Privacy and data protection
-
Opinion
29 May 2025
Signalgate is a signal to revisit security onboarding and training
A leak of information on American military operations caused a major political incident in March 2025. The Security Think Tank considers what can CISOs can learn from this potentially fatal error. Continue Reading
-
Opinion
29 May 2025
RSAC rewind: Agentic AI, governance gaps and insider threats
AI was naturally a major theme of this year's RSAC conference, but we maybe failed to anticipate how it is coming to dominate every conversation. Continue Reading
-
News
24 Jan 2019
Thales eSecurity spins out nCipher
After just over a decade, Thales eSecurity has announced that it has spun out HSM specialist nCipher, the UK-based encryption firm it acquired for $100m in 2008 Continue Reading
-
News
24 Jan 2019
Business failing to see strategic value of cyber security
UK businesses are failing to get value out of cyber security because they fail to see its strategic importance and often have a negative attitude towards security professionals, a study has revealed Continue Reading
-
News
24 Jan 2019
AWS now accredited to run protected workloads in Australia
Accreditation from the Australian Cyber Security Centre will enable organisations to store and process sensitive data in the Amazon Web Services Sydney region Continue Reading
-
News
23 Jan 2019
Facebook’s objections to court concerns over privacy more about ‘optics’ than facts
Facebook’s challenge to a High Court ruling that raises serious concerns about data transfers between Europe and the US is more about appearance than facts, lawyers for the Irish Data Protection Commission told Dublin's Supreme Court Continue Reading
-
News
23 Jan 2019
MPs challenge Huawei over spying allegations
The chair of the cross-bench Science and Technology Committee has written to Huawei seeking answers over its activities in the UK Continue Reading
-
News
23 Jan 2019
Time to deploy strong authentication, says Fido
The time has come for organisations to deploy cryptographically backed strong authentication, according to the Fido Alliance, which seeks to eliminate the world’s dependence on password-based security Continue Reading
-
News
22 Jan 2019
Ransomware in decline, report confirms
The trend of cryptomining replacing ransomware as the most popular money-generating activity by cyber attackers appears to be confirmed by malware stats for the past year Continue Reading
-
News
22 Jan 2019
London cyber innovation centre expands global ties
London innovation centre Plexal has announced international partnerships aimed at boosting global cyber security cooperation Continue Reading
-
News
22 Jan 2019
Davos 2019: Why data sharing is key to AI in Industry 4.0
Machines can learn from humans, but no one does the same job in the same way, so it makes sense to identify best practices Continue Reading
-
News
22 Jan 2019
Facebook: US government does not engage in mass and indiscriminate surveillance
Social media giant challenges a ruling by Dublin’s High Court over a judgment that it says made ‘extraordinary and incorrect’ findings about the US legal system Continue Reading
-
News
22 Jan 2019
€50m GDPR fine for Google is a wake-up call for tech giants
The French data protection authority has fined Google €50m for contravening EU data protection laws, which has been hailed as a warning for tech giants and other data handling firms Continue Reading
-
News
21 Jan 2019
Name and shame firms with poor cyber security, government told
The government should name and shame companies whose cyber security measures fail to protect consumers’ data and firms should implement Active Cyber Defence, an academic report urges Continue Reading
-
Podcast
21 Jan 2019
Podcast: How to get ready for the California Consumer Privacy Act
If you have any customers in California, you need to know about that state’s equivalent to GDPR. Mathieu Gorge of Vigitrust talks through what you need to achieve compliance Continue Reading
-
News
21 Jan 2019
Public procurement key to cyber security
Using public procurement as a means of boosting cyber security is the top recommendation for 2019, according to a report based on expert views Continue Reading
-
News
21 Jan 2019
Home Office vetoes privacy campaigner from senior post in surveillance watchdog
The Home Office refuses academic and privacy campaigner, Eric King, security clearance for a senior role at the intelligence services watchdog, despite high-level backing from officials Continue Reading
-
News
18 Jan 2019
Five issues for SMEs to consider when adopting encryption
Encryption is still considered difficult to deploy and use as a data protection method, especially by small businesses, but considering five key factors can make adoption easier, says Becrypt Continue Reading
-
News
18 Jan 2019
Prepare for no-deal Brexit, says ICO
The UK data protection authority is urging businesses to prepare for a no-deal Brexit to ensure there is no interruption in data flows from Europe Continue Reading
