IT security

Test and Trace has not passed data protection impact assessment

Public Health England failed to complete the required impact assessment before launching the Covid-19 Test and Trace programme Continue Reading

How Sega Europe slashed incident response times using cloud SIEM

Gaming company’s SOC radically improves its operational efficiency with Sumo Logic’s cloud SIEM service Continue Reading

Singapore’s contact-tracing app tops privacy study

Singapore’s TraceTogether is least intrusive in terms of privacy communications compared with similar apps in the region, study finds Continue Reading

Security Think Tank: CISO stress – moving from recognition to action

Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading

Public Health England to keep contact-tracing data for 20 years

PHE will retain the data it collects via the NHS Test and Trace programme for 20 years Continue Reading

How Zoom is keeping pace with demand for conferencing tools

Magnus Falk, CIO advisor at Zoom, offers insights on how the company is scaling up its resources to meet the growing usage of its service Continue Reading

TSB Bank digitises banking forms in response to coronavirus lockdown

As part of its 2022 digital strategy, TSB has begun rolling out electronic forms designed in Adobe XD and processed using Adobe Sign Continue Reading

IoT buyers eye private network deployments for added security

Fully private, segregated networks for IoT deployments are becoming increasingly attractive to many organisations, according to a report Continue Reading

Australia is painting a big red cyber target on its critical infrastructure

Australia’s critical infrastructure is particularly vulnerable to cyber attacks right now because of years of under-investment in cyber security and ageing legacy systems Continue Reading

Revealed: Surveillance camera network that covered Dominic Cummings’ lockdown travel

A network of automatic number plate recognition and local authority traffic cameras could help police track Downing Street chief of staff Dominic Cummings’ journeys to Durham and Barnard Castle during the Covid-19 lockdown Continue Reading

GDPR at two: How far we’ve come, how far we still have to go

Marking two years of the General Data Protection Regulation, industry voices weigh in on the state of data protection and privacy, consider what has changed, and what still needs to change Continue Reading

Enterprise clouds hammered by cyber attacks during pandemic

Remote workers logging onto enterprise cloud service accounts are an easy access point for attackers, says McAfee Continue Reading

PropertyGuru touts 3D virtual viewings with StoryTeller

Southeast Asian property portal PropertyGuru rolls out new capability in its FastKey platform that lets developers showcase properties to prospective buyers through 3D visualisation Continue Reading

Fears contact-tracing app will open the floodgates for cyber criminals

Study of UK consumers reveals worries over an uptick in cyber crime and a lack of trust in government Continue Reading

Max Schrems accuses Ireland of ‘Kafkaesque’ delay in Facebook GDPR investigation

Privacy campaigner Max Schrems has urged the European Commission to intervene after the Irish Data Protection Commission allegedly used ‘Kafkaesque’ tactics to delay investigations into Facebook’s compliance with GDPR Continue Reading

StrandHogg mobile vulnerability has evil twin

Variant of the dangerous StrandHogg vulnerability affecting Android phones could allow hackers to access almost all apps on a target device Continue Reading

Android security vulnerabilities differ by country, say researchers

Manufacturers of Android devices including Huawei, Samsung and Xiaomi shipped devices with different levels of security in different regions, leaving their users exposed to attack Continue Reading

Can Lady Gaga and Madonna get people to take security seriously?

What does it take to get people to pay attention to cyber security? A celebrity law firm hack may hold some answers. Continue Reading

The Security Interviews: Temper tantrums ahead as GDPR enters its terrible twos?

On the General Data Protection Regulation’s second birthday, Tim Hickman, a data protection lawyer and partner at White & Case LLP, discusses the regulation’s teething troubles and assesses how best to maintain optimum compliance Continue Reading

Can Lady Gaga and Madonna get people to take IT security seriously?

In this week’s Computer Weekly, after hackers threatened to release data from a US law firm’s celebrity clients, will people finally take cyber security seriously? Designing software for older users makes systems better for all – we examine how. And the IT chief at TSB explains how the bank recovered from its 2018 IT disaster. Read the issue now. Continue Reading

Coronavirus: Australia calls for stronger defences amid cyber attacks

The Australian Cyber Security Centre offers guidance for critical infrastructure operators to guard against cyber attacks which have already hit the healthcare sector Continue Reading

EasyJet to be sued over customer data breach

If successful, airline’s potential liability for the loss of millions of customer records could be as high as £18bn Continue Reading

How effective security training goes deeper than ‘awareness’

Cyber criminals are constantly developing their techniques and strategies, so security training needs to do the same Continue Reading

Covid-19 will leave organisations exposed to higher cyber risks

Hacking attacks and phishing emails could become the new norm, according to research by the World Economic Forum Continue Reading

