Business continuity planning

Business continuity is an organization's ability to maintain critical business functions during a disaster and after it has occurred.. See complete definition.

News 03 Oct 2023
IT decision-makers confident they can handle tech disruptions

The majority of IT decision-makers polled in a recent survey have admitted their organisations has been adversely affected by IT failures Continue Reading
Opinion 29 Sep 2023
The trust deficit in CNI: How to address a growing concern

When it comes to addressing the trust deficit in CNI, technological advancements, evolving threats, inadequate regulations, insufficient investment, public awareness, and international cooperation are all critical components that need attention Continue Reading

Feature 28 Sep 2023

Automated cloud IR: Empowering cyber with AI-powered playbooks

As cyber threats increasingly target cloud infrastructure, demand for robust and reliable incident response measures is through the roof. Find out why you might want to consider bringing artificial intelligence into play Continue Reading
News 27 Sep 2023

Researchers offer free threat briefings on Vegas casino hackers

Permiso, a cloud detection and response startup, is making its threat intel team available to speak on Scattered Spider, the group behind recent cyber attacks on MGM Resorts and Caesars Entertainment Continue Reading
News 27 Sep 2023

City of Las Vegas masters cyber incident response with Darktrace

The high-rolling city of Las Vegas experiences unique cyber security challenges rarely seen elsewhere. CIO Mike Sherwood reveals how he turned to Darktrace to help address incidents quicker and with confidence Continue Reading
News 26 Sep 2023

Cover-ups still the norm in the wake of a cyber incident

Almost half of organisations that have experienced a cyber incident did not report it to the appropriate authorities, according to a report Continue Reading
News 26 Sep 2023

Crest and IASME to deliver upcoming NCSC Cyber Exercise programme

Crest and IASME have been tasked with assuring that security services providers signing up to a soon-to-launch NCSC Cyber Incident Exercising scheme are up to the job Continue Reading
News 22 Sep 2023

Cyber experts set out plan to secure future US elections

A group of experts are setting out to enhance election cyber security in the United States, and restore public faith in a process tainted by interference and misinformation in the past Continue Reading
News 21 Sep 2023

Poor digital experience a blocker for cyber resilience

Organisations that neglect the digital employee experience are not only vulnerable to employee attrition, but putting themselves at increased cyber risk, an Ivanti report finds Continue Reading
Feature 20 Sep 2023

Toyota car plant outage shows database capacity planning is vital

How could database deletes and re-organisation take out car production for 36 hours at 14 plants? We drill down into the details of database capacity planning Continue Reading
News 20 Sep 2023

Organisations failing to proactively address insider cyber risk

Organisations are spending less than 10% of their annual security budgets on trying to solve one of the costliest problems in cyber: insider risk Continue Reading
News 19 Sep 2023

Nominet and European counterparts link up on intelligence sharing

The new European TLD ISAC, a collaborative project between top-level domain providers across Europe, aims to enhance their collective security posture to better protect internet users Continue Reading
Opinion 18 Sep 2023

Security Think Tank: A user’s guide to encryption

The Security Think Tank assesses the state of encryption technology, exploring topics such as cryptographic techniques, data-masking, the legal ramifications of end-to-end encryption, and the impact of quantum Continue Reading
News 18 Sep 2023

Government seeks industry views on cyber threat to UK CNI

The Science, Innovation and Technology Select Committee is seeking evidence from the cyber sector as it launches an inquiry into the resilience of the UK's critical national infrastructure Continue Reading
News 14 Sep 2023

BlackCat on the hook for cyber attack that crippled Vegas casinos

The ALPHV/BlackCat ransomware operation claimed responsibility for an attack that forced MGM Resorts to shut down systems at some of Las Vegas’ most popular gambling venues Continue Reading
News 13 Sep 2023

Patch Tuesday: Microsoft fixes zero-days in Word and Streaming Service

September 2023 brings a light Patch Tuesday, with two zero-days and five critical vulnerabilities listed in the latest release Continue Reading
News 12 Sep 2023

US casino giant MGM Resorts battles 36-hour outage after cyber attack

Multiple systems at US hotel and casino operator MGM went down in the wake of the incident on 10 September, crippling several of Las Vegas’ most prominent casinos Continue Reading
News 11 Sep 2023

