Data breach incident management and recovery
-
News
02 Jul 2025
US CISA agency extends Iran cyber alert, warns of CNI threat
The US Cybersecurity and Infrastructure Security Agency reiterates guidance for operators of critical national infrastructure as it eyes the possibility of cyber attacks from Iran Continue Reading
-
News
02 Jul 2025
Scattered Spider link to Qantas hack is likely, say experts
A developing cyber attack at Australian airline Qantas that started at a third-party call centre is already being tentatively attributed to Scattered Spider. Find out more and learn about the next steps for those affected Continue Reading
-
Opinion
07 Jan 2020
Security Think Tank: Get your users to take pride in security
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
06 Jan 2020
Cyber gangsters demand payment from Travelex after ‘Sodinokibi’ attack
Cyber criminals are demanding payment to decrypt Travelex’s computer files after a devastating malware attack. New questions have been raised about the security of Travelex’s computer network after it emerged the company waited eight months to patch vulnerable VPN servers Continue Reading
-
News
06 Jan 2020
UK cyber security boss Ciaran Martin to step down
NCSC chief Ciaran Martin will leave his post in the summer of 2020 Continue Reading
-
Opinion
06 Jan 2020
Security Think Tank: Let’s call time on inciting fear among users
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
03 Jan 2020
Suspected ransomware attack causes worldwide disruption for Travelex
Travelex switches off computer systems and resorts to cash-only currency sales after malware attack. Insiders claim the currency exchange chain has been hit by ransomware which has left critical files containing customer data encrypted Continue Reading
-
Opinion
03 Jan 2020
Security Think Tank: Put information at the heart of security
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
03 Jan 2020
How Darktrace is riding the AI boom
Cyber security firm known for its artificial intelligence smarts doubled its headcount across Asia-Pacific last year in key markets including Australia and South Korea Continue Reading
-
News
02 Jan 2020
California’s CCPA an opportunity for security industry to do better
California’s consumer protection and data privacy laws came into effect on 1 January 2020, and present a golden opportunity for the cyber security practitioners Continue Reading
-
News
31 Dec 2019
Top 10 ASEAN IT stories of 2019
Here are Computer Weekly’s top 10 ASEAN IT stories of 2019 Continue Reading
-
Feature
30 Dec 2019
Can the UK government’s efforts solve the cyber skills gap?
There has been an active effort by the UK government to tackle the lack of skills in the cyber security space – but is it enough? Continue Reading
-
News
24 Dec 2019
Top 10 cyber crime stories of 2019
Here are Computer Weekly’s top 10 cyber crime stories of 2019 Continue Reading
-
News
23 Dec 2019
Top 10 cyber security stories of 2019
Here are Computer Weekly’s top 10 cyber security stories of 2019 Continue Reading
-
News
20 Dec 2019
Finnish government supports local authorities in cyber security initiative
The Finnish government has committed resources to a cyber security project aimed at local authorities Continue Reading
-
News
18 Dec 2019
Top 10 Australia IT stories of 2019
Here are Computer Weekly’s top 10 Australia IT stories of 2019 Continue Reading
-
News
17 Dec 2019
Group-IB CEO talks up global threat landscape
Public attribution of cyber attacks could backfire while a global cyber norms framework won’t emerge until a catastrophic incident occurs, says the head of Singapore-based Group-IB Continue Reading
-
Opinion
16 Dec 2019
Security Think Tank: Data-centric security requires a holistic approach
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
13 Dec 2019
Alarm bells ring, the IoT is listening
With Christmas bearing down on us, a series of vulnerability disclosures has drawn attention to the parlous state of IoT security, and serves as a timely warning to people planning to buy smart devices as gifts Continue Reading
-
Opinion
13 Dec 2019
Security Think Tank: Data-centric security requires context and understanding
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
Opinion
13 Dec 2019
Top tips for avoiding and dealing with data breaches
Been hacked, lost a laptop or sent an email to the wrong address? Do you need to notify anyone and what should you do? Find out in this simple guide Continue Reading
-
Opinion
11 Dec 2019
Security Think Tank: Risk-based response critical to protect data
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
10 Dec 2019
Rapid evolution of quantum computing a concern for CISOs
With the race to achieve so-called quantum supremacy hotting up, security pros are concerned that it will outpace the development of appropriate safeguards, according to a report Continue Reading
-
News
09 Dec 2019
Public sector still losing user devices in high numbers
The Ministry of Justice has lost 354 smartphones, PCs, laptops and tablets in the past 12 months, according to a Freedom of Information request, and other government departments are in the same boat Continue Reading
-
News
06 Dec 2019
How commodities firm ED&F Man solved its threat detection challenges
After a minor server breach, leading commodities trader turned to Vectra’s Cognito service to expose hidden threats, spot privilege misuse, and conduct conclusive investigations Continue Reading
-
News
06 Dec 2019
Cyber security takes its place alongside UK’s armed services
Head of armed services says cyber security will take its place alongside the army, navy and air force as a key pillar of the UK’s defence strategy Continue Reading
-
Opinion
06 Dec 2019
Security Think Tank: Is data more or less secure in the cloud?