Identification and access management: some possible futures

Learn about how we might be using our heartbeats, brainwaves and eye movements to unlock our mobiles in the future Continue Reading

Hancock to Harman: No contact-tracing privacy law

Health secretary claims existing data protection law is good enough to guarantee the security of contact-tracing data Continue Reading

Coronavirus: How MyIX is keeping Malaysians connected

Malaysia’s MyIX internet exchange has been classed as critical national infrastructure, with member telcos adding more capacity to meet the surge in demand for internet services Continue Reading

NCSC discloses multiple vulnerabilities in contact-tracing app

National Cyber Security Centre has received mountains of feedback on the security of the government’s Covid-19 contact-tracing app, and has now taken the step of making multiple disclosures Continue Reading

Serco exposes contact tracers’ data in email error

Error saw almost 300 coronavirus contact tracers’ email addresses made visible to other recipients of the message Continue Reading

Personal devices putting Singapore employers at risk

More than half of Singapore respondents to a CrowdStrike-commissioned survey believe their devices are only somewhat secure against advanced cyber threats Continue Reading

Responsible Cyber acquires Secucial in S$7m deal

Singapore startup Responsible Cyber plans to bolster its Immune platform with access control management capabilities, and sets out to expand its global footprint Continue Reading

Microsoft Build 2020: Focus on protecting data for AI development

Microsoft Build is always a vital event for developers across the IT industry. This year, Microsoft has expanded its AI emphasis Continue Reading

GDPR wholly inappropriate to govern contact-tracing data

Human Rights Committee Chair Harriet Harman says current data protection law is not up to the job of governing the data collected by the Covid-19 contact-tracing app Continue Reading

Cancelled NCSC CyberUK event gets green light for 2021

The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales Continue Reading

Doubts mount over effectiveness of UK contact-tracing app

Studies from BCS and Anomali reveal that a significant proportion of the UK population is not prepared to download the Covid-19 contact-tracing app Continue Reading

Nine million EasyJet customer details lost in data breach

Cyber attack on EasyJet’s systems originated from a highly sophisticated source, says the airline Continue Reading

Sodinokibi cyber criminals plot to ‘auction’ Madonna data

The cyber criminal gang behind a recent attack on a New York law firm is planning to auction off its client data, one person at a time Continue Reading

Blue tooth, not privacy, is the problem with NHSX

He would never enable Bluetooth on a mobile phone because of its inherent security problems. It is unclear how many of these have been fixed with the latest releases. But some are unlikely to be ... Continue Reading

Huawei: US using technological strengths to ‘crush’ companies outside its own borders

Chinese tech giant hits back at White House decision to extend technology ban and says it will ultimately be self-harming Continue Reading

GitLab makes foray into Southeast Asia

GitLab expands in Southeast Asia with a Singapore presence to shore up its growing footprint across the Asia-Pacific region Continue Reading

Vast majority of cyber attacks are easy to stop, says Verizon

Almost 90% of data breaches are motivated by the prospect of financial gain, but cyber criminals have clearly defined breach pathways, giving the good guys an advantage if they care to use it Continue Reading

Contact tracing: The privacy vs protection debate

The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far? Continue Reading

DevOps improve code quality, but security must happen sooner

GitLab survey finds developers are adopting DevOps to improve code quality, but more needs to be done on secure coding Continue Reading

Malaysia’s data protection practices still have some way to go

Some Malaysian firms are not using data protection tools to the fullest potential, while others only think about data protection after a breach Continue Reading

Why a pandemic-specific BCP matters

Many organisations still do not have scenario-specific business continuity plans, which are helpful when the situation requires a customised response, such as a pandemic, according to Forrester Continue Reading

Protecting Data or “Saving Lives; Saving Livelihoods”: Which comes first in a post Covid World?

Almost every nation except for those which already had them as a legacy of SARS (e.g. Singapore, South Korea and Taiwan) has had to move fast to produce computer systems that will help support a ... Continue Reading

Questions raised after UK’s electrical grid shrugs off cyber attack

Attack on Elexon was resolved within hours with no impact on the national electricity supply, but it could have been much worse Continue Reading

Law firm hackers threaten to release dirt on Trump

A new ransom demand of $42m has been made against New York law firm Grubman, Shire, Meiselas and Sacks, and it may be the largest ever, say security experts Continue Reading

Harman seeks to bring private member’s bill over contact tracing

Chair of Human Rights Committee aims to put the proposed Contact Tracing (Data Protection) Bill 2020 before parliament as a private member’s bill if necessary Continue Reading

Australian firms soldier on amid Covid-19 outbreak

From the largest financial institutions to small companies, Aussie firms have been dialling up their use of technology tools to keep their businesses humming during the coronavirus pandemic. Continue Reading

