Privacy and data protection

Facebook London hiring spree focuses on tackling online harms

Facebook is hiring for 500 tech jobs in the capital in the next six months, with a particular focus on seeking out and clamping down on malicious content and fake accounts, and curbing other harmful behaviour on its platforms Continue Reading

Security Think Tank: Security risk ratings key to security/business understanding

How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading

Security Think Tank: Focus on business impact and likelihood of cyber attacks

How can cyber security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading

Austrian Supreme Court green-lights GDPR case against Facebook

A potential landmark case against Facebook for violating General Data Protection Regulation rights has been given the go-ahead by the Austrian Supreme Court Continue Reading

In a cyber data breach, preparation is key

The importance of preparation was strongly emphasised at a breach response workshop hosted by DAC Beachcroft as part of London Tech Week Continue Reading

MP brands Huawei exec a ‘moral vacuum’ as operators demand 5G clarity

Huawei chief security officer John Suffolk faces tough questions from parliament’s Science and Technology Select Committee over the firm’s links to the Chinese government Continue Reading

Security Think Tank: Frame cyber security impacts in business contexts

How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading

Security Think Tank: Infosec letter to the board

How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading

Misconfigured container services are a security risk

Researchers at Palo Alto Networks have released details of the scale of misconfigured and exposed container services putting organisations at risk of cyber attack Continue Reading

How ASEAN firms are using AI to combat cyber threats

Artificial intelligence tools are becoming a vital part of the security arsenal for organisations and cyber criminals alike Continue Reading

Firms face targeted bespoke cyber attacks, dark web study reveals

Academic study exposes prolific availability and demand for tailored malware, network access and corporate espionage services, which suggests many firms’ cyber defences are below standard Continue Reading

Digital transformation an opportunity for security

Digital transformation is an opportunity not only for the business to up its game, but also for security teams to engage with and win over the business, CISO tells Infosecurity Europe Continue Reading

Is GDPR worth the cost?

Regulations have costs, which are meant to be recouped by the expected benefits. But who decides whether this is a good deal? Ultimately, it’s you Continue Reading

DNS – a security opportunity not to be overlooked, says Nominet

Domain name system data is the best-kept secret for eliminating network cyber threats, Nominet tells Infosecurity Europe attendees Continue Reading

Nearly two-thirds of businesses hit by credential abuse

Most businesses admit to breaches relating to abuse of user credentials, according to a report that highlights cyber hygiene failings in the UK and the importance of greater visibility and integration to cyber defence capability Continue Reading

Big tech chiefs boycott parliamentarians investigating citizens’ privacy

An International Grand Committee on Big Data, Privacy and Democracy considers whether failure to protect citizens’ privacy constitutes grounds for anti-trust regulation against Facebook and other big tech companies Continue Reading

Businesses investing blindly in cyber security

Businesses need to find out what their real cyber risks and weaknesses are before investing in new technologies, says ethical hacker Continue Reading

Deterministic data-based AI key for security

AI-based cyber security systems have enormous potential, but under specific conditions that are essential for success, AI expert tells Infosecurity Europe Continue Reading

Beware of security blind spots in encrypted traffic

The growth of encrypted traffic has put the spotlight on intrusion prevention systems that help to surface cyber attacks conducted under the cloak of network encryption Continue Reading

Australia’s Notifiable Data Breaches scheme drives compliance but issues remain

Australia’s data breach notification rules have largely been complied with, but some quarters are calling for more clarity on the reporting threshold and tougher action against errant firms Continue Reading

Data governance: The importance of getting it right

With ever-increasing storage capacity, organisations are needing to take more control of their file management systems with thorough data governance policies. Otherwise, they run the risk of project data being exposed Continue Reading

Facebook loses bid to halt European court decision on EU-US data sharing

Irish Supreme Court dismisses attempt by Facebook to prevent the European Court of Justice considering the validity of US-EU data transfers, after Austrian lawyer Max Schrems argued that they put the privacy of EU citizens at risk Continue Reading

GCHQ urged to abandon plans to access encrypted chats

Tech companies and security and policy experts are calling for more dialogue with GCHQ on encryption, urging it to ditch its proposal for eavesdropping on encrypted chats Continue Reading

2.3 billion business and consumer data files exposed online

In the year since the GDPR compliance deadline, the number of data files exposed online without adequate protection is up more than 50% due to misconfigured security controls, report reveals Continue Reading

Hackers targeting UK universities a threat to national security

Poorly defended UK university research that is mainly commissioned by government is a top target for hackers, putting national security at risk, a study reveals, underlining the need for better cyber security Continue Reading

Turla APT group beefs up cyber attack tool

An advanced persistent threat cyber espionage group has improved its tools to attack diplomatic targets, making their activities more difficult to detect and block Continue Reading