-
News
17 Jan 2019
Breach of nearly 2.7 billion records underlines password flaws
Potentially the biggest personal data breach to date from thousands of sources, some possibly breached as far back as 2008, illustrates the deeply flawed nature of password-based authentication, say industry commentators Continue Reading
-
News
17 Jan 2019
Threat intelligence boosts security training
Security professionals in training can now benefit from real-time threat intelligence data, thanks to a partnership between Digital Shadows and Immersive Labs Continue Reading
-
Opinion
17 Jan 2019
Security Think Tank: Cloud tech helps to protect advanced networks
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
News
16 Jan 2019
Researchers discover new Magecart group
Security researchers have uncovered a sub-group of the Magecart hacking group, highlighting the wider risks of web-based supply chain attacks Continue Reading
-
Opinion
16 Jan 2019
Facebook’s high-stakes privacy gamble goes to Dublin court
A high-wire gamble with billions in compensation at stake for European internet users – part of a complex case between Facebook and the Irish information commissioner – hides challenge to the unlawfulness of US state internet surveillance Continue Reading
-
Opinion
16 Jan 2019
Security Think Tank: Walk before you run
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Feature
15 Jan 2019
The rise of DevSecOps
The increasing complexity of security threats facing enterprises is leading to DevSecOps approaches, which combine operations and development with security, so that all business units are involved in security operations Continue Reading
-
News
15 Jan 2019
Businesses fail to apply encryption technology effectively
Most businesses are not applying common encryption tools effectively to contain the fallout and costs of data breaches, research shows Continue Reading
-
Opinion
15 Jan 2019
Security Think Tank: Apply different techniques to safeguard against rogue code
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
News
15 Jan 2019
Less than half of firms able to detect IoT breaches, study shows
UK firms have one of the lowest internet-of-things device breach detection capabilities in Europe, a study reveals Continue Reading
-
News
15 Jan 2019
SingHealth and IT supplier fined S$1m for data breach
Singapore’s data protection commission considered the fact that both SingHealth and its IT supplier fell prey to sophisticated threat actors, among other factors, when meting out the fine Continue Reading
-
Opinion
14 Jan 2019
Security Think Tank: Combine SDN, containerisation and encryption to halt rogue code
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
News
11 Jan 2019
AI application overlooked in cyber security research
Despite the proliferation of cyber security products and services claiming to be driven by artificial intelligence, the application of the technology is being overlooked by research, a study shows Continue Reading
-
News
10 Jan 2019
Right to be forgotten is not global, says EU court adviser
The right to be forgotten should apply only in the European Union, according to the chief adviser to the European Court of Justice Continue Reading
-
Opinion
10 Jan 2019
Security Think Tank: Creative thinking key to meeting emerging security challenges
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Podcast
10 Jan 2019
Podcast: Storage and compliance priorities in 2019
Mathieu Gorge, CEO of Vigitrust, looks ahead to key areas in compliance in 2019, including mushrooming data volumes, GDPR fines and the California Consumer Privacy Act Continue Reading
-
News
10 Jan 2019
Germany races to boost cyber defences after breach
Germany is scrambling to improve its cyber defences before the European parliamentary elections after a student leaked politicians’ personal data Continue Reading
-
News
09 Jan 2019
2FA bypass tool highlights top business security vulnerabilities
CEOs are the most likely target of two-factor authentication phishing bypasses, demonstrated by a security researcher’s proof-of-concept attack Continue Reading
-
News
09 Jan 2019
FireEye gears up email security for emerging threats
Email continues to be a top means of initiating cyber attacks with new detection bypass techniques and executive impersonation capabilities continually emerging, research shows Continue Reading
-
News
08 Jan 2019
Second Lorca cohort to focus on supply chain security
The second cohort of companies to benefit from the new London cyber innovation centre will focus on user-centric security and securing supply chains Continue Reading
-
Opinion
08 Jan 2019
eIDAS and the EU’s mission to create a truly portable identity
It is important for businesses to work more actively with technology partners, regulators and governments to create more robust identity verification processes Continue Reading
-
News
08 Jan 2019
Protego Labs launches serverless app security tool