Professional ransomware gangs clearly a threat, but attacks can be easily stopped

NCSC and NCA report reveals insight into business models and underpinnings of ransomware gangs and their affiliates, but also urges defenders to take heart, as stopping a ransomware attack is not that hard to do Continue Reading
News 11 Sep 2023

UK boardrooms and CISOs increasingly aligned on cyber risks

Board members and CISOs in UK organisations seem to be working together much better, but while this is an encouraging sign, there remain some areas of concern over how the two relate to each other Continue Reading
Feature 08 Sep 2023

AI-powered cloud SIEM: Real-time threat intel boosts defences

Thanks to their advanced data analysis and predictive capabilities, AI and ML will be valuable protective tools going forward. Learn about the potential of AI-backed cloud SIEM technology Continue Reading
News 08 Sep 2023

Deputy PM urges UK plc not to lose focus on cyber

In a speech at TechUK, deputy prime minister Oliver Dowden urges the cyber security community not to lose focus, and to do more to further collaboration across sectors Continue Reading
Feature 08 Sep 2023

SME disaster recovery: Five key points to consider

We look at key DR considerations for SMEs, including RPOs, RTOs, infrastructure needed for effective continuity and the right combination of cloud and in-house provision Continue Reading
News 07 Sep 2023

Honeywell goes quantum to protect utilities from future threats

Honeywell and quantum computing specialist Quantinuum will integrate quantum-hardened encryption keys into future smart meters Continue Reading
News 07 Sep 2023

Duplicate waypoints root cause of Nats subsystem failover

Processing of waypoints that determine when a flight enters and leaves UK airspace caused the air traffic system to report a critical error Continue Reading
News 05 Sep 2023

Law firm Fieldfisher launches data breach management tool

UK and European data breach law specialist Fieldfisher has enlisted legal tech specialist Lawcadia to supply a 24-hour data breach notification assessment platform Continue Reading
News 05 Sep 2023

NCSC names ex-NCC man as new CTO

New NCSC CTO Ollie Whitehouse joins from NCC Group, having also worked at BlackBerry and Symantec Continue Reading
News 05 Sep 2023

Plymouth Uni spearheads research into wind farm cyber resilience

Project hosted at the University of Plymouth in Devon aims to develop cyber security measures to protect the UK’s increasingly important offshore wind farm assets Continue Reading
News 04 Sep 2023

How startup Once.net and Cloudflare secured the 2023 Eurovision vote

When the Eurovision Song Contest introduced paid-for public voting from outside Europe in 2023, it faced new cyber challenges. Learn how Dutch startup Once.net and Cloudflare teamed up to secure and support the big night Continue Reading
Opinion 01 Sep 2023

It might be too soon to claim victory against Qakbot

The multinational operation to take down the Qakbot (aka Qbot) malware has been hailed as a great victory, but Lumu Technologies’ Ricardo Villadiego argues that the celebrations may be a little premature Continue Reading
Opinion 01 Sep 2023

The quantum threat: Implications for the Internet of Things

The Security Think Tank assesses the state of encryption technology, exploring topics such as cryptographic techniques, data-masking, the legal ramifications of end-to-end encryption, and the impact of quantum Continue Reading
News 30 Aug 2023

Cyber world hails downfall of Qakbot trojan

A multinational law enforcement hacking operation disrupted the botnet infrastructure used to distribute the Qakbot trojan at the weekend, in a major setback for the cyber criminal underworld Continue Reading
News 30 Aug 2023

NCSC warns over possible AI prompt injection attacks

The UK’s NCSC says it sees alarming potential for so-called prompt injection attacks driven by the large language models that power AI chatbots Continue Reading
News 29 Aug 2023

Nats resorts to fail-safe manual process after technical hitch

Just a few hours of manual processing has resulted in a massive backlog in flights Continue Reading
News 29 Aug 2023

Top-performing CISOs reserve time for professional development

Survey of chief information security officers conducted by Gartner sheds light on habits shared by the top-performing members of the profession Continue Reading
News 23 Aug 2023