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
News
06 Dec 2019
Great Cannon DDoS operation fires on Hong Kong protesters
AT&T’s security unit has evidence that China is pressing its Great Cannon DDoS tool into service once again, specifically to target pro-democracy protests in Hong Kong Continue Reading
-
News
05 Dec 2019
Two Russians indicted over Dridex and Zeus malware
The US Department of Justice has indicted two Russian citizens over their alleged role in the distribution of the virulent Bugat, or Dridex, and Zeus banking trojans Continue Reading
-
News
04 Dec 2019
Black Hat Europe: Red teams and blue teams must evolve in the 2020s
The red team versus blue team dichotomy is somewhat arbitrary and risks pigeonholing skilled security professionals into certain roles, says Facebook’s Amanda Rousseau Continue Reading
-
Opinion
03 Dec 2019
Cyber security: How to avoid a disastrous PICNIC
Fieldfisher’s David Lorimer examines how individual employees often facilitate cyber attacks, and what can be done to reduce the risk Continue Reading
-
News
29 Nov 2019
TfL locks down Oyster accounts to ward off credential stuffing
Mandatory password reset for all travellers who use Oyster and contactless payment systems follows minor breach incident earlier in 2019 Continue Reading
-
News
29 Nov 2019
Hack Friday: This Christmas, fight back against cyber criminals
It’s nearly Christmas, and cyber attacks and fraud attempts in the retail sector are ramping up. Is it time to panic? And is there anything we can do beyond hammering home the message around basic cyber security hygiene? Continue Reading
-
Feature
28 Nov 2019
Get ready for CCPA: Implications for UK businesses
The California Consumer Privacy Act, a wide-ranging data privacy and consumer protection law, comes into effect on 1 January 2020. How does CCPA differ from the EU GDPR regulations and what are the responsibilities for UK businesses operating in the US? Continue Reading
-
News
28 Nov 2019
The Security Interviews: Do cyber weapons need a Geneva Convention?
On a cold afternoon in Finland, F-Secure’s Mikko Hypponen discusses cyber weapons and nation state threats, and explains why arms limitations treaties might one day expand to include malware and other threats Continue Reading
-
News
27 Nov 2019
Security skills gap will take a decade to fill
The British education systems cannot move fast enough to address the security skills crisis, and in the absence of government action increased reliance on automation may be the least worst solution Continue Reading
-
News
26 Nov 2019
Enterprises muddled over cloud security responsibilities
A McAfee study suggests that 2020 will be a big year for cloud adoption, but confusion still persists over who is responsible for securing it Continue Reading
-
Video
26 Nov 2019
CW500 Interview: Jonathan Moreira, CTO of PrimaryBid.com
In this CW500 video, Jonathan Moreira, CTO of PrimaryBid.com, gives a fintech startup’s perspective on the security challenges small businesses can face when adopting new technologies. Continue Reading
-
News
25 Nov 2019
AI may open dangerous new frontiers in geopolitics
Truly artificial intelligence has the potential to provoke an international geopolitical crisis, warns F-Secure’s Mikko Hypponen Continue Reading
-
News
25 Nov 2019
Conservatives propose national cyber crime force
Manifesto also says Tories would “empower the police to safely use new technologies like biometrics and artificial intelligence, along with the use of DNA, within a strict legal framework” Continue Reading
-
News
22 Nov 2019
Mystery surrounds leak of four billion user records
Threat researchers uncover four billion user records on a wide-open Elasticsearch server but who left them there is a mystery Continue Reading
-
News
21 Nov 2019
British Airways cancels flights due to technical issue
British Airways customers are suffering delays and cancellations as a result as a technical issue Continue Reading
-
News
20 Nov 2019
Mimecast blocked 99 billion suspicious emails in third quarter
Latest threat intelligence report reveals the scale of the threat posed by malicious emails, with the transport, legal and financial sectors hit hardest Continue Reading
-
News
20 Nov 2019
Massive increase in fraud attacks on TSB customers during IT meltdown
There was a massive spike in attempts by fraudsters to steal from TSB customers when the bank’s IT systems failed in 2018 Continue Reading
-
News
19 Nov 2019
Public sector risks downplayed by senior IT leaders