Cyber weapons readily available to criminals, researchers warn

Security researchers have discovered an attack campaign infrastructure designed to scan, brute-force and infect tens of thousands of MS-SQL and PHPMyAdmin servers Continue Reading

ICO to shortlist Sandbox applicants

Privacy watchdog’s Sandbox service aims to help develop innovative and beneficial products and services that are privacy compliant Continue Reading

Perfect storm for data science in security

After nearly 20 years of research, the perfect storm of computing technologies is finally enabling data science to realise its potential to make valuable contributions to improving cyber security capabilities Continue Reading

Many search engine users unaware of personal data collection

Many users of online search engines are still unaware that data is being collected about them for personalised advertising, a study has revealed Continue Reading

Australian firms coming to grips with AI ethics

Australian businesses are warming up to AI, but just two in five have standards and guidelines for AI ethics, a study finds Continue Reading

Just over half of UK firms don’t have a cyber resilience plan

Many UK firms still lack cyber resilience and data protection capabilities covering email a year after the implementation of the GDPR aimed at improving personal data protection Continue Reading

GDPR: Are we there yet?

A full year since the General Data Protection Regulation was implemented, there has not been the severe punitive action expected by many and personal data breaches continue to happen, leaving many wondering if any progress has been made Continue Reading

Effect of GDPR yet to be felt, says law firm Hogan Lovells

Despite the fact that the GDPR has been in full effect for a year, the true effect of the regulation is yet to be felt and organisations should ensure they keep their eye on the ball, says leading privacy law firm Continue Reading

No real change a year into GDPR, says privacy expert

A year after the GDPR compliance deadline, many organisations still have a lot of work to do to make real changes and shift focus away from fines to business value and gain, says PwC’s GDPR and data protection lead Continue Reading

SurveyMonkey opens Dublin datacentre region to court data-security conscious enterprises in Europe

Online survey software provider SurveyMonkey is on a Europe-wide enterprise charm offensive, and is focusing on winning over CIOs with the offer to locally host their data within its European datacentre region Continue Reading

IBM’s investment in automation pays off in GDPR’s first year

The first year of the EU’s General Data Protection Regulation has demonstrated the value of IBM’s investment in machine learning-based automation and the importance of having the right strategy and systems in place, according to the firm’s data protection officer Continue Reading

Lapse in LinkedIn security certificate update

A lapse in the update of LinkedIn’s security certificate has once again underlined the importance of keeping track to avoid disruptions and phishing attacks, and how even big players are failing to get it right Continue Reading

TalkTalk admits new failings in 2015 data breach notification

TalkTalk’s failure to notify all those affected by its 2015 data breach highlights the importance of data visibility so that breach notifications are fast and accurate – a key requirement of the GDPR Continue Reading

Singapore proposes data portability provisions

The Personal Data Protection Commission is seeking public feedback on proposed provisions that will let consumers move their personal data across organisations Continue Reading

US grants Huawei stay of execution

US Commerce Department temporarily restores Huawei’s ability to maintain its existing networks and smartphone user base Continue Reading

Planned UK age verification checks risky for internet users

Proposed controversial online age verification checks could increase the risk of identity theft and other cyber crimes, warn security experts, who advise parents to set technological boundaries and ensure their families are aware of risks Continue Reading

GDPR an opportunity to improve data systems and processes

A year after the official implementation of the GDPR, it is important to highlight the positive opportunities that compliance provides and the insights breach reports are providing, say Deloitte consultants Continue Reading

Google cuts off Huawei from Android ecosystem

Google decision follows an executive order signed by President Trump, but Huawei insists US businesses and consumers will be the real losers Continue Reading

ICO to support GDPR certification schemes

The UK data protection watchdog is accepting enquiries from organisations considering developing GDPR certification schemes, which the ICO says could help recipients achieve competitive advantage Continue Reading

Identity custodians needed in digital era

Digital identity systems will fail if they do not take humans into account, warns identity innovator, suggesting that a ‘digital guardian’ could help overcome most of these challenges Continue Reading

Are there any positives from the first year of GDPR?

