Privacy and data protection
-
Opinion
27 May 2025
Security vs. usability: Why rogue corporate comms are still an issue
A leak of information on American military operations caused a major political incident in March 2025. The Security Think Tank considers what can CISOs can learn from this potentially fatal error. Continue Reading
-
Opinion
27 May 2025
When leaders ignore cyber security rules, the whole system weakens
The US ‘Signalgate’ debacle is a case study in how security collapses when leadership treats basic rules as optional Continue Reading
-
Opinion
31 Oct 2022
The risk of losing our EU data adequacy agreement is real
While some may welcome the government’s ambition to shake up the UK’s data protection regime, Westminster should be wary of drifting too far from the path charted by our US and European partners Continue Reading
-
News
31 Oct 2022
Cyber crime officer says French legal challenges to EncroChat are ‘hype’
Matthieu Audibert, officer of the French Gendarmerie’s cyber space command, gets into a spat with defence lawyers on Twitter over the lawfulness of evidence from the hacked phone network EncroChat Continue Reading
-
News
27 Oct 2022
Government ups cyber support for elderly, vulnerable web users
DCMS announces a funding boost to help the elderly, disabled and other vulnerable groups stay safe online and avoid being misled by disinformation Continue Reading
-
News
27 Oct 2022
NCSC’s Levy steps down after 20-year intelligence career
NCSC technical director Ian Levy bids farewell, telling his successor: ‘Don’t panic’ Continue Reading
-
News
27 Oct 2022
NHS to get new national CISO
The Department for Health and Social Care is seeking a new national CISO, who will be tasked with providing strategic cyber leadership, direction and expertise across DHSC and the wider NHS Continue Reading
-
News
27 Oct 2022
LinkedIn adds new features to safeguard user privacy, security
Social media platform is adding a number of features and systems designed to protect legitimate users from inauthentic profiles and activity Continue Reading
-
News
27 Oct 2022
Medibank breach casts spotlight on data security
Health insurer Medibank Private recently suffered a major data breach involving the personal and health information of millions of customers, once again casting the spotlight on data security in Australia Continue Reading
-
News
27 Oct 2022
Santander calls for cooperation to tackle APP fraud
New report puts forward key recommendations that the banking sector, government and other industries could take to tackle authorised push payment fraud Continue Reading
-
News
26 Oct 2022
ICO warns against using biometrics for ‘emotional analysis’
ICO warning highlights risk of ‘systemic bias’ and discrimination associated with organisations using biometric data and technologies for emotion analysis Continue Reading
-
Opinion
26 Oct 2022
The Conservatives are laughing at cyber security pros
If causing a security breach is a resigning matter, then you shouldn’t expect to get your old job back a week later. Unless you’re a Conservative home secretary, apparently Continue Reading
-
News
25 Oct 2022
Dutch lawyers raise human rights concerns over hacked cryptophone data
Dutch defence lawyers say in an open letter that there is a risk of unfair trials unless they are allowed to test the reliability and legitimacy of hacked cryptophone evidence Continue Reading
-
News
25 Oct 2022
Germany: European Court of Justice asked to rule on legality of hacked EncroChat phone evidence
Berlin’s Regional Court has asked the European Court of Justice to answer questions about whether the use of hacked EncroChat phone evidence complies with European law Continue Reading
-
News
25 Oct 2022
Global digital trust market to double by 2027
The global market for digital trust technology is expected to double to $537bn by 2027, up from $270bn today as demand for cyber security and other capabilities continues to grow Continue Reading
-
News
25 Oct 2022
Digital-first businesses more willing to accept some fraud
Companies founded in the past 20 years appear more willing to accept higher levels of fraudulent activity during the customer onboarding process, according to a report Continue Reading
-
News
24 Oct 2022
Complacency biggest cyber risk to UK plc, says ICO
Information commissioner John Edwards warns against complacency as his office issues a multimillion-pound fine to a building company that failed to prevent a ransomware attack Continue Reading
-
News
21 Oct 2022
Microsoft slams external researchers over its own data leak
Microsoft inadvertently leaked customer data after misconfiguring an Azure Blob, but has hit out at the organisation that discovered its error, claiming it is exaggerating the scope of the issue Continue Reading
-
Feature
20 Oct 2022
What do the US’s new software security rules mean for UK organisations?
The White House announced recently that all software supplied to the US government and its agencies needs to be secure, so what does this mean for the UK and EU security sectors? Continue Reading
-
News
20 Oct 2022
The Security Interviews: Why now for ZTNA 2.0?
