Data breach incident management and recovery
-
News
03 Nov 2025
Fewer data breaches in Australia, but human error now a bigger threat
Privacy commissioner warns that the human factor is a growing threat as notifications caused by staff mistakes rose significantly even as total breaches declined 10% from a record high Continue Reading
-
Opinion
03 Nov 2025
CISOs in court: Balancing cyber resilience and legal accountability
The Computer Weekly Security Think Tank considers the burdens and responsibilities that accompany the role of chief information security officer, and share guidance on how to navigate a challenging career path. Continue Reading
-
News
25 May 2021
Industry reflects on three years of GDPR
Looking back on 12 tumultuous months, we assess how GDPR has weathered the effects of the Covid-19 pandemic and Brexit, and consider what the coming year may hold for data protection Continue Reading
-
News
25 May 2021
Legacy vulnerabilities may be biggest enterprise cyber risk
While high-profile cyber attacks and zero-days grab headlines, statistics gathered by network security specialists Cato suggest CISOs should be addressing legacy threats Continue Reading
-
News
24 May 2021
Air India is latest victim of Sita hack
Data on millions of people who flew with Air India between 2011 and 2021 appears to have been compromised in the recent Sita supply chain attack Continue Reading
-
News
24 May 2021
Dutch researchers build security software to mimic human immune system
Software could help IT systems develop immunity to some cyber attacks in a similar way to how the body fights infection Continue Reading
-
News
24 May 2021
Why the security stack needs to move to the edge
Akamai’s chief technology officer Robert Blumofe makes the case for a decentralised security model to address cyber threats that are emanating from the network edge Continue Reading
-
Podcast
21 May 2021
CyberUK, bees and datacentres, Red Cross digital mapping – Computer Weekly Downtime Upload podcast
In this episode of the Computer Weekly Downtime Upload podcast, Caroline Donnelly and Brian McKenna are joined by Alex Scroxton, security editor, to discuss CyberUK, bees and datacentres, and the British Red Cross’ use of digital mapping to combat Covid-19 Continue Reading
-
News
21 May 2021
Lack of developer attention to cloud security prompts alerts
The personal data of over 100 million Android users may have been put at risk through a variety of cloud service misconfigurations Continue Reading
-
News
20 May 2021
Malicious scans for at-risk systems start minutes after disclosure
Statistics collated by Palo Alto Networks reveal malicious actors begin scanning the internet for systems at risk of new CVEs within minutes Continue Reading
-
Blog Post
20 May 2021
Throwback Thursday: Even data fragmentation has gone virtual
If there’s one thing that our report Storage Anywhere and Everywhere from eight years ago reminds us, it’s that the risks of uncontrolled data growth are nothing new. As our contribution to the bit ... Continue Reading
-
News
20 May 2021
HP taps micro virtual machines in endpoint security
HP’s Wolf Security technology stack uses an endpoint security controller to run computing tasks in micro virtual machines so that any potential malware can be isolated and contained Continue Reading
-
News
19 May 2021
Reports of stolen Irish health service data being leaked online
Leaking of deeply confidential and personal information on patient healthcare marks a new low for the criminal Conti gang Continue Reading
-
News
18 May 2021
Australian budget lends support to digital economy
Australia’s A$1.2bn Digital Economy Strategy ticks most of the right boxes, but some industry experts say areas such as broadband infrastructure and artificial intelligence are still underfunded Continue Reading
-
E-Zine
18 May 2021
The real-life consequences of ransomware attacks
In this week’s Computer Weekly, after a ransomware attack shut a major US oil pipeline, we examine the real-life consequences for organisations facing similar threats. We ask the experts for their top tips in reducing datacentre running costs. And we hear how data science skills are helping government make better decisions. Read the issue now. Continue Reading
-
News
17 May 2021
Conti ransomware syndicate behind attack on Irish health service
More details continue to emerge of the significant ransomware attack on Ireland’s HSE Continue Reading
-
News
17 May 2021
Government seeks input on supply chain security
Amid concerns that too few companies are addressing vulnerabilities in their supply chain, DCMS is opening a consultation on new measures to enhance security Continue Reading
-
News
14 May 2021
Colonial Pipeline paid $5m ransom, reports say