Security professionals and developers now have a way to assess the security of their serverless applications with a new open source testing tool donated to Owasp Continue Reading
-
E-Zine
08 Jan 2019
Technology innovation in music
In this week’s Computer Weekly, we visit the first hackathon at Abbey Road Studios, once home to The Beatles, to find out how tech startups hope to revolutionise music creation. Our latest buyer’s guide examines the technologies and benefits of perimeterless network security. And we look ahead to the key CIO skills and jobs trends for 2019. Read the issue now. Continue Reading
-
Opinion
08 Jan 2019
Security Think Tank: Meeting the security challenge of multiple IT environments
How can organisations combine software defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
News
07 Jan 2019
Boards need to be active partners in cyber defence
Board members must be active governance partners in collaborative cyber defence, says US regional information sharing and analysis organisation Continue Reading
-
News
07 Jan 2019
BlackBerry licenses security tech to IoT device makers
BlackBerry is to license its secure software development technology to the makers of internet-connected devices to boost IoT security Continue Reading
-
Opinion
07 Jan 2019
Security Think Tank: Use SDN, containerisation and encryption tools to boost security
How can organisations combine software defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
News
06 Jan 2019
Singapore Airlines’ software glitch exposed customer data
More than 280 members of the Krisflyer frequent flyer programme had their personal information compromised by a one-off software bug Continue Reading
-
Blog Post
04 Jan 2019
How long will your New Year stay Happy?
The Freeform Dynamics crystal ball has been given a polish for 2019. Here's a few of the upcoming events - and risks - that we glimpsed in it... Online privacy back in the headlines A year on from ... Continue Reading
-
News
04 Jan 2019
Modern IT underlines need for zero-trust security
The increasing complexity of supply chains and interconnectivity of IT systems means the attack surface is widening and security has to evolve accordingly, warns British computer scientist Continue Reading
-
News
04 Jan 2019
Data breaches affected more than a billion people in 2018
The personal information of more than a billion people was compromised in 2018 as companies holding the data failed to keep it safe Continue Reading
-
News
04 Jan 2019
German politicians’ data leak shows need for global action
Hacked data includes contacts’ email addresses, private chats, mobile numbers, photographs and credit card details, which were published on Twitter Continue Reading
-
News
04 Jan 2019
Phishing attacks hidden by custom fonts
Security researchers have uncovered a new way in which phishing attacks are evading detection. Continue Reading
-
News
03 Jan 2019
Fortinet to lead cyber security discussion at WEF annual summit
The head of cyber security firm Fortinet has been named as a discussion leader at the upcoming World Economic Forum annual meeting in Davos, Switzerland Continue Reading
-
News
31 Dec 2018
New Year’s Honours 2019 lauds women in IT and data specialists
The New Year’s Honours list 2019 features accolades for leading women in IT and data, as well as other specialists in data Continue Reading
-
Opinion
31 Dec 2018
Can we live without passwords?
Can you imagine a future in which we can be secure online without having to remember an unwieldly list of passwords? Solutions are emerging that could make passwords redundant, but there will be other security problems to resolve Continue Reading
-
News
28 Dec 2018
Top 10 stories on national security in 2018
From Russian disinformation, state surveillance, and police stop and seizure powers, to Facebook and WikiLeaks Continue Reading
-
News
24 Dec 2018
Top 10 IT security stories of 2018
Here are Computer Weekly’s top 10 IT security stories of 2018 Continue Reading
-
News
23 Dec 2018
'Serious' Twitter flaw allows hackers to post on other people's accounts
A vulnerability in Twitter allows hackers to send tweets, private messages, post images or videos, and turn off security features, says British security researcher Continue Reading
-
News
21 Dec 2018
Top 10 cyber crime stories of 2018
Here are Computer Weekly’s top 10 cyber crime stories of 2018 Continue Reading
-
Blog Post
20 Dec 2018
Six months on, GDPR is a qualified success
Anyone hoping that we would by now have greater clarity on GDPR will have been sadly disappointed. Large swathes of the Regulation have yet to be tested in a court, and many of the high profile ... Continue Reading
-
News
20 Dec 2018
Marriott data breach losses could be over half a billion dollars
Direct losses related to a huge data breach at US hotel group could reach $600m Continue Reading
-
News
19 Dec 2018
Lauri Love battles police for return of computers as NCA confirms live investigation