Sophos reveals a significant cyber security perception gap between senior IT and security leaders in the public sector and their front-line teams Continue Reading
-
News
19 Nov 2019
Macy’s Magecart breach presages Christmas fraud spike
US retailer Macy’s admits some customer data was accessed by unknown actors during a week-long Magecart attack Continue Reading
-
News
19 Nov 2019
Managed services fuelling APAC security market
Spending on managed security services will account for almost half of Asia-Pacific’s cyber security market by 2023, as global and local providers shore up their offerings in the region Continue Reading
-
News
15 Nov 2019
Notorious hackers claim responsibility for Labour DDoS
Hackers claiming to represent Lizard Squad say they were behind a distributed denial of service attack on the UK’s Labour Party Continue Reading
-
News
14 Nov 2019
Cyber criminals tool up for Christmas fraud season
Organised criminals are trying to cash in on the festive retail boom with both brand new and tried-and-tested techniques Continue Reading
-
News
13 Nov 2019
Business leaders fibbing to cover up lax security posture
Nominet study finds evidence that many businesses tout the robustness of their security posture as a selling point even though their security teams lack confidence in themselves Continue Reading
-
News
13 Nov 2019
Attack on Labour shows need for DDoS defence but should alarm few
After being hit by two DDoS attacks in the space of 24 hours, many commentators are convinced the UK’s Labour Party is the victim of foreign interference in the General Election campaign. It probably isn’t Continue Reading
-
News
13 Nov 2019
Cyber risk insurance is more than just insurance
Insurance companies such as Chubb are offering incident response services and security tools to help companies improve their cyber security posture and better cope with cyber attacks Continue Reading
-
News
12 Nov 2019
Nordic SMEs lack the money needed for cyber security
Businesses and governments in Denmark and Norway are working together to address a cyber security shortfall for SMEs in each country Continue Reading
-
News
12 Nov 2019
PCI DSS payment security compliance drops again
Worldwide, barely one-third of companies are maintaining full compliance with the PCI DSS security standard – and the numbers are falling Continue Reading
-
News
12 Nov 2019
‘Robust’ security foils cyber attack on Labour Party
Labour claims to have been the victim of a cyber attack, but says it is confident no data leaked Continue Reading
-
News
08 Nov 2019
Morrisons in new appeal over data breach fine
The Supreme Court has heard an appeal from retailer Morrisons as it attempts to overturn prior judgments holding it liable for a 2014 leak of employee data Continue Reading
-
News
07 Nov 2019
Saudis recruited Twitter employees to spy on critics
Court documents reveal how the Saudi Arabian government targeted Twitter employees as part of a coordinated effort to gather information on known dissidents Continue Reading
-
News
06 Nov 2019
Trend Micro insider breach exposes need for data-centric protection
Simple measures could have saved consumer security product supplier from insider breach Continue Reading
-
News
06 Nov 2019
Global security workforce must more than double to meet demand
There are about 2.8 million cyber security professionals working today, and the world needs four million more Continue Reading
-
News
06 Nov 2019
Professional cyber criminals command $75k per annum
An ill-advised career in cyber crime is potentially almost as well-paying as a job as a threat researcher in the industry, according to Tenable researchers Continue Reading
-
News
05 Nov 2019
Ransomware authors seeking new ways to avoid being spotted
Sector analysis from Sophos has revealed some insight into how malware authors are adapting to thwart cyber security controls Continue Reading
-
Feature
04 Nov 2019
Making the case for integrated risk management
Security experts discuss how an integrated approach to risk and governance can be effectively managed Continue Reading
-
News
31 Oct 2019
Facebook agrees to pay £500,000 fine over Cambridge Analytica data law breaches
Social media giant also promises to change the way its platform is used to protect people’s data Continue Reading
-
News
29 Oct 2019
NordVPN enlists ethical hackers, launches bug bounty programme
Breached consumer VPN supplier details steps it is taking to shore up its cyber security posture after an unknown actor gained access to one of its servers Continue Reading
-
News