With organisations facing escalating online threats, security teams need to improve their defences using zero-trust network access to preserve the integrity of their systems. Palo Alto Networks’ Simon Crocker shares his views on zero-trust network access Continue Reading
-
News
20 Oct 2022
NatWest data breach whistleblower demands bank pay data controller fee to ICO
Whistleblower calls for NatWest to pay the Information Commissioner’s Office annual data controller fee, as the personal details of 1,600 current and former NatWest customers remain under her bed Continue Reading
-
News
20 Oct 2022
Singapore extends cyber security labelling scheme to medical devices
The Cyber Security Agency of Singapore is extending its cyber security labelling scheme to medical devices to encourage medical device manufacturers to adopt a security-by-design approach to product development Continue Reading
-
News
14 Oct 2022
Office 365 email encryption flaw could pose risk to user privacy
A vulnerability in Microsoft Office 365 Message Encryption could leave the contents of emails dangerously exposed, but with no fix coming it’s up to users to decide how at risk they are Continue Reading
-
News
14 Oct 2022
Advanced: Healthcare data was stolen in LockBit 3.0 attack
Advanced has revealed a total of 16 of its health and social care sector customers had their data exfiltrated in a recent ransomware attack Continue Reading
-
News
14 Oct 2022
Protecting children by scanning encrypted messages is ‘magical thinking’, says Cambridge professor
Ross Anderson argues in a rebuttal to GCHQ experts that using artificial intelligence to scan encrypted messaging services is the wrong approach to protecting children and preventing terrorism Continue Reading
-
News
14 Oct 2022
Australia becoming hotbed for cyber attacks
Research by Imperva shows an 81% increase in cyber security incidents in Australia between July 2021 and June 2022, including automated attacks that doubled in frequency Continue Reading
-
News
12 Oct 2022
French Supreme Court rejects EncroChat verdict after lawyers question secrecy over hacking operation
France’s Supreme Court has sent a case back to the court of appeal after police failed to disclose technical details of EncroChat hacking operation Continue Reading
-
News
12 Oct 2022
ICO selectively discloses reprimands for data protection breaches
Data protection experts question ICO’s selective approach to publishing formal reprimands for contravening the law, after FoI request reveals the Cabinet Office was among the organisations reprimanded Continue Reading
-
News
10 Oct 2022
How Cloudflare is staying ahead of the curve
Cloudflare co-founder and CEO Matthew Prince talks up what has changed since the company’s first business plan was written in 2009 and how it keeps pace with the fast-moving network security landscape Continue Reading
-
News
07 Oct 2022
Australia to amend telecoms regulations following Optus breach
Amendments to Australia’s telecoms regulations are in the works to temporarily allow sharing of individuals’ identifier information between telcos and financial institutions Continue Reading
-
News
06 Oct 2022
Proposals for scanning encrypted messages should be cut from Online Safety Bill, say researchers
Automatic scanning of messaging services for illegal content could lead to one billion false alarms each day in Europe Continue Reading
-
News
05 Oct 2022
Inside Dell Technologies’ zero-trust approach
Dell Technologies’ zero-trust reference model starts with defining business controls and having a central control plane that manages all the security aspects of an organisation’s infrastructure Continue Reading
-
News
04 Oct 2022
Tories to replace GDPR
IT industry reacts to the government’s plan to replace the pan-European data protection regulation Continue Reading
-
News
04 Oct 2022
France extradites Spanish EncroChat cryptophone distributors for complicity with organised crime
Three phone sellers have been extradited from Spain to France to face charges that they were complicit in the activities of criminal EncroChat phone users Continue Reading
-
News
03 Oct 2022
Security regulation cuts online payment fraud at 73% of retailers
New online payments security standard, Strong Customer Authentication (SCA), sees immediate fall in fraudulent payments to retailers Continue Reading
-
News
03 Oct 2022
CIO interview: James Fleming, Francis Crick Institute
Francis Crick Institute CIO discusses how Europe’s largest biomedical research institute has co-developed a framework for data sharing Continue Reading
-
News
30 Sep 2022
Surveillance tech firms complicit in MENA human rights abuses
Research finds companies are profiting from surveillance technologies that facilitate human rights abuses against migrants, asylum seekers and refugees in the Middle East and North Africa, with little to no oversight Continue Reading
-
News
29 Sep 2022
Optus breach casts spotlight on cyber resilience
The massive data breach that affected more than 10 million Optus customers has cast the spotlight on API security and other factors that contribute to the cyber resilience of organisations in Australia Continue Reading
-
News
28 Sep 2022
UK suffers third highest number of ransomware attacks globally
Based on an analysis of around 5,000 ransomware incidents, NordLocker has found that UK businesses, and small businesses in particular, are a priority target for ransomware gangs Continue Reading
