  Continue Reading

• Five key tech trends for digital leaders in 2022

  The past two years have seen a surge in investment that will bring new challenges to digital leaders over the next year  Continue Reading

• The UK-Australia FTA shows the UK means business on digital trade policy

  The new free-trade agreement with Australia could be setting the precedents for what a modern digital trade policy will look like for the UK  Continue Reading

• Vulnerabilities to fraud are increasing across the board

  As the pandemic continues to affect how we work, socialise, shop and conduct business, so it has increased opportunities for digital fraud and cyber crime. Jason Lane-Sellers explores the latest LexisNexis Risk Solutions ‘Cybercrime report’  Continue Reading

• A trial relying on computer evidence should start with a trial of the computer evidence

  Learning from the Post Office Horizon scandal - the most widespread miscarriage of justice in recent British legal history  Continue Reading

• A ‘whole of society’ approach to cyber may be on the horizon

  Nominet Cyber managing director David Carroll reflects on the NCSC’s latest annual review amid 2021’s fast-evolving threat landscape  Continue Reading

• The ICO is right to push back against government meddling

  Some criticisms of the ICO are justified, but the answer to that is not to give Whitehall more oversight over the data protection regulator, argues legal expert Edward Machin  Continue Reading

• Watching me, watching you – challenging the rise of digital surveillance at work

  Unprecedented levels of digital monitoring at work is embedding a culture of surveillance, despite workers’ opposition to the practices, says Prospect Union  Continue Reading

• Encryption protects the marginalised – and it’s under threat

  Encryption keeps marginalised groups connected and safe, but new regulatory attempts to break it put them at risk  Continue Reading

• Security Think Tank: Responsible vulnerability disclosure is a joint effort

  By working hand-in-hand, developers and security researchers can both play a vital role in ensuring newly-discovered vulnerabilities are addressed appropriately, writes Paddy Francis of Airbus CyberSecurity  Continue Reading

• Invest in cyber security with confidence using a structured approach

  Cyber security has never been more challenging or important in rapidly changing business, regulatory, IT and threat environments. There is a need for a more structured approach to investment  Continue Reading

• Keeping the UK in the global race to adopt digital identity

  The UK government’s proposed digital ID trust framework is a step in the right direction, but more is needed to ensure the successful adoption of digital identity across the economy  Continue Reading

• ICO cookie consent: How will the plan affect businesses?

  A data privacy and compliance expert considers what the ICO’s proposals for an overhaul of cookie consent procedures could mean for businesses  Continue Reading

• Facial recognition cannot be a standalone authentication method

  As more organisations look to facial recognition to improve their digital identity practices, they must remember that it cannot stand in isolation  Continue Reading

• Managing cyber risk through integrated supply chains

  High-profile supply chain cyber attacks have caused huge disruption this year. PA Consulting’s Carl Nightingale considers key questions business leaders should be asking of their organisations  Continue Reading

• IR35 reforms: Tech firms warned off relying on high-risk compliance workarounds

  Several months have passed since the onset of the IR35 reforms in the private sector, but compliance with the rules remains an ongoing process, warns Brookson Legal’s Matt Fryer  Continue Reading

• Security Think Tank: Optimising privacy, post-GDPR

  Airbus CyberSecurity CTO Paddy Francis explores the impact of regulation on data protection, and how it has changed how one goes about optimising data privacy in the enterprise  Continue Reading

• Security Think Tank: A response to planned data protection changes

  The ISF’s Emma Bickerstaffe assesses how organisations might respond to proposed changes to the UK’s data protection regime  Continue Reading

• UK’s new data protection strategy risks costing business more than it gains

  The apparent business benefits of pursuing data adequacy agreements around the world may not be as enticing as they at first appear  Continue Reading

• Security Think Tank: Steps to a solid data privacy practice

  Petra Wenham of the BCS shares her expertise on building, or rebuilding, a solid business data privacy practice in a post-Covid-19 world  Continue Reading

• Basel III: How fintech can provide allocated gold for banks

  Banking rules that were over 10 years in the making as a response to the financial crisis have finally come into effect, marking a seismic shift for European banks and their dealings with gold – potentially completely altering the landscape of ...  Continue Reading

• The ransomware debate – to pay or not to pay?

  The debate around banning ransomware payments is highly nuanced, and we must take care to avoid overt victim-blaming, in favour of an open and honest approach, says SASIG’s Martin Smith  Continue Reading

• Security Think Tank: Data privacy and ethics in a post-Covid world

  The radical change caused by the pandemic requires new approaches to data privacy practice, says PA Consulting’s Daniel Gordon  Continue Reading

• Five tips to ensure your crisis comms plan is ready for a cyber attack

  Business leaders take note: standard crisis communications plans are inadequate if you have fallen victim to a cyber attack. HPL’s Ted Birkhahn shares five tips to make sure you are ready to face the public  Continue Reading

• Professionals need protection from the Computer Misuse Act

  The UK needs cyber legislation fit for the 21st century, so it is important for the industry to get behind the government’s proposed reform of the Computer Misuse Act  Continue Reading

• Are you betting your future on the worst gambling odds in the world?