29 Oct 2019
Fancy Bear resumes Olympic hacks ahead of Tokyo games
Fancy Bear is back in action and once again targeting anti-doping bodies and sporting organisations, warns Microsoft Continue Reading
-
News
24 Oct 2019
Know Fraud database became backlog dump
Reports to Action Fraud handled by City of London Police’s National Fraud Intelligence Bureau were quarantined as security risk, finds HM’s Inspectorate of Constabulary and Fire and Rescue Services Continue Reading
-
News
24 Oct 2019
£4,000 bug bounty could have saved BA from record ICO fine
British Airways and others could have saved themselves millions of pounds’ worth of fines by having ethical hackers check their systems for simple vulnerabilities Continue Reading
-
News
23 Oct 2019
Take responsibility for cyber security basics, urges NCSC CEO
At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load Continue Reading
-
News
22 Oct 2019
NordVPN blames datacentre provider for server breach
VPN provider insists no user data was compromised in a March 2018 server breach, and says its datacentre provider failed to inform it of the issue Continue Reading
-
News
22 Oct 2019
Malware volumes decline, but risks are higher
More insidious and targeted strains of malware are going after high-quality targets, rather than a large volume of targets Continue Reading
-
News
22 Oct 2019
Attacker hit VPN firm Avast through its VPN
Avast has published details of how attackers attempted to gain access to its network over a five month period Continue Reading
-
News
21 Oct 2019
Equifax lawsuit offers more evidence against passwords
Equifax’s internal security policies were a mess and directly led to one of the largest recorded data breaches in history, according to a lawsuit, demonstrating fundamental insecurities inherent in the use of passwords Continue Reading
-
News
21 Oct 2019
Alleged state hackers adapting to cover their tracks, says NCSC
A group called Turla with suspected links to the Russian government stole Iranian tools and infrastructure to obscure the origins of attacks on multiple other countries, according to new evidence Continue Reading
-
News
21 Oct 2019
Trend Micro buys cloud security firm to broaden offering
Acquisition of Cloud Conformity will address often overlooked cloud security fundamentals Continue Reading
-
News
21 Oct 2019
Sodinokibi emerging as a diverse, multi-vector threat to businesses
McAfee shares insight into the Sodinokibi ransomware campaign gleaned from its network of honeypots Continue Reading
-
News
17 Oct 2019
BEIS launches multimillion-pound security investment package
Government is making available more than £50m to support a range of new cyber security initiatives and collaborations, including the latest phase of its Digital Security by Design programme Continue Reading
-
News
17 Oct 2019
NHSX could transform NHS security capabilities
The health sector is increasingly confident that NHSX can deliver a streamlined, effective cyber security policy for the health service Continue Reading
-
News
17 Oct 2019
Security threat landscape becomes more organised and business-like
Approaches to securing the enterprise need to change in the face of a rapidly maturing threat landscape Continue Reading
-
News
16 Oct 2019
Pitney Bowes ‘considering options’ after malware attack
Mailing and shipping services firm in recovery mode after key systems were encrypted by a malware attack Continue Reading
-
Opinion
15 Oct 2019
Security Think Tank: Risk management must go beyond spreadsheets
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making? Continue Reading
-
News
14 Oct 2019
Researchers reveal the cyber campaign that built China's new airliner
CrowdStrike has published details of a coordinated campaign of cyber espionage and hacking, forced technology transfer and physical theft as China seeks to gain an advantage in the commercial aviation industry Continue Reading
-
Feature
10 Oct 2019
Data management strategies are evolving – so must enterprises
A growing number of data-driven initiatives, alongside heightened demand for security in governance, data management and compliance, has led to the rise of a more holistic approach – integrated risk management Continue Reading
-
Opinion
07 Oct 2019
Security Think Tank: Risk is unavoidable in digital transformation
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
News
03 Oct 2019
IT contractor charged over cyber attack on property valuation firm
Australian police charge 49-year-old man with stealing and posting more than 170,000 data records belonging to ASX-listed Landmark White on the dark web Continue Reading