Cyber attacks in 2023 develop quicker as average dwell times plummet

The median attacker dwell time shrunk from 10 to eight days in the first seven months of 2023, and in the case of ransomware attacks it is down to just five days Continue Reading
News 22 Aug 2023

Clop’s MOVEit attacks drive ransomware volumes to record high

Such has been the scope of Clop’s activity since May that ransomware attack volumes have more than doubled year on year, according to the latest data Continue Reading
News 21 Aug 2023

Cyber attack on Aussie energy services firm may hit UK CNI

Energy One, an Australia-based supplier of tech services to the energy sector, is investigating the possibility that some UK customers may have been caught up in an ongoing cyber attack on its systems Continue Reading
News 21 Aug 2023

Cyber Explorers programme reaches 50,000 11-14 year olds in 18 months

The government-backed Cyber Explorers programme has reached 50,000 students in its first 18 months, and more schools are being invited to sign up for the Autumn Term Continue Reading
News 16 Aug 2023

NCSC expands Cyber Incident Response service more widely

The NCSC has added a level to its CIR programme to enable more cyber attack victims to take advantage of the service, which offers access to assured incident response specialists Continue Reading
News 16 Aug 2023

ITAM influence on cyber risk becoming a factor in credit ratings

Credit agency S&P Global Ratings warns that organisations that pay inadequate attention to IT asset management as a factor in their cyber risk management processes may find their creditworthiness takes a dive Continue Reading
Guide 14 Aug 2023

Healthcare cybersecurity risks and management

Healthcare institutions are rich in what cybercriminals want: sensitive data like PII and financial information. Learn the danger and what an effective strategy must include. Continue Reading
Guide 14 Aug 2023

Healthcare cybersecurity risks and management

Healthcare institutions are rich in what cybercriminals want: sensitive data like PII and financial information. Learn the danger and what an effective strategy must include. Continue Reading
News 14 Aug 2023

US Cyber Board to probe cloud security after latest Exchange hack

CSRB review of cloud security comes in the wake of a major Chinese cyber attack on US government bodies orchestrated through Microsoft’s cloud services Continue Reading
News 12 Aug 2023

Datacentre management vulnerabilities leave public clouds at risk

At the annual DEF CON hacking convention, researchers from Trellix have disclosed multiple vulnerabilities in key datacentre products underpinning the world’s public cloud infrastructure Continue Reading
News 10 Aug 2023

Google speeds up security update frequency for Chrome

Changes to Google’s security update policy are supposed to help close the gap in which cyber criminals can exploit n-day vulnerabilities Continue Reading
News 08 Aug 2023

Many UK organisations considering ChatGPT bans on employee devices

More than 60% of organisations in the UK have either banned, or are considering banning, the use of generative AI tools on employee- or business-owned devices Continue Reading
News 04 Aug 2023

Log4Shell, ProxyShell still among most widely exploited flaws

Statistics released by the collective Five Eyes cyber agencies reveals insight into the most exploited vulnerabilities of 2022, and unsurprisingly there are some old ‘friends’ on the list Continue Reading
Opinion 02 Aug 2023

Vigilance advised if using AI to make cyber decisions

The AI arms race is heating up, and the battle lines are being redrawn. Still, organisations should proceed cautiously and remain vigilant in scrutinising AI’s ability to ensure accurate, safe, and informed decision-making. Continue Reading
Opinion 31 Jul 2023

AI has a place in cyber, but needs effective evaluation

Organisations that don’t leverage AI-based security solutions will find themselves more vulnerable than those that do., but cyber pros still need to ensure they can effectively evaluate AI-enhanced tech to ensure it meets their use case Continue Reading
News 28 Jul 2023

Lancaster Uni lends cyber support to nuclear decommissioning body

Lancaster University’s cyber team has joined with the Nuclear Decommissioning Authority to help support and protect its 300-year mission, while enhancing its own capabilities in the process Continue Reading
Opinion 28 Jul 2023

Does AI have a future in cyber security? Yes, but only if it works with humans

Do AI and ML hold the promise of helping cyber pros achieving the holy grail of operating quicker, cheaper, and with higher efficiency? We shouldn’t hold our breath, says Nominet’s Paul Lewis Continue Reading
News 27 Jul 2023