How APAC firms are coping with the Covid-19 outbreak

The air of change looms large in companies operating in the Asia-Pacific region, with some doing better than others in keeping the lights on amid the coronavirus pandemic. Continue Reading

Venafi buys cloud protection service Jetstack

Jetstack specialises in open source machine identity protection software for Kubernetes and cloud native ecosystems Continue Reading

China targeting Covid-19 researchers through IT suppliers, claims US

The US CISA says it is seeing targeting and attempted network compromise of Covid-19 research centres by China Continue Reading

UK’s contact-tracing app targeted by scammers

Even though it is only operational on the Isle of Wight as a beta test, the UK government’s coronavirus contact-tracing app has already attracted the attention of cyber criminals Continue Reading

SK Telecom brings quantum security to the masses

The South Korean telco is readying the world’s first 5G smartphone equipped with a quantum random number generator chipset Continue Reading

Surveillance capitalism in the age of Covid-19

Could the Covid-19 coronavirus pandemic further consolidate surveillance capitalist practices and enterprises? Author Shoshana Zuboff warns Computer Weekly it is possible Continue Reading

Report reveals inadequate cyber security at Schiphol Airport

A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport Continue Reading

Podcast: UK SME planning and compliance for ‘the new normal’

We look at how UK SMEs face a “new normal” following the coronavirus lockdowns and how they can plan for compliance with more remote working and a new data landscape Continue Reading

Security Think Tank: Burnt out CISOs are a huge cyber risk

Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout? Continue Reading

Nation state APT groups prefer old, unpatched vulnerabilities

The Cybersecurity and Infrastructure Security Agency and the FBI have published details of the most commonly exploited vulnerabilities of recent years, and there are some “classics” on the list Continue Reading

Can Lady Gaga and Madonna get people to take security seriously?

What does it take to get people to pay attention to cyber security? A celebrity law firm hack may hold some answers Continue Reading

British public largely distrustful of technology companies, says report

High levels of distrust in the motivations of technology companies and a lack of meaningful influence over their behaviour has left the British public feeling digitally disempowered, says Doteveryone report Continue Reading

Microsoft fixes 16 critical vulnerabilities on Patch Tuesday

The trend towards mammoth Patch Tuesdays continues as Microsoft fixes 111 vulnerabilities Continue Reading

European comms bodies set up standards group, call for vigilance on contact-tracing apps

New ETSI group will develop standardisation framework for secure smartphone-based proximity tracing systems, helping to break Covid-19 transmission chains Continue Reading

Draft Covid-19 contact tracing legislation proposes formal oversight

Human Rights Committee chair Harriet Harman has outlined a proposed bill to guarantee the security and privacy of data generated by the UK’s Covid-19 contact tracing app Continue Reading

MPs take part in first live test of remote voting during Covid-19 debate

MPs will use phones and computers to vote from their homes in a House of Commons debate today in the biggest change in parliamentary procedure for 150 years Continue Reading

Details released of second UK contact-tracing app development

Contractual documents show Zuhlke Engineering receiving an official start date of 6 May to supply a managed delivery team to support and run proximity mobile application and services for the UK Continue Reading

Pay the ransom and double your recovery costs, report warns

Paying cyber criminals a ransom to recover your data adds over half a million dollars to the cost of organisational recovery, says Sophos Continue Reading

Police failing to consult public on new technologies

A freedom of information campaign has revealed that UK police are largely failing to consult the public on their use of new technologies, with the potential to undermine the principle of policing by consent Continue Reading

Security Think Tank: Create healthy habits to avoid burnout

Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading

APAC firms still coming to grips with data protection

More governments in Asia are implementing data protection regimes, but challenges such as checkbox compliance and the lack of effective staff training remain Continue Reading

Maze ransomware attack will cost Cognizant at least $50m to $70m

Cognizant’s clients cut off the IT supplier’s access to their networks to contain a Maze ransomware attack – effectively putting projects on hold Continue Reading

How Australian firms can plug data protection gaps

Australian organisations can address data protection challenges by creating roles such as a data governance lead, classifying data and improving employee awareness of cyber hygiene Continue Reading

Banks failing to protect customers from coronavirus fraud

Just 13 of the 64 banks accredited for the government’s Coronavirus Business Interruption Loan Scheme have implemented Dmarc protection Continue Reading

Will the NHS’s Covid-19 contact-tracing app work?