Colonial Pipeline may have paid a significant ransom within hours of being attacked, it has emerged, but it’s unlikely the story ends here Continue Reading
-
News
14 May 2021
Irish health service hit by major ransomware attack
IT systems in hospitals across Ireland have been switched off following a significant ransomware attack Continue Reading
-
News
13 May 2021
Publishing exploit code does more harm than good, says report
Disclosing exploit code before patches are available gives malicious actors a ‘massive’ head-start, says Kenna Security Continue Reading
-
News
13 May 2021
Biden beefs up public-private security cooperation
Joe Biden has signed a new Executive Order to harden US cyber security and government networks, with an emphasis on information sharing Continue Reading
-
News
13 May 2021
Verizon DBIR underscores year of unprecedented cyber challenge
Verizon 2021 Data Breach Investigations Report draws predictable conclusions as the impact of the Covid-19 pandemic continues to be felt Continue Reading
-
News
12 May 2021
Inside DarkSide: Researchers share intel on break-out cyber gang
Security researchers swap information on the newly famous DarkSide ransomware gang, the group that doesn’t appear to understand what ‘being a criminal’ actually means Continue Reading
-
News
12 May 2021
UK to fund national cyber teams in Global South
Government will commit millions of pounds to supporting vulnerable countries in establishing cyber capacity Continue Reading
-
News
11 May 2021
UK Plc invited to sign up for Early Warning of cyber incidents
The launch of the Early Warning incident notification service is among the enhancements being made by the NCSC to its service packages Continue Reading
-
News
11 May 2021
NCSC cyber guidance targets cloud and home working
The NCSC’s refreshed cyber security guidance for larger organisations places particular emphasis on cloud, home working and ransomware Continue Reading
-
News
11 May 2021
Collaboration key to success of UK’s Cyber Security Council
The founders of the UK’s Cyber Security Council have been setting out their plans to professionalise the cyber sector at the NCSC’s CyberUK 2021 event Continue Reading
-
News
11 May 2021
SolarWinds CEO calls for collective action against state attacks
SolarWinds CEO tells NCSC’s CyberUK conference he is exploring the possibility of collaborating with other companies on collective cyber action against attacks backed by nation states Continue Reading
-
News
11 May 2021
Colonial Pipeline ransomware attack has grave consequences
The ramifications of a major ransomware attack against a US fuel pipeline operator could spread far and wide Continue Reading
-
News
10 May 2021
NCSC Active Cyber Defence blocks surge of pandemic scams
The NCSC responded to a surge in online scams last year as it moved to protect both the general public and critical national services during the pandemic Continue Reading
-
News
07 May 2021
NCSC, CISA publish new information on Russia’s Cozy Bear
New intelligence from UK and US cyber agencies suggests that APT29, or Cozy Bear, has been switching up its tactics Continue Reading
-
News
07 May 2021
NCSC publishes smart city security guidelines
Guidance for local authorities, IT and cyber professionals aims to ensure the security of connected, smart city projects Continue Reading
-
News
07 May 2021
Cyber accreditation to improve legal standing of security pros
Institute of Cyber Digital Investigations Professionals will help incident responders and cyber investigators get the professional recognition they deserve Continue Reading
-
News
07 May 2021
Reddit enlists HackerOne to run public bug bounty programme
Online community platform is opening up its HackerOne bug bounty programme to any ethical hacker who cares to have a look under the bonnet Continue Reading
-
News
07 May 2021
Ransomware, supply chain attacks show no sign of abating
Security experts at Black Hat Asia 2021 discuss the state of ransomware and supply chain attacks, two of the most common attack vectors that offer high returns for threat actors Continue Reading
-
News
06 May 2021
Scammers accidentally reveal fake Amazon review data
More than 13 million records relating to an organised fake review scam have been found on an unsecured ElasticSearch database, implicating hundreds of thousands of people in unethical behaviour Continue Reading
-
News
06 May 2021
HSBC blocks £249m in UK fraud with voice biometrics
HSBC voice recognition technology has reduced telephone banking fraud as demand for the channel increases Continue Reading
-
News
05 May 2021
Sophos: How timely intervention stopped a ProxyLogon attack
A recent incident at an undisclosed customer sheds new light on how malicious actors exploit unpatched Microsoft Exchange servers Continue Reading
-
News
04 May 2021
Half of organisations breached via a third party in 12 months