The National Crime Agency (NCA) confirms there is a live investigation into Lauri Love in the UK, as Love brings legal action against UK police for the return of seized computer equipment Continue Reading
-
News
18 Dec 2018
APAC cyber security landscape to be more tumultuous in 2019
Amid growing cyber threats, the Asia-Pacific cyber security landscape will not get any rosier in 2019 unless organisations start shoring up their cyber hygiene Continue Reading
-
News
18 Dec 2018
Mobile security needs a rethink for the 5G era
A report released through the government’s 5G Testbeds and Trials programme has recommended the UK rethink its mobile security strategy Continue Reading
-
News
17 Dec 2018
Top 10 ASEAN stories of 2018
Organisations across Southeast Asia have been doubling down on efforts to take the lead in digital transformation initiatives Continue Reading
-
Opinion
17 Dec 2018
Security Think Tank: Prioritise multifactor authentication in 2019
At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted but did happen, and one thing that should happen in 2019 but probably will not Continue Reading
-
News
14 Dec 2018
Australia passes controversial encryption law
Arguments continue over law that requires companies to work with government agencies to ensure that encrypted communications can be read if a crime is suspected Continue Reading
-
News
13 Dec 2018
ICO and government help UK businesses prepare for no-deal Brexit
The Information Commissioner’s Office (ICO) and the government are providing guidance for UK businesses, particularly SMEs, on how to prepare for a possible no-deal Brexit Continue Reading
-
News
13 Dec 2018
Social engineering at the heart of critical infrastructure attack
Social engineering is the core technique used in a series of cyber attacks targeting government, defence, nuclear, energy and financial organisations around the world, which means people are key to defence Continue Reading
-
News
13 Dec 2018
UK trade sector risks GDPR fines over poor data disposal
UK businesses in the trade sector are risking GDPR fines for failing to wipe data from old IT equipment, a survey shows Continue Reading
-
News
13 Dec 2018
Most UK retailers plan to up cyber security
The majority of UK retailers are planning to increase cyber security measures during the Christmas season, a survey reveals Continue Reading
-
Opinion
12 Dec 2018
Security Think Tank: Prevention and detection key to disrupting malware comms
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including “sleepers” designed to be activated at a future date? Continue Reading
-
Opinion
11 Dec 2018
Security Think Tank: Severing C&C comms is key, but complex
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including “sleepers” designed to be activated at a future date? Continue Reading
-
News
11 Dec 2018
Large disparity in NHS cyber skills and training spend
Despite government pledges to up cyber security spending across the NHS, there are still huge disparities in cyber security skills and spending on cyber security training, FoI requests reveal Continue Reading
-
News
10 Dec 2018
UK businesses feel let down by government on cyber security
Government needs to provide more support around cyber security issues in 2019, according to the majority of UK IT leaders polled Continue Reading
-
News
07 Dec 2018
Court orders Post Office to explain inability to access encrypted file
Post Office unable to open encrypted recording of an interview that forms part of its evidence in High Court case Continue Reading
-
Opinion
06 Dec 2018
Security Think Tank: How to tool up to catch evasive malware comms
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including “sleepers” designed to be activated at a future date? Continue Reading
-
News
06 Dec 2018
China demands release of arrested Huawei CFO
The Chinese government has called for the release of Huawei chief financial officer Meng Wanzhou, who was detained in Canada at the weekend Continue Reading
-
Feature
05 Dec 2018
Brexit implications for data protection
Leaving the European Union will have serious implications for data protection in the UK unless adequate steps are taken, so businesses are advised to have contingency plans in place Continue Reading
-
News
05 Dec 2018
BT moves to strip Huawei kit from EE’s network
Telco will remove Huawei’s networking equipment from the core of EE’s 4G mobile network Continue Reading
-
News
05 Dec 2018
Nominet brings security expertise and tech to market
The .uk domain registry is to bring its DNS expertise and technology developed for the NCSC to market to address cyber security ‘blindspot’ Continue Reading
-
News
05 Dec 2018
UK consumers threaten data breach backlash
Most UK and global consumers are willing to walk away from businesses that fail to look after personal data, with retailers most at risk, research shows Continue Reading
-
Feature
04 Dec 2018
The future of network-connected device security