Cyber criminals pivot away from ransomware encryption

Cyber breaches that saw data theft and extortion without an encryption or ransomware component account for more and more incidents, in a possible indication that ransomware gangs are changing up their business models Continue Reading
Opinion 27 Jul 2023

AI-enhanced cyber has potential, but watch out for marketing hype

As AI is a hot topic right now, it is no surprise there are some cyber solutions coming to market that have been thrown together in haste, but that said, genuine AI-powered security products do exist and their abilities could yet prove transformative. Continue Reading
News 26 Jul 2023

UK organisations lack confidence to carry out basic cyber tasks

Amid a shortfall of more than 10,000 cyber pros, UK businesses are still finding it difficult to fill their cyber security skills gaps, with even those in charge of security saying they lack confidence in themselves Continue Reading
News 24 Jul 2023

Security AI and automation may reduce cost of data breaches

Organisations that go all in on security AI and automation tend to incur lower financial costs when they experience a data breach incident, according to an IBM report Continue Reading
News 24 Jul 2023

Why cyber security should be part of your ESG strategy

The impact of data breaches and cyber threats on businesses, societies and the environment makes cyber security a key consideration in an environment, social and governance strategy Continue Reading
Opinion 21 Jul 2023

Future Cyber Threats: The four ‘horsemen of the apocalypse’

How to deal with emerging security threats from deep fake humans to the end of secure encryption Continue Reading
Feature 21 Jul 2023

What the Product Security and Telecommunications Infrastructure Act means for UK industry

For years, many network-connected devices have lacked adequate security, putting their users and others at risk of cyber attacks. The UK’s Product Security and Telecommunication Act aims to prevent this by mandating minimum security requirements, but what impact will this have on industry? Continue Reading
News 19 Jul 2023

Cyber criminal AI tool WormGPT produces ‘unsettling’ results

A newly discovered generative AI tool dubbed WormGPT is being sold to the cyber criminal underground via the dark web, and poses a significant danger, researchers warn Continue Reading
Opinion 19 Jul 2023

Prepare for quantum to fundamentally change PKI effectiveness

Encryption has always been a fundamental aspect of Public Key Infrastructure but the rise of quantum computing poses a significant threat to this. Thales' John Cullen says post-quantum cryptography may hold the key to safeguarding the future. Continue Reading
News 18 Jul 2023

Critical Adobe ColdFusion flaws chained in ongoing cyber attacks

Two vulnerabilities in Adobe ColdFusion have been chained by threat actors to target victim systems, apparently after one of them was accidentally disclosed Continue Reading
Opinion 17 Jul 2023

AI in cyber security: Distinguishing hype from reality

We know that malicious actors are starting to use artificial intelligence (AI) tools to facilitate attacks, but on the other hand, AI can also be a powerful tool within the hands of cyber security professionals Continue Reading
News 13 Jul 2023

One month after MOVEit: New vulnerabilities found as more victims are named

Five weeks after the mass MOVEit breach, new vulnerabilities in the file transfer tool are coming to light as the Clop cyber crime group continues to terrorise victims. But has the gang bitten off more than it can chew? Continue Reading
News 12 Jul 2023

Hackers: We won’t let artificial intelligence get the better of us

AI is changing how ethical hackers go about their work, and will continue to do so, but the community is convinced the technology will never be able to replicate the creativity of a flesh-and-blood hacker Continue Reading
News 12 Jul 2023

Microsoft users on high alert over dangerous RCE zero-day

A serious RCE vulnerability in Microsoft Office and Windows is among several zero-days disclosed in Redmond’s July Patch Tuesday update, but this one does not have a patch yet Continue Reading
News 11 Jul 2023

Malicious URL volumes soar as cyber criminals pull on Threads

Malicious actors have been quick to exploit the buzz around Meta’s newly launched Threads platform, with thousands of new suspicious domains registered exploiting its branding Continue Reading
News 11 Jul 2023