-
News
03 Oct 2019
LogRhythm touts unlimited data plan for SIEM systems
SIEM supplier introduces three-year, term-based pricing plan that lets enterprises ingest as much data as they want without breaking the bank Continue Reading
-
News
03 Oct 2019
Local authorities hit by 800 cyber attacks every hour
Local authorities and councils in the UK have reported being hit by more than 263 million cyber attacks in the first six months of this year Continue Reading
-
News
03 Oct 2019
New threat group behind Airbus cyber attacks, claim researchers
Context Information Security’s threat intel and response teams says it has evidence that the recent supply chain attacks on Airbus are the work of a newly identified group called Avivore Continue Reading
-
News
03 Oct 2019
Cyber war as big a threat as nuclear war, says ex-RSA head Coviello
Former RSA chairman Art Coviello has been speaking about the devastating potential of cyber weapons, and warned that humanity must learn from history in order to control them Continue Reading
-
News
01 Oct 2019
Singapore outlines initiatives to tackle OT and IoT security
The Cyber Security Agency of Singapore has developed a blueprint to secure operational technology systems in critical sectors, among other measures to secure cyber-physical systems and the internet of things Continue Reading
-
News
27 Sep 2019
Five million DoorDash customers’ details lost in data breach
Takeaway delivery service was breached in May 2019, resulting in the data of millions of users and delivery drivers being stolen Continue Reading
-
News
27 Sep 2019
GDPR compliance: Whose job is it and is it really possible?
Nobody seems to have a good handle on business GDPR compliance, how many businesses are compliant, or indeed what compliance really is, but according to security experts, it very much depends on who you talk to Continue Reading
-
News
26 Sep 2019
Attackers breached supplier systems to steal Airbus secrets
Airbus has been the subject of at least four major cyber attacks in the past 12 months, with contractors and suppliers targeted through their VPNs Continue Reading
-
News
26 Sep 2019
Overinvestment breeds overconfidence among security pros
CISOs have made an abundance of security investments in multiple suppliers, but this might not be the right approach Continue Reading
-
News
26 Sep 2019
Teen TalkTalk hacker accused of cryptocurrency fraud in US
Elliott Gunton, one of the teenage hackers who broke into TalkTalk’s systems in 2015, faces extradition to the US to face fraud charges Continue Reading
-
News
24 Sep 2019
Singapore payment card data compromised by JavaScript sniffers
Raw data of thousands of payment cards issued by Singapore banks stolen by the online equivalent of a traditional card sniffer Continue Reading
-
News
24 Sep 2019
Enterprises exposed to data loss by cloud configuration errors
Only 1% of misconfigured cloud environments are spotted and attackers are capitalising on this, claims McAfee Continue Reading
-
News
24 Sep 2019
Google pushes back on scale of YouTube phishing threat
Millions of YouTubers may be at risk after some high-profile influencers reported their accounts were compromised in an apparent phishing attack, but the platform’s owner, Google, is not so sure Continue Reading
-
News
18 Sep 2019
WannaCry variants accidentally protecting against WannaCry
New variants of the infamous WannaCry malware continue to emerge, and many of them have accidentally turned themselves into a somewhat effective, although ill-advised, vaccine against infection Continue Reading
-
News
18 Sep 2019
Emotet phishing botnet returns from summer vacation
The Emotet phishing trojan-turned-botnet is back in action after a three-and-a-half month break, say threat researchers Continue Reading
-
News
17 Sep 2019
Ecuador citizens’ data breach holds lessons for enterprises
What caused the mass breach of Ecuadorian citizens’ data, and what can businesses learn from it? Continue Reading
-
News
16 Sep 2019
Ensign InfoSecurity opens global headquarters in Singapore
The Singapore-based cyber security firm’s new headquarters will also be home to a new security operations centre that will be supported by Singapore-centric threat intelligence Continue Reading
-
News
13 Sep 2019
When AIs go to war: Autonomous cyber weapons ‘inevitable’
CISOs must start thinking about how to engage with intelligent, adaptive, non-human attackers, says Trend Micro’s Rik Ferguson Continue Reading