The proliferation of poorly secured network-connected devices has prompted the UK government to publish new best practice guidelines. Do these go far enough? Continue Reading
-
News
04 Dec 2018
‘Open-minded’ DVSA cuts cost of MOT testing
Government agency harnesses customised open source platform to ensure data security while cutting costs and plans to extend its MOT testing capability to do the same for drivers’ theory tests Continue Reading
-
News
04 Dec 2018
Financial institutions’ data at risk despite security spending
Despite increased spending on cyber security, digital transformation and advanced attacks mean financial institutions’ data is still at risk, a report reveals Continue Reading
-
News
04 Dec 2018
100 million Quora.com user details exposed
Question-and-answer site is the latest organisation to admit a breach of users’ personal data, with industry commentators calling out credential theft as a top cause of such breaches Continue Reading
-
News
03 Dec 2018
Liberty heads for judicial review over Investigatory Powers Act
The UK's powers to conduct supsicionless bulk surveillance on individuals and organisations face a legal challenge in the high court next year Continue Reading
-
Opinion
03 Dec 2018
Security Think Tank: Combine tech, process and people to block malware comms
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including "sleepers" designed to be activated at a future date. Continue Reading
-
News
03 Dec 2018
BT announces new head of security business
BT has appointed a former law enforcement officer and BT investigator as the new head of its security business Continue Reading
-
News
03 Dec 2018
UK government commits to opening up data in bid to push adoption of AI
Opening up data is vital to government plans to push adoption of artificial intelligence across all sectors of the UK economy Continue Reading
-
News
03 Dec 2018
Police investigations into cyber crime up 14% in a year
Officers forced to follow up over 2,500 complaints of Instagram, Facebook, email and website hacking, and Bitcoin ransom, despite a rise in violent crime, report reveals Continue Reading
-
News
30 Nov 2018
Marriott data breach highlights basic failings
A breach of a guest reservation database of the Starwood division of the Marriott International hotel group highlights basic personal data protection failures Continue Reading
-
News
30 Nov 2018
WannaCry borderline national cyber emergency
The May 2017 WannaCry attack, which disrupted services at one-third of NHS trusts and more than 600 primary care organisations is the closest the UK has come to a national cyber emergency, says the NCSC Continue Reading
-
News
29 Nov 2018
UK cyber security strategy making ‘good progress’
The National Cyber Security Strategy is making good progress, but there is much left to be done, according to a Cabinet Office official Continue Reading
-
News
29 Nov 2018
120,000 police officers to receive cyber security training
Cisco is partnering with UK police forces to offer cyber security training through the Cisco Networking Academy Continue Reading
-
News
28 Nov 2018
Cyber resilience lacking due to apathy of UK leaders
An unwillingness to accept that cyber is a real threat to critical national infrastructure by UK political and business leaders has resulted in a lack of resilience, says security industry veteran Continue Reading
-
News
28 Nov 2018
CIO interview: Stephen Docherty on NHS data sharing
The Cambridge Analytica scandal raised awareness about privacy. Stephen Docherty, CIO of South London and Maudsley NHS Trust, explains why Continue Reading
-
News
27 Nov 2018
Businesses failing to win consumer trust
Businesses are still largely failing to win the trust of consumers to keep their personal data safe as data breaches continue to make headlines Continue Reading
-
News
27 Nov 2018
ICO fines Uber £385,000 for data protection failings
Like Facebook, Uber has escaped a potentially much higher fine for data protection failings because the 2016 breach that affected millions of UK customers is not covered by the GDPR Continue Reading
-
News
26 Nov 2018
Unprecedented actions by Commons committee augur badly for Facebook
House of Commons’ serjeant-at-arms effectively arrested the CEO of a US software company and frogmarched him to Parliament, where he was told he would be imprisoned if he failed to hand over papers on Facebook Continue Reading
-
News
23 Nov 2018
Interview: Roger Taylor, chair, Centre for Data Ethics and Innovation
Chair of the new Centre for Data Ethics and Innovation says collaboration is vital for developing effective frameworks to manage the proliferation of AI and data-driven technologies Continue Reading
-
News
22 Nov 2018
ICO finds Metropolitan Police's Gangs Matrix seriously breaches data protection laws
A year-long ICO investigation has highlighted major problems with how the Metropolitan Police handles and shares the personal data of individuals on its Gangs Matrix Continue Reading