-
News
28 Sep 2022
Data protection in Finland, four years after GDPR came into force
Data privacy has always been a big concern in Finland, so the country naturally has a lot to say about the General Data Protection Regulation four years on Continue Reading
-
News
28 Sep 2022
Most hackers exfiltrate data within five hours of gaining access
Insights from more than 300 sanctioned adversaries, otherwise known as ‘ethical’ hackers, reveal that around two-thirds are able to collect and exfiltrate data within just five hours of gaining access Continue Reading
-
News
27 Sep 2022
Fraudsters adapt phishing scams to exploit cost-of-living crisis
Around 80,000 Brits a month are falling victim to phishing attacks as fraudsters switch up tactics to take advantage of cost-of-living crisis and behavioural changes prompted by pandemic Continue Reading
-
News
26 Sep 2022
How Russian intelligence hacked the encrypted emails of former MI6 boss Richard Dearlove
Hack by Russian-linked ColdRiver group exposed former MI6 chief Richard Dearlove’s contacts and email communications with government, military, intelligence and political officials Continue Reading
-
News
26 Sep 2022
More than 30 startups to join Plexal’s Cyber Runway accelerator
Now in its second year, the Cyber Runway accelerator has been designed to support firms at various stages of growth, as well as help the cyber security sector to improve on its diversity, inclusion and regional representation Continue Reading
-
News
23 Sep 2022
Threat actors abused lack of MFA, OAuth in spam campaign
Microsoft threat researchers have reported on a series of cyber attacks in which enterprises with lax IAM policies had their systems hijacked to conduct spam email campaigns Continue Reading
-
News
22 Sep 2022
Nordic private equity firms pursue cyber security acquisitions
Increasing interest in the security sector from Nordic private equity firms is a reflection of growing threats and increasing enterprise security budgets Continue Reading
-
News
22 Sep 2022
Dr Martens goes feetfirst into cloud-to-cloud backup
Iconic bootmaker laces up for a strategy to move all applications to the cloud, beginning with cloud-to-cloud backup for Microsoft 365 apps plus on-site VMware operations Continue Reading
-
News
22 Sep 2022
Privacy Pledge signatories dream of alternative internet
A group of privacy-focused organisations have come together to establish a set of principles for taking the internet back from big tech and surveillance capitalism Continue Reading
-
News
21 Sep 2022
NCSC publishes cyber guidance for retailers
The NCSC has published tailored advice to support online retailers, hospitality providers and utility services in protecting themselves and their customers from cyber crime Continue Reading
-
News
21 Sep 2022
ANZ organisations using antiquated backup and recovery systems
Nearly half of ANZ organisations are still using backup and recovery systems from over a decade ago, hampering their ability to protect their data assets and recover from ransomware attacks Continue Reading
-
News
20 Sep 2022
IHG attackers phished employee to deploy destructive wiper
A couple from Vietnam who claim to be behind a destructive wiper cyber attack on hotel operator IHG told the BBC how they orchestrated their operation Continue Reading
-
News
20 Sep 2022
Reports Uber and Rockstar incidents work of same attacker
Rockstar Games was hit over the weekend by an attacker who claimed to have accessed its Slack channel to steal data on an upcoming release, and may be the same person who compromised Uber Continue Reading
-
News
16 Sep 2022
Uber suffers major cyber attack
Details are trickling out of an apparent ‘near total’ compromise of ride-sharing service Uber by an alleged teenage hacktivist Continue Reading
-
News
15 Sep 2022
EU Cyber Resilience Act sets global standard for connected products
European Commission lays out proposed security regulations on device and software security to better protect consumers and drive global standards Continue Reading
-
News
15 Sep 2022
Organisations failing to account for digital trust
The vast majority of businesses are well aware of the importance of digital trust, yet very few have a dedicated staff role responsible for it, report finds Continue Reading
-
News
14 Sep 2022
FormBook knocks Emotet off top of malware chart
FormBook emerged as the most widely seen malware in August, according to Check Point’s latest data Continue Reading
-
News
14 Sep 2022
NCSC warns public of potential Queen-related phishing attacks
The National Cyber Security Centre is urging users to be on guard against phishing attacks during the period of national mourning for the Queen Continue Reading
-
Definition
13 Sep 2022
data masking
Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training. Continue Reading
-
News
13 Sep 2022
Cisco confirms leaked data was stolen in Yanluowang ransomware hit
Cisco has confirmed that data leaked last week by the Yanluowang ransomware gang was that stolen during a May 2022 cyber attack Continue Reading
-
News
13 Sep 2022
Blancco works with charity to provide IT for African schools
Blancco is providing data sanitisation and erasure software to The Turing Trust so that old IT equipment can be securely reused by school children in Sub-Saharan Africa, instead of adding to world’s growing e-waste problem Continue Reading
-
News
13 Sep 2022