Apple pushes Rapid Response patch to fix WebKit zero-day

Apple deployed an emergency patch under its Rapid Security Response update programme, but had to temporarily suspend delivery after it caused problems for users of the Safari browser Continue Reading
News 07 Jul 2023

Suspicious email reported every five seconds in UK

National Cyber Security Centre report reveals a suspicious email was reported by UK citizens and organisations every five seconds last year Continue Reading
News 03 Jul 2023

Over half of ANZ organisations hit by ransomware

Amid the rising ransomware threat, almost four in five organisations in ANZ expect to pay a ransom if they could recover data and business processes Continue Reading
Opinion 30 Jun 2023

The time to implement an internal AI usage policy is now

As with any emerging technology, AI’s growth in popularity establishes a new attack surface for malicious actors to exploit, thereby introducing new risks and vulnerabilities to an increasingly complex computing landscape. Continue Reading
Opinion 29 Jun 2023

Navigating cyber security under ChatGPT

Balancing the risk and reward of ChatGPT – as a large language model (LLM) and an example of generative AI – begins by performing a risk assessment of the potential of such a powerful tool to cause harm Continue Reading
News 29 Jun 2023

‘Shadow’ AI use becoming a driver of insider cyber risk

Off-the-books use of generative AI tools will inevitably lead to a costly, high-profile data breach for someone, but a little attention paid to appropriate data management policy can help mitigate the risk Continue Reading
News 27 Jun 2023

WithSecure forges ahead with green coding initiative

WithSecure’s W/Sustainability programme kickstarts a number of initiatives, including a commitment to green coding the security supplier hopes will set an example for others to follow Continue Reading
News 27 Jun 2023

3,600 potential cyber security experts apply to government scheme

The UK government’s Upskill in Cyber programme is reporting great success just a month after launch, with almost half of applicants women Continue Reading
Opinion 26 Jun 2023

ChatGPT’s phishing ‘problem’ may not be overstated

Some data now suggests that threat actors are indeed using ChatGPT to craft malicious phishing emails, but the industry is doing its best to get out in front of this trend, according to the threat intelligence team at Egress Continue Reading
News 22 Jun 2023

Lancaster University launches trailblazing cyber MBA

MBA programme at Lancaster University designed to deliver security leadership education to business leaders has received NCSC backing Continue Reading
Feature 20 Jun 2023

ChatGPT is creating a legal and compliance headache for business

ChatGPT’s increased use in the workplace has led many to question its legal and compliance implications for businesses. Experts warn that the software poses major security and copyright risks Continue Reading
News 19 Jun 2023

UK to contribute up to £25m to Ukraine cyber defences

Prime minister Rishi Sunak announces an expansion to the Ukraine Cyber Programme, with a cash boost of up to £25m over the next two years Continue Reading
News 15 Jun 2023

Exploitation of Barracuda ESG appliances linked to Chinese spies

Intelligence from Mandiant links exploitation of a flaw in a subset of Barracuda ESG appliances to a previously untracked China-nexus threat actor Continue Reading
News 15 Jun 2023

NCSC warns over ‘enduring’ LockBit threat

Although its activity volumes have been lower of late, LockBit is still a highly dangerous ransomware gang and is now the subject of a new international cyber advisory Continue Reading
News 15 Jun 2023

Clop begins naming alleged MOVEit victims

Clop uploaded details of 12 new victims to its dark web leak site late on 14 June, many of them likely linked to the ongoing MOVEit cyber attack Continue Reading
News 14 Jun 2023

No zero-days for June Patch Tuesday, but plenty to chew over

On the face of it, Microsoft’s monthly round of updates is a lighter-than-usual load for security teams, with no zero-days in evidence, but there are still plenty of issues needing attention Continue Reading
News 08 Jun 2023

Vulnerability exploitation volumes up over 50% in 2022

Data from Palo Alto Networks’ Unit 42 threat intel specialists reveals insight into the scale of vulnerability exploitation in the wild Continue Reading
News 08 Jun 2023

Bishop Fox’s Vinnie Liu talks offensive security skills

There is growing demand for offensive security testing, but it needs a multi-layered skillset that can be hard to quantify. Bishop Fox’s CEO and co-founder explains why and some potential mitigation strategies Continue Reading
News 06 Jun 2023