  Gambling is a high-risk strategy. Doing nothing in the face of the threat from ransomware and hoping for the best provides some of the worst odds you will ever come across  Continue Reading

• Banking tech fraud: How to trace and recover your money

  Even when stolen assets are sent offshore, the special powers of the English civil court system mean all may not be lost  Continue Reading

• How CIOs can help their organisations accelerate digital transformation

  Companies need to win the trust of their customers to gather the data they need to transform their businesses  Continue Reading

• European ‘chat control’ plans in the name of ‘child safety’ threaten end-to-end encryption

  Proposals by European Commission to search for illegal material could mean the end of private messaging and emails  Continue Reading

• NHS Digital’s GP data-scraping plan must be publicised and delayed

  The UK government must launch a national awareness campaign and delay this month’s planned GP data slurp, say privacy consultants Ben Rapp and Sara Newman  Continue Reading

• Long-term thinking is vital to secure UK’s critical infrastructure

  To face down the threat of cyber warfare against UK CNI, the government needs long-term thinking that looks beyond the next general election cycle, says Advent-IM’s Mike Gillespie  Continue Reading

• Online Safety Bill: an opportunity for tech to get it right

  Long-awaited proposals for regulating internet companies still leave much to be defined – and the tech sector must take the lead in finalising a plan that works for society and government  Continue Reading

• Post Office scandal: The rise of computers and the decline of English justice

  The Post Office prosecuted its subpostmasters up and down the country with a zeal that would not have embarrassed the Inquisition  Continue Reading

• Why new EU rules around artificial intelligence are vital to the development of the sector

  Shawn Tan, CEO of global AI ecosystem builder Skymind, explains why the European Union’s new rules on artificial intelligence are a good thing  Continue Reading

• The shape of fraud and cyber crime: 10 things we learned from 2020

  While a pandemic-driven increase in cyber crime and an exacerbation of existing fraud trends were, to a large extent, to be expected, the LexisNexis Risk solutions UK cybercrime report 2020 still contained a few surprises  Continue Reading

• IR35 private sector reforms: What firms need to do now the start date has passed

  While the start date for the onset of the IR35 private sector reforms may have passed, firms in-scope of the revamped tax avoidance legislation may find themselves still with plenty of compliance work still to do  Continue Reading

• Why we need to reset the debate on end-to-end encryption to protect children

  Private messaging is the front line of abuse, yet E2EE in its current form risks engineering away the ability of firms to detect and disrupt it where it is most prevalent  Continue Reading

• Security Think Tank: Security culture must underpin vaccine passports

  What are the security challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind?  Continue Reading

• Security Think Tank: ‘Legitimate interest’ crucial for vaccine passports

  What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind?  Continue Reading

• Security Think Tank: Vaccine passports must be secure by design

  What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind?  Continue Reading

• Security Think Tank: Vaccine passports cannot be taken lightly

  What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind?  Continue Reading

• What has a year of home working meant for the DPO?

  Byron Shirley of The Compliance Space explores how the role of the data protection officer has changed in the past 12 months  Continue Reading

• Security Think Tank: US security efforts may centre on collaboration

  As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• Vaccine passports highlight social impact of systems design

  Vaccine or immunity passports are an opportunity to advance the design of trustworthy digital systems, but much more work still needs to be done  Continue Reading

• Security Think Tank: Towards a united state of security

  As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• Security Think Tank: Renewed US stability may ease cyber tensions

  As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• Security Think Tank: Biden must address insider security threat first

  As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• Security Think Tank: Biden’s team can make a difference on security

  As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• Security Think Tank: UK well-placed to work with Biden on cyber

  As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• Security Think Tank: Biden has a chance to renew cyber alliances

  As President Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• Could ambiguous rules spur IT personnel offshoring bonanza?