Multi-persona impersonation adds new dimension to phishing
Iranian APT used multiple personas on a single email thread to convince targets of the legitimacy of its phishing lures Continue Reading
-
News
12 Sep 2022
Mandiant floats off into Google Cloud
As planned, the acquisition of Mandiant will see the threat intel and incident response giant become a part of Google’s Cloud business Continue Reading
-
News
12 Sep 2022
CISOs should spend on critical apps, cloud, zero-trust, in 2023
Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts Continue Reading
-
News
08 Sep 2022
Chinese APT using PlugX malware on espionage targets
China’s Bronze President APT is once again targeting government officials of interest to its paymasters, this time using forged diplomatic correspondence, according to the Secureworks Counter Threat Unit Continue Reading
-
News
08 Sep 2022
Dutch cyber security organisations to join forces
Cyber security organisations in the Netherlands are going to merge into a single central expertise centre and information hub, which all organisations in the country will soon be able to tap into Continue Reading
-
News
08 Sep 2022
India’s wake-up call on health data privacy
Health app developers and industry watchers in India are keeping an eye on data privacy following the reversal of the Roe vs Wade ruling in the US Continue Reading
-
News
07 Sep 2022
Albania cuts diplomatic ties with Iran after cyber attack
In a global geopolitical first, the Albanian government has severed diplomatic ties with Iran and expelled its ambassador after it was targeted by an APT backed by Tehran Continue Reading
-
Definition
07 Sep 2022
privacy compliance
Privacy compliance is a company's accordance with established personal information protection guidelines, specifications or legislation. Continue Reading
-
News
07 Sep 2022
Hotel group IHG confirms cyber attack after two-day outage
IHG, the operator of hotel chains Crowne Plaza, Holiday Inn, Intercontinental and Kimpton, says it has been targeted by an unknown threat actor Continue Reading
-
News
07 Sep 2022
Digital identity is key to coping with surge in air travel
The International Air Transport Association’s One ID digital identity initiative will pave the way for seamless air travel from curb to gate and help airports cope with growing passenger traffic Continue Reading
-
E-Zine
06 Sep 2022
Out with the old at Asda
In this week’s Computer Weekly, we talk to Asda’s CIO, Carl Dawson, about the supermarket’s cloud-oriented renovation of its technology stack. We narrate the security woes at Twitter. And we examine best practices for data backup. Read the issue now. Continue Reading
-
Opinion
05 Sep 2022
Data-driven government needs practical steps
We should build data platforms for government with the same techniques used in creating anything digital, argues Jim Stamp, head of data at Made Tech Continue Reading
-
News
01 Sep 2022
Space nerds beware: James Webb images used to spread malware
Astronomy and space aficionados are being targeted by cyber criminals exploiting some of the now-famous images captured by Nasa’s James Webb Space Telescope to distribute malware Continue Reading
-
News
31 Aug 2022
Four years into GDPR, Norway hopes for safer data transfer to US
Much of the data on the internet ends up on US servers at some point, and that is not always compatible with the General Data Protection Regulation, says Norwegian data protection authority Continue Reading
-
News
30 Aug 2022
UK government presses on with new cyber rules for telcos
Government has finalised new security rules for telecoms companies and will move to make them binding in the near future Continue Reading
-
News
30 Aug 2022
One Login digital identity project makes headway
Government services are lining up to work with the GDS on its One Login digital identity system, according to its director of digital identity, Natalie Jones Continue Reading
-
News
25 Aug 2022
CIOs: Geopolitics impacts your IT strategy
Research from analyst Gartner illustrates how geopolitics is influencing IT strategies Continue Reading
-
News
25 Aug 2022
Criminal 0ktapus spoofed IAM firm in massive phishing attack
Researchers at Group-IB have published research on a major phishing campaign that ensnared victims at the likes of Cloudflare and Twilio Continue Reading
-
News
25 Aug 2022
Millions of Plex users may be at risk in password breach
Up to half of Plex’s 30 million users may have had their personal data stolen by an unknown threat actor Continue Reading
-
News
24 Aug 2022
Alleged Twitter security failings spell trouble ahead
Twitter’s former security head, Peiter Zatko, has alleged a number of serious cyber failures at the social media platform, raising the spectre of investigations and sanctions Continue Reading
- 24 Aug 2022
-
News
23 Aug 2022
NCSC shares cyber guidance for large infrastructure builds
Balfour Beatty and McAlpine are among the large construction firms to have input into latest NCSC guidance for ensuring the security of major infrastructure projects Continue Reading
-
News
19 Aug 2022
Google employees demand end to collection of abortion data
In the wake of the US Supreme Court rolling back abortion rights, Google employees are calling on the company to stop collecting abortion-related data, so that it can never be shared with police Continue Reading
-
Opinion
19 Aug 2022
Data sharing: How can we make sure the UK is a world leader?