Google launches hacker-backed SME security training scheme

Citing research that shows almost half of SMEs are struggling to recruit cyber security specialists, Google is launching a programme designed to upskill more people to fill thousands of vacant roles Continue Reading
News 06 Jun 2023

Victims of MOVEit SQL injection zero-day mount up

The BBC, Boots, and British Airways are among the victims of cyber incidents arising from a recently disclosed vulnerability in the MOVEit file transfer, exploitation of which is spreading fast Continue Reading
News 06 Jun 2023

Cyber spotlight falls on boardroom ‘privilege’ as incidents soar

Three quarters of data breaches now involve a significant human element, and the higher up they get in an organisation, the more risks people seem to take, according to Verizon’s annual Data Breach Investigations Report Continue Reading
Opinion 02 Jun 2023

Discovering the Diversity Process Flow in cyber

The UK Cyber Security Council's Simon Hepburn explains the Council's new Diversity Process Flow framework, and outlines its potential implications for ethnic minorities in the cyber sector Continue Reading
Opinion 01 Jun 2023

Generative AI – the next biggest cyber security threat?

Following the launch of ChatGPT in November 2022, several reports have emerged that seek to determine the impact of generative AI in cyber security. Undeniably, generative AI in cyber security is a double-edged sword, but will the paradigm shift in favour of opportunity or risk? Continue Reading
Opinion 01 Jun 2023

Is cyber training all the same old? Shift your perspective and get stuck in

Getting your cyber smarts only from books or presentations just isn’t going to cut it anymore – the only way we can get ahead of the cyber criminals is to get into their heads, and you can only achieve this by doing and changing your way of thinking. Continue Reading
Feature 31 May 2023

Why we need advanced malware detection with AI-powered tools

AI-powered cyber security tools have now developed to a point where they are becoming an effective approach to protecting the organisation. Learn how you can benefit from adopting them Continue Reading
News 30 May 2023

Downstream breaches of Capita customers spreading

As many as 90 organisations that used Capita services have now reported data breaches arising from various security incidents at the outsourcer Continue Reading
News 26 May 2023

Cisco joins growing Manchester cyber security hub

Networking kingpin signs up to Greater Manchester Digital Security Hub to support centre’s work on security resilience and skills Continue Reading
Opinion 26 May 2023

Five key steps where there is a risk of fraud investigation

When fraud investigators come knocking, there are some important ways in which management and senior IT professionals can make sure their company is best protected. Continue Reading
News 25 May 2023

Alert over Chinese cyber campaign targeting critical networks

A Chinese threat actor known as Volt Typhoon has been observed infiltrating CNI networks in a cyber espionage campaign, according to intelligence Continue Reading
Opinion 15 May 2023

Security Think Tank: To secure code effectively, verify at every step

Verification at every step is an important part of ensuring your code is secure, writes Petra Wenham Continue Reading
News 12 May 2023

Let’s put an end to secrecy and cover-ups in ransomware attacks

The NCSC and the ICO are calling for organisations to bite the bullet and be more open about cyber security and ransomware incidents, and the community is firmly behind them Continue Reading
News 10 May 2023

Secure Boot vulnerability causes Patch Tuesday headache for admins

Applying the fix for a security bypass zero-day affecting the Windows Secure Boot feature will be a long process that will drag into 2024, but for good reason, says Microsoft Continue Reading
News 03 May 2023

Cyber Action Plan for Wales launched

The devolved Welsh government has set out four priorities in an action plan designed to foster cyber resilience, talent and innovation across the country Continue Reading
Opinion 02 May 2023

Want to get cloud IAM right? Master the fundamentals

By getting the basics right, you’re setting yourself up for success to then can build more advanced and complex functionalities on top Continue Reading
News 02 May 2023

UK Cyber Security Council launches certification mapping tool

Cyber careers body aims to offer clarity for professionals seeking to advance through security certification Continue Reading
News 27 Apr 2023

Tenable opens playground for generative AI cyber tools

A set of generative AI cyber tools designed to help security researchers in reverse engineering, debugging and other areas of work have been made available for the community to experiment with Continue Reading