New report highlights the risks of outsourcing key business processes without paying due care and attention to your service provider’s security Continue Reading
-
News
29 Apr 2021
Northern Ireland pilots security training plan for 16-25s
Pilot scheme in Northern Ireland aims to widen access to cyber security careers Continue Reading
-
News
28 Apr 2021
Covid-19 security challenges leave bank customers at risk
Challenges arising from the pandemic have left gaping holes in banking security, putting consumers at risk of fraud Continue Reading
-
News
28 Apr 2021
Recruiters can’t afford to hold out for cyber ‘unicorns’
The perfect security candidate is hard to find, so hiring policy needs to be more pragmatic Continue Reading
-
News
28 Apr 2021
Office 365 compromise likely led to Merseyrail ransomware attack
Compromise of Merseyrail employee data seems to have begun after a key email account was hacked Continue Reading
-
News
27 Apr 2021
Total cost of ransomware attack heading towards $2m
Sophos’ latest study finds that ransomware attacks are proving increasingly disruptive to their victims’ finances Continue Reading
-
News
27 Apr 2021
Leaky Azure storage account puts software developer IP at risk
Source code for multiple products was left exposed in an unsecured Microsoft Azure cloud storage account, say researchers, but attributing responsibility for the error has proved difficult Continue Reading
-
News
22 Apr 2021
Researchers shed more light on APT29 activity during SolarWinds attack
RiskIQ’s Atlas threat intel team uncovers new patterns and threat infrastructure used in the SolarWind’s attacks Continue Reading
-
News
22 Apr 2021
ToxicEye malware exploits Telegram messaging service
The Telegram instant messaging service is being used by malicious actors to manage a remote access trojan called ToxicEye Continue Reading
-
News
21 Apr 2021
NCSC offers teachers free cyber security training
The NCSC’s latest security training offer builds on a package of measures designed to protect schools from cyber attack Continue Reading
-
News
21 Apr 2021
SonicWall Email Security zero-days need urgent patch
Users of SonicWall Email Security are advised to patch immediately, but the supplier is being criticised for the pace of its response Continue Reading
-
News
21 Apr 2021
Time is running out to probe networks for Emotet
Security teams will lose an unprecedented opportunity to gain valuable intelligence to enhance their defences when Emotet is finally ‘executed’ in a few days’ time Continue Reading
-
News
20 Apr 2021
Chinese APT exploits critical CVE in Pulse Secure VPN
A newly disclosed vulnerability in Pulse Secure’s VPN is being exploited by a Chinese advanced persistent threat group – assume compromise and mitigate today Continue Reading
-
Opinion
20 Apr 2021
Security Think Tank: ‘Legitimate interest’ crucial for vaccine passports
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
News
20 Apr 2021
Codecov supply chain attack has echoes of SolarWinds
Supply chain attack on code auditing service may have compromised the likes of HPE and IBM Continue Reading
-
Opinion
16 Apr 2021
The Secret IR Insider’s Diary – from Sunburst to DarkSide
From dealing with SolarWinds fallout to ransomware attacks, it’s been a busy few weeks for the Secret IR Insider, but they've picked up some new tricks along the way Continue Reading
-
News
16 Apr 2021
Finnish government strengthens country’s IT network security
Finland’s government has created a new national organisation to help public and private bodies improve network security Continue Reading
-
News
15 Apr 2021
Biden sanctions Russia over SolarWinds cyber attacks
US president imposes new sanctions on Russia following malicious cyber attacks against the US and allies Continue Reading
-
News
15 Apr 2021
University of Hertfordshire is latest academic cyber attack victim
Multiple systems are offline at the University of Hertfordshire following a cyber attack Continue Reading
-
News
15 Apr 2021
Microsoft is most impersonated brand in phishing attempts
Technology companies continue to be frequently spoofed by cyber criminals in their phishing attempts Continue Reading
-
News
15 Apr 2021
Ireland’s DPC launches probe into Facebook leak
The Irish Data Protection Commission has launched an ‘own volition’ inquiry into the leak of data from 500 million Facebook profiles Continue Reading
-
Opinion
14 Apr 2021
Security Think Tank: Vaccine passports cannot be taken lightly
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
News
13 Apr 2021
MP told to ditch official email over hacking fears
MP Tom Tugendhat claims the intelligence services advised him to switch to the Gmail service due to concerns his parliamentary email could be hacked Continue Reading
-
Opinion
12 Apr 2021
What has a year of home working meant for the DPO?