The UK government risks missing out on the benefits and opportunities laid out in its National Data Strategy – and could lose international competitiveness as a result Continue Reading
-
News
19 Aug 2022
Inside Singapore’s national digital identity journey
Singapore’s national digital identity system has evolved from providing single sign-on to e-government services to pandemic-related and digital document capabilities in recent years Continue Reading
-
News
18 Aug 2022
Amazon Ring vulnerability could have been used to spy on users
A now-patched vulnerability in the Amazon Ring mobile app could have been exploited to expose users’ video recordings, but was complex to exploit, according to the researchers who stumbled upon it Continue Reading
-
News
18 Aug 2022
GPS tagging of migrants breaches UK data protection law, says Privacy International complaint
Privacy group files complaints with Information Commissioner’s Office and Forensic Science Regulator over Home Office’s GPS monitoring of migrants Continue Reading
-
Opinion
18 Aug 2022
Why you should start your post-quantum encryption migration now
Some say we have the best part of a decade to prepare for the security risks that quantum computing presents to current encryption tech, but PA Consulting experts believe that timeframe is shrinking dramatically Continue Reading
-
News
16 Aug 2022
South Staffs Water is victim of botched Clop attack
South Staffordshire Water moves to reassure customers that their supplies remain safe after its attackers screw up their initial assault Continue Reading
-
News
15 Aug 2022
Lawyers and journalists sue CIA and Mike Pompeo over Assange surveillance claims
CIA and its former director sued over allegations that they authorised unlawful spying on US citizens when they visited WikiLeaks founder Julian Assange at the Ecuadorian Embassy in London Continue Reading
-
News
12 Aug 2022
Cyber criminal forum targets only Russia
The Digital Shadows Photon Research Team has been investigating a pro-Ukraine cyber criminal forum called Dumps, which appears to be one of a kind Continue Reading
-
News
11 Aug 2022
Cisco averts cyber disaster after successful phishing attack
A potentially serious cyber attack on Cisco’s systems that began after a threat actor successfully exploited an employee’s carelessly secured credentials was thwarted without major damage Continue Reading
-
News
11 Aug 2022
NHS may take a month to recover from supply chain attack
Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations Continue Reading
-
News
10 Aug 2022
UK to surveil convicted migrants with facial recognition
A Home Office scheme to biometrically scan the faces of convicted migrants who have already carried out punishments has come under fire from privacy and human rights groups for being discriminatory Continue Reading
-
News
09 Aug 2022
Cyber insurance getting harder to obtain
Organisations looking to shore up their security postures face more and more barriers to obtaining cyber insurance Continue Reading
-
Opinion
05 Aug 2022
The dangers of the UK’s illogical war on encryption
The unintended consequences of the Online Safety Bill will have a dramatic effect on our ability to communicate securely, including in Ukraine, where it is needed most Continue Reading
-
Opinion
04 Aug 2022
Reimagining ethical digital technology
With ever-increasing digitisation leading to greater dependence on a range of digital technologies, enterprises need to urgently look at how they can incorporate ethical and social considerations into the tech they develop Continue Reading
-
News
29 Jul 2022
Austrian data firm accused of selling malware, conducting cyber attacks
Microsoft has accused DSIRF, an Austrian data services firm, of involvement in a string of cyber attacks Continue Reading
-
News
28 Jul 2022
NCSC startups scheme turns focus to operational technology, SME security
NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses Continue Reading
-
News
28 Jul 2022
Cyber criminals pivot away from macros as Microsoft changes bite
As Microsoft resumes blocking macros by default in its Office application suite, reversing a temporary reversal, analysis from Proofpoint suggests the action has had a remarkable effect Continue Reading
-
News
27 Jul 2022
Retail software firm PrestaShop warns users about SQL injection attacks
Open source e-commerce platform PrestaShop warns thousands of small retailers that their customers’ credit card details may be at risk of compromise Continue Reading
-
News
27 Jul 2022
Cyber security training ‘boring’ and largely ignored
Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them Continue Reading