A year has passed since the new EU data protection law came into force. What have we learned in that time that can help organisations deliver benefits from the regulation? Continue Reading

Self-sovereign ID key to data privacy

Coupling self-sovereign identity with insights from research on consumer identity management may be the key to personalising products and services without putting people at risk, says industry analyst Continue Reading

Fujitsu sets out to restore trust in technology

Trust in technology, how to recapture it, and how to ensure AI doesn’t overstep its bounds were the big messages on the opening day of Fujitsu Forum in Tokyo Continue Reading

Facebook engaged in ‘calculated’ campaign to eliminate competition, claims businessman

A US businessman is seeking damages from Facebook after accusing the social media company of unfairly blocking “humorous” Facebook pages which generated hundreds of thousands of dollars in advertising revenue Continue Reading

Microsoft working to support decentralised identity

Microsoft is among the big tech players aiming to help enable personalisation of products and services without putting privacy at risk Continue Reading

APAC firms on the back foot in cyber security

Most Asia-Pacific organisations did not consider cyber security until after their digital transformation projects had begun, new survey finds Continue Reading

Electronic ID in the Nordics – a model for other countries?

Use of electronic identity schemes in Sweden, Norway, Finland and Denmark is far ahead of other countries – but why? Continue Reading

Security Think Tank: How to realise the benefits of security zoning

What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading

Security standard for surveillance cameras set for launch

A long-overdue cyber security standard for the manufacturer of surveillance cameras is on track for an official launch in June Continue Reading

Security Think Tank: Benefits and challenges of security segmentation

What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading

Facebook co-founder: ‘It is time to break up Facebook’

Co-founder of Facebook, Chris Hughes, has published an op-ed in The New York Times calling for Facebook to be broken up, as it faces investigations from the US Federal Trade Commission Continue Reading

Northern Ireland generating cyber security knowledge and jobs

Northern Ireland is establishing itself as an international hub of cyber security research and innovation, providing growing employment opportunities Continue Reading

Some Australian firms still in the dark about cyber security

A report suggesting Australian firms are experiencing fewer cyber incidents has left its co-author perplexed with the findings Continue Reading

Time to start thinking about AI regulation, says KuppingerCole

Organisations and individuals should think about regulating artificial intelligence to avoid sleepwalking into a future regulated by these technologies, says analyst Continue Reading

Cyber criminals targeting C-suite, DBIR shows

Executives and cloud-based services are gaining popularity as targets for cyber criminals, according to the latest data breach investigations report Continue Reading

Privileged access management moving to cloud

Survey shows nearly half of information security professionals are either planning to move privileged access management to the cloud or are exploring the possibility Continue Reading

HMRC begins deleting unlawful voice biometric data

HM Revenue and Customs is to forge ahead with Voice ID despite beginning to delete the largest state-held voice biometric database gathered without consent after UK privacy and data protection watchdog issues order Continue Reading

AWS to power Australia’s 2021 online census

PwC Australia, one of two firms appointed by the government to run the next Census, will build and operate an online form and a website on Amazon Web Services Continue Reading

Zero trust: A 21st century security model

Traditional corporate security models date back to a time when there were fewer, lower-level threats, but a zero trust model is better suited to the 21st century, according to the originator of the idea Continue Reading

Singapore rolls out blockchain platform for verifying educational certificates

Employers in the city-state can now use the OpenCerts platform to verify the qualifications of employees and new hires Continue Reading

Firms urged to embrace positive security trends to win cyber war

Modern cyber security challenges overshadow the information security successes of the past, but several positive trends are emerging as defenders come to grips with new threats, says Deloitte Continue Reading

Businesses unprepared for cyber breaches

Study shows many organisations lack IT security and operations basics, including visibility across their IT operations Continue Reading

Defence secretary sacked over Huawei leak

Defence secretary Gavin Williamson has been sacked after leaking confidential discussions over the use of Huawei networking equipment Continue Reading

Protecting your digital assets: Why it pays to invest in cyber insurance

Cyber insurance offers financial protection against the worst happening to a company’s data and digital assets, and is something few businesses can afford to be without Continue Reading

Get more proactive on cyber security, says ex Europol chief

Business needs to get more proactive, collaborative, resilient and analytical to manage cyber risks posed by cyber criminals down to acceptable levels, says former Europol chief Continue Reading

UK gears up for new laws on IoT security

The UK plans to introduce measures to require that basic cyber security features are built into internet-connected devices Continue Reading

Cyber criminals increase use of fileless attacks

Fileless attacks are increasingly popular with cyber criminals, while Russia and China top the league of nation state data exfiltrators, threat data shows Continue Reading

Nearly half of UK IT pros report serious data breaches

Integration of security systems and employee training recognised as key ways to reduce the growing severity of data breaches Continue Reading

Privacy and data protection an opportunity, says entrepreneur

Organisations should see data protection and privacy compliance as an opportunity to build trust with customers, according to startup One.Thing.Less Continue Reading

Fix the basics first, then worry about AI, advise experts

The freedom of the internet is at risk, with the cyber arms race and the industrialisation of hacking are set to continue as attackers move up the value chain to target trust mechanisms, threat experts predict Continue Reading

Australians lost half a billion dollars to scams in 2018

Most of the losses went to investment scams as tricksters found innovative ways to dupe victims into parting with their money Continue Reading