Byron Shirley of The Compliance Space explores how the role of the data protection officer has changed in the past 12 months Continue Reading
-
News
09 Apr 2021
Egypt, Italy and US most affected in Facebook leak
Researchers at VPN firm Surfshark have been analysing data on 533 million people leaked from Facebook Continue Reading
-
News
09 Apr 2021
NCSC: Using your pet’s name as a password is very stupid
If your email password is still Rex, Rover or Mr Fluffles, it’s probably best to change it, the NCSC has said Continue Reading
-
News
09 Apr 2021
Cring ransomware hits ICS through two-year-old bug
A long-disclosed vulnerability in Fortinet’s Fortigate VPN servers is being exploited to distribute Cring ransomware Continue Reading
-
News
08 Apr 2021
Nation-state cyber attacks double in three years
Cyber attacks backed by nation states are becoming more frequent and varied, moving the world closer to a point of ‘advanced cyber-conflict’, according to a University of Surrey research project Continue Reading
-
News
07 Apr 2021
Facebook ducks calls to apologise over huge data leak
Facebook gives its side of the story as data on millions of its users leaks, but is yet to apologise for security lapses that put half a billion people at risk of compromise Continue Reading
-
News
06 Apr 2021
Facebook data leak could be outside scope of GDPR
Regulators may be unable to do much about leaked data on 533 million Facebook users, as it seems to have been stolen before GDPR came into force Continue Reading
-
News
31 Mar 2021
NHS is apparently closing security skills gap
By the end of 2020, there were more than twice as many in-house security professionals at NHS trusts as there were two years before Continue Reading
-
Opinion
31 Mar 2021
Security Think Tank: Evolving threats, tech, leaves CNI exposed
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
31 Mar 2021
Cyber Security Council to champion UK security pros
A new cyber security professional body has launched with the aim of developing and promoting UK cyber security excellence globally and growing the skills base Continue Reading
-
News
30 Mar 2021
Ransomware attack on London schools highlights warnings
Ransomware attack on Harris Federation comes just days after a fresh NCSC alert for the education sector Continue Reading
-
News
30 Mar 2021
The Security Interviews: How to secure an F1 team in a pandemic
A multi-year digital transformation programme paid off for F1 team Williams Racing when the 2020 season was abruptly postponed thanks to Covid-19. Learn how the team’s CIO has been supporting remote working and protecting data Continue Reading
-
News
29 Mar 2021
UK courts face evidence ‘black hole’ over police EncroChat mass hacking
French investigators have refused to disclose how they downloaded millions of messages from a supposedly secure cryptophone network used by organised criminals – leaving UK courts to grapple with a forensic ‘black hole’ of evidence Continue Reading
-
News
29 Mar 2021
Cyber attack takes Channel Nine off-air
The Australian broadcaster was hit by an alleged ransomware attack that disrupted broadcasting operations in its Sydney studio Continue Reading
-
News
26 Mar 2021
Retailer FatFace pays $2m ransom to Conti cyber criminals
Retailer FatFace paid out a $2m ransom to restore its data following a January 2021 cyber attack by the Conti ransomware syndicate Continue Reading
-
News
25 Mar 2021
Cyber security complacency puts UK at risk, says NCSC head
National Cyber Security Centre CEO Lindy Cameron, in her maiden speech in the role, warns of challenges ahead for the UK and sets out the future agenda for cyber Continue Reading
-
News
25 Mar 2021
Four in five UK businesses seek new security suppliers
Decision-makers are ready to buy new security technology, but suppliers must pay close attention to how they present themselves Continue Reading
-
News
25 Mar 2021
More than £34.5m stolen in pandemic scams over past year
City of London Police and National Cyber Security Centre report large uptick in threats and crime related to Covid-19 over the past year, in some cases directed specifically at health organisations Continue Reading
-
News
24 Mar 2021
Oil giant Shell hit through Accellion FTA breach
Energy firm discloses cyber attack through Accellion File Transfer Appliance Continue Reading
-
News
24 Mar 2021
Apparent drop in cyber incidents highlights underlying problems
UK organisations report fewer cyber security incidents, but the headline data masks more serious issues, according to a report Continue Reading