  Could the combination of Brexit and ambiguous rules on recruitment enable businesses to hire IT staff from overseas to carry out work remotely?  Continue Reading

• UK government needs a digital reboot

  The appointment of new digital leadership is a welcome start to what – if the UK is to thrive in a post-Covid, post-Brexit world – must become a wholesale reboot of digital government  Continue Reading

• What does Brexit mean for the future of UK digital policy? A view from Europe

  Any decisions by the UK government to diverge from EU policies and values over digital policy and regulation could cause real economic problems for UK businesses  Continue Reading

• Why Jack Ma might be too good a tech entrepreneur for China's leaders

  Tech pioneer Jack Ma is facing new regulatory pressure from the Chinese authorities – is this some ideological spat, or simply that he's too good at what he does compared to the state-owned financial system?  Continue Reading

• It’s time to accept that disinformation is a cyber security issue

  Tackling the manipulation of truth and facts is no easy task, and it’s time for the cyber security sector to take up the challenge  Continue Reading

• Why our online harms laws will be good for tech

  The UK's minister for digital infrastructure explains the government's thinking behind its proposals to regulate internet companies such as Facebook, Google and others  Continue Reading

• Brexit and risks to data privacy and governance

  EY privacy specialists assess the risks to data privacy, protection and governance on the table for businesses, with less than two months until Brexit  Continue Reading

• How to write an executive CV for IT leadership jobs

  Knowing how to write an IT executive CV requires a deep knowledge and skillset that not everyone has. Find out how to set yourself apart from the competition  Continue Reading

• The Google antitrust case is more about politics than economics

  It’s not entirely clear what economic reasons led the US government to try to tackle Google’s search monopoly, which suggests it is mostly about politics  Continue Reading

• Security Think Tank: Essential tools to mitigate data loss and identity theft

  The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cybercrime heighten risk for the ...  Continue Reading

• Lapsing ISO certifications: Myth versus risk

  Allowing ISO certifications to lapse presents businesses with serious risks when workarounds are possible  Continue Reading

• The privacy and compliance challenges organisations face in 2021

  Privacy and compliance teams have a lot on their plate as 2021 approaches. What are the key issues to consider?  Continue Reading

• Gartner: Balance safety, privacy and productivity when employees return to the workplace

  Organisations may decide that data collection can help keep employees safe in a Covid-secure workplace – but employers must consider all the privacy and productivity implications  Continue Reading

• What are the latest GDPR security breach enforcement trends?

  A cyber breach specialist from Fieldfisher runs the rule over the latest trends in cyber security, data protection and GDPR  Continue Reading

• The countdown is on for TikTok after Schrems II

  Given the US’ threatened actions against TikTok and the outcome of Schrems II, it is clear that the spotlight is now firmly on international data transfers  Continue Reading

• How the chancellor’s Plan for Jobs could benefit the UK tech sector

  Technology has a strong role to play in the UK’s recovery, with Rishi Sunak’s Plan for Jobs offering opportunities for the sector  Continue Reading

• How Schrems II will impact data sharing between the UK and the US

  At the end of this year, the UK will no longer be subject to the EU’s treaties, opening the way for it and the US to finalise a new trade relationship. Could the UK leave EU data protection standards behind?  Continue Reading

• Security Think Tank: Container security is evolving, so must CISOs

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• Why trust is the new currency

  Businesses need to engender trust with customers amid the complexity of digital transactions involving multiple third parties, even as consumers are not fully cognizant of the importance of data privacy  Continue Reading

• Four risks to data privacy and governance amid Covid-19

  EY privacy experts assess some of the novel risks to data privacy, protection and governance during the Covid-19 coronavirus pandemic  Continue Reading

• A legal perspective on data breaches and home working

  Legal experts from Fieldfisher share guidance on how to deal with cyber attacks during the coronavirus crisis, and what the ICO expects in terms of notification  Continue Reading

• Coronavirus and privacy – finding the middle ground

  Data collection has a role to play in fighting the deadly Covid-19 coronavirus outbreak, but governments need to be accountable for how it is used  Continue Reading

• Security Think Tank: Coronavirus crisis helps put security in context

  In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances?  Continue Reading

• EC publishes approach to human and ethical implications of AI, but what will UK do?

  The European Commission has published a guide to the EU’s approach to the human and ethical effects that artificial intelligence might bring  Continue Reading

• Why ‘no breach’ is bad news for your compliance

  You might think it’s a good thing if your organisation has a clean record when it comes to data breaches, but this is not necessarily the case  Continue Reading

• Is the EU better equipped than the US to supervise the use of facial recognition?

  Clearview AI can be an indispensable tool to reinforce national security, but there are many risks associated with the use of facial recognition technology that the EU might be better equipped to deal with than the US  Continue Reading

• The greatest contest ever – privacy versus security

  Examining the technical, legal and ethical challenges around the privacy versus security debate  Continue Reading

• The fight against cyber crime: Why cooperation matters

  With the WEF’s Global Risk Report 2019 ranking cyber attack in the top five global risks, we now see rising consensus at institutional level that no individual stakeholder can address the breadth of security challenges we face today  Continue Reading

• Could regulation kill Facebook completely?

  Social media companies are under financial pressure, as costs increase faster than revenues due to growing concerns about the price of regulatory intervention  Continue Reading

• Learning from the Travelex cyber attack: Failing to prepare is preparing to fail

  The key lesson to take from the Travelex breach is that an effective response to a breach is a critical business function and no longer the sole province of the IT department  Continue Reading