Facebook faces fresh privacy actions from regulators

Facebook faces legal action from Canada after it dismissed regulators’ findings that it failed to protect customer privacy. The firm has set aside $5bn to settle a privacy action in the US and faces a new investigation in Ireland Continue Reading

Top lessons from cyber attacks

Cyber security experts weigh in on lessons learned from cyber attack experiences, underlining that recovery capability is as important as defence Continue Reading

Huawei leak inquiry launched

Cabinet secretary Mark Sedwill has instituted an inquiry aimed at discovering who leaked confidential discussions about UK mobile operators’ use of Huawei in their future 5G networks to the press Continue Reading

GDPR cases drive bigger budgets for Nordic regulators

High-profile General Data Protection Regulation cases in Finland and Sweden have increased the workload for regulators, which are to receive an increase in funding Continue Reading

Public becoming more aware of privacy abuses and unethical tech

Widespread abuses of privacy, biometric information and artificial intelligence mean the internet is in poor health, but growing popular awareness of its problems gives some cause for hope, says the Mozilla Foundation Continue Reading

UK up for cyber challenge but work to be done, says minister

Lidington says National Cyber Security Strategy has “revolutionised the UK’s fight against cyber threats” Continue Reading

NCSC and ICO pledge to support data breach victims

The UK’s cyber security agency and privacy watchdog have agreed to work together to improve support for data breach victims and enhance cyber guidance Continue Reading

European Union to create central biometrics database

New rules will see the introduction of a repository of personal data from hundreds of millions of citizens to support law enforcement across member states Continue Reading

No final decision taken on Huawei 5G ban, government claims

Culture secretary tells MPs that a final decision on use of Huawei in UK 5G networks has not been taken, and says government is taking the leak of confidential discussions at the National Security Council very seriously Continue Reading

Cabinet Office addresses 5G security issue

Cabinet Office uses NCSC conference to lay out government’s approach to the security of 5G networks, as controversy grows around using equipment from Chinese supplier Huawei Continue Reading

NCSC looks to industry to scale Active Cyber Defence

The national cyber security agency is calling on wider government organisations as well as industry to help scale automated cyber attack blocking systems country-wide Continue Reading

NCSC to scale up intelligence sharing, says GCHQ director

The GCHQ director has outlined the agency’s cyber security mission in the third decade of the internet age at CyberUK, promising to scale up the sharing of declassified cyber intelligence with industry Continue Reading

PM May approves Huawei for use in 5G networks despite opposition

The UK’s National Security Council has approved the use of Huawei’s networking equipment in parts of the country’s 5G mobile networks in spite of widespread opposition Continue Reading

Global intelligence agencies share UK stage for first time

Representatives of intelligence agencies from the Five Eyes alliance are to share a public platform in the UK for the first time at this year’s NCSC CyberUK conference Continue Reading

Casual collaboration comms pose security risk, survey shows

UK employees have a worryingly casual attitude to workplace communications, underling the need for employers to take steps to counter related cyber attack vulnerabilities Continue Reading

WannaCry hero pleads guilty, urges others to stay on ‘good side’

Briton hailed as WannaCry hero finally pleads guilty to charges of writing and distributing malware, but urges security researchers to stay away from the “dark side” Continue Reading

APAC set for blockchain boom

Led by China, spending on blockchain technology in Asia-Pacific excluding Japan will surpass $2bn by 2022 Continue Reading

NCSC urges better online security practices

UK cyber security agency is urging citizens to improve online safety and password security after research reveals most-hacked passwords and a survey exposes gaps in online security Continue Reading

Facebook leaks: Zuckerberg turned data into dollars in ruthless battle with competitors

Facebook’s CEO ruthlessly exploited personal data shared by its users to turn Facebook into the biggest social network, but internal documents show that privacy appeared to be an afterthought for executives Continue Reading

20 firms join Tech Nation’s cyber security scale-up programme

Tech Nation scale-up programme is designed to boost the UK’s cyber sector, accelerate the growth of its top companies and build a robust, cross-industry network Continue Reading

State-sponsored hackers are hijacking DNS, researchers warn

A DNS-hijacking campaign targeting the Middle East and Africa may lead to actors more broadly attacking the global DNS system Continue Reading

Nearly a quarter of tech firms do not security check products

Nearly a quarter of organisations polled do not run security checks on products, and nearly a third admitted to shipping products with known security vulnerabilities, a survey shows Continue Reading

Politics, privacy and porn: the challenges of age-verification technology

The age-verification requirements of the Digital Economy Act are to come into force in July this year, but registering people’s personal details for accessing age-restricted content carries significant risks and challenges Continue Reading