-
Feature
24 Mar 2021
How to choose the right email security service for your organisation
With email security threats growing rapidly, businesses can quickly identify and block these by using a top email security service. Here’s how to select the right provider Continue Reading
-
News
23 Mar 2021
NCSC beefs up support for education sector after spate of attacks
Refreshed guidance from the NCSC recommends a defence-in-depth strategy as schools and universities face a renewed wave of cyber attacks Continue Reading
-
Opinion
23 Mar 2021
Security Think Tank: Attacks on CNI – an evolving frontier in warfare
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
22 Mar 2021
$50m ransomware demand on Acer is highest ever
Record-breaking double-extortion cyber attack saw REvil gang exfiltrate financial data from Taiwan-based PC manufacturer Continue Reading
-
Opinion
22 Mar 2021
Security Think Tank: Back to square one – ground-up CNI protection
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Opinion
19 Mar 2021
Security Think Tank: Properly protecting CNI demands specificity
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
18 Mar 2021
Eastern Health reports ‘cyber incident’, takes systems offline
Australian healthcare provider Eastern Health takes IT systems offline as a precaution while it looks into a cyber incident Continue Reading
-
Opinion
17 Mar 2021
Security Think Tank: Take a realistic perspective on CNI cyber attacks
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
17 Mar 2021
Average ransomware cost triples, says report
The average amount paid out by ransomware victims has grown almost threefold to more than $300,000 per incident, according to a report Continue Reading
-
Opinion
17 Mar 2021
Security Think Tank: CNI operators must focus on core issues
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
17 Mar 2021
Cyber sector welcomes PM’s defence review
Security commentators approve of measures to improve the UK’s cyber resilience, strengthen its R&D and skills base, lead on the development of new technology and promote a free, open, peaceful and secure global internet Continue Reading
-
Guest Post
16 Mar 2021
How attackers counter incident response after a data breach
It's not over until it's over. Explore how attackers use backdoors and evasion techniques to counter incident response measures even long after a data breach is disclosed. Continue Reading
-
News
16 Mar 2021
MoD partners playing fast and loose with confidential data
Clear spike in data breach incidents at defence partners may reflect better reporting standards, claims MoD Continue Reading
-
News
16 Mar 2021
Unusual DearCry ransomware uses ‘rare’ approach to encryption
Hybrid approach to encryption used by DearCry bears similarities to WannaCry Continue Reading
-
News
16 Mar 2021
Microsoft releases one-click ProxyLogon mitigation tool
Microsoft’s mitigation tool is designed to help customers without dedicated security or IT teams navigate fixing their vulnerable Exchange servers Continue Reading
-
News
15 Mar 2021
UK plans ‘full spectrum’ approach to national cyber security
PM Boris Johnson expands on proposed National Cyber Force and plans to set up a north of England Cyber Corridor Continue Reading
-
News
15 Mar 2021
Microsoft Exchange ProxyLogon attacks spike 10 times in four days
Exploitations of the Microsoft Exchange ProxyLogon vulnerabilities have increased tenfold in just four days Continue Reading
-
News
15 Mar 2021
Judges refuse EncroChat defendants’ appeal to Supreme Court
Experts suggest Parliament and Investigatory Powers Tribunal need to consider the implications of a court decision on police use of data from the EncroChat phone network Continue Reading
-
Opinion
15 Mar 2021
EncroChat ruling has ‘far-reaching effects’ for legal role of interception in UK investigations
The computer forensic experts involved in the review of police use of data hacked from the ultra-secure EncroChat phone network assess the impact of the Appeal Court ruling on future legal use of intercept evidence Continue Reading
-
Opinion
15 Mar 2021
Security Think Tank: CNI operators are in an unenviable position
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
12 Mar 2021
NCSC issues emergency alert on Microsoft Exchange patch
UK’s national cyber agency calls on organisations affected by the ProxyLogon vulnerabilities to patch their Microsoft Exchange Servers immediately Continue Reading