In this week’s Computer Weekly, we get the expert reaction to find out if the NHS contact-tracing app will work. Staying close to clients is crucial through lockdown – we look at the importance of customer experience management. And imagine implementing a digital transformation plan in two weeks – one CIO explains how he did it. Read the issue now. Continue Reading

Four in 10 Australians will share GPS data for alerting

Amid the Covid-19 pandemic, 40% of Australians are likely to share GPS data with the government to facilitate alerting, new study finds Continue Reading

DWP takes centre stage in future of Gov.uk Verify

The Government Digital Service (GDS) has published its first blog post on Gov.uk Verify since July 2019. Given the dearth of communications about the troubled digital identity system, it tells a ... Continue Reading

Pitney Bowes hit by Maze in second ransomware attack in a year

Shipping services firm falls victim to Maze ransomware just seven months after a previous major attack Continue Reading

What are the security priorities for the post-coronavirus world?

The Covid-19 pandemic is forcing massive change across the business world and things may never go back to normal. What does security look like in this new world, and what will buyers be prioritising? Continue Reading

Micro Focus sees growth in mainframe migration business

Lifting and shifting Cobol code from mainframes to public cloud has been a growth driver for Micro Focus in the Asia-Pacific region, even as the software supplier continues to diversify its business Continue Reading

Zoom buys secure messaging service Keybase

Unified comms platform Zoom says the acquisition of Keybase will finally let it bring end-to-end encryption to the table Continue Reading

Privacy International to Palantir: We are watching you

Privacy International expresses a qualified welcome for Palantir’s responses to questions about its data integration role in the NHS Covid-19 data store, but continues to raise concerns Continue Reading

Storage 101: Replication vs backup, and synchronous vs asynchronous

Storage 101: Can replication replace backup? What are the pros and cons of synchronous and asynchronous backup? What’s the best way to mix backup and replication? Continue Reading

HM Treasury tells GDS: No further online services can use Gov.uk Verify

The recent 18-month reprieve for Verify came with strict conditions – the digital identity scheme must not be added to any more services, and existing users must find alternatives Continue Reading

SilverTerrier cyber crime group targets Covid-19 key workers

Organisations on the front line in the fight against coronavirus are under attack from Nigeria’s SilverTerrier criminal gang Continue Reading

Contact-tracing app fails to protect privacy and human rights

Reassurances over the security and human rights implications of NHSX’s approach to developing its Covid-19 contact-tracing app are insufficient, says the cross-bench Human Rights Committee Continue Reading

Facebook announces oversight board members

New board will rule on freedom of expression issues and make policy recommendations to social media giant. Continue Reading

FBI search warrants reveal Trump aide’s messages to WikiLeaks founder Julian Assange

FBI search warrants reveal Trump campaigner Roger Stone sent private messages to WikiLeaks founder Julian Assange after the site published thousands of documents that damaged Hillary Clinton’s election campaign Continue Reading

Next round of Zoom updates targets consumer security

Casual consumer users of Zoom will get additional protections in an update to be released over the long weekend Continue Reading

NCSC Covid-19 scam reporting service sees more than 160,000 reports

The general public has taken to the NCSC’s scam reporting service like ducks to water, with thousands of suspicious emails reported to it in just two weeks Continue Reading

CW Benelux: IT budgets up in the air as Covid-19 disrupts business

Computer Weekly's annual IT priorities survey, which was carried out before the arrival of Covid-19 disrupted business plans, found that more than half of the IT leaders in the Benelux region expected budgets to be higher this year than last, and digital transformation would be the main recipient of budget increases. Also find out in this issue why fintechs are attracted to the Netherlands, and how Estonia emerged from Soviet rule to become a digital nation. Continue Reading

Criminal justice system is failing cyber crime victims

Victims of cyber crime face barriers to reporting, receiving support and achieving justice, says a Home Office-backed study Continue Reading

Re-purposing data and questionable effectiveness could undermine trust in NHS contact-tracing app

Experts call for greater clarity over how contact-tracing data will be used, while discussing the limitations of the coronavirus app Continue Reading

HMRC tackles almost 300 coronavirus phishing websites

Of 292 websites removed since lockdown began on 23 March, 237 were proactively identified by HMRC and 55 were flagged by the public Continue Reading

End-users failing to protect themselves online

Remote workers and stuck-at-home consumers are taking silly risks with their security during the coronavirus pandemic, according to a report Continue Reading

Security Think Tank: Security teams are key workers and need support

Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout? Continue Reading

Contact tracing: The privacy vs protection debate

The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far? Continue Reading

Coronavirus: NCSC issues urgent alert for healthcare sector

UK National Cyber Security Centre and US Cybersecurity and Infrastructure Security Agency say they are seeing large-scale campaigns targeting healthcare bodies and medical research organisations Continue Reading

Homeworking - the new norm - is there any other option...

In the last blog, I touched on the lasting effects of the COVID-19 pandemic; the obvious fallout here is the massive increase in home/remote working, something I’ve been practicing since 1989 – ... Continue Reading

GoDaddy owns up to October 2019 data breach

Web hosting services provider has suffered yet another security incident, confirming that an unauthorised individual accessed hosting accounts Continue Reading