Privacy and data protection
-
E-Zine
07 Sep 2023
CW EMEA: The value of valuing people
In this month’s CW EMEA ezine, we look at HR software and strategies that can help combat staff attrition, find out how Finland’s and Sweden’s plans to join NATO have initiated activity in the Nordic cyber security sector already, consider the data privacy challenges associated with generative AI, and find out why it is important for companies to implement new cryptography standards now in preparation for quantum-safe communication. Read the issue now. Continue Reading
-
E-Zine
16 Jan 2023
CW EMEA: Protecting the privacy of schoolchildren
In this month’s CW EMEA, we look at how schools in Germany have stopped using Microsoft Office 365 over lack of clarity over how data is collected, shared and used. We also delve into how former UK spy boss Richard Dearlove leaked names of MI6 secret agent recruiters in China to back an aggressive right-wing US campaign against tech company Huawei. Read the issue now. Continue Reading
-
News
28 Dec 2023
Top 10 technology and ethics stories of 2023
Here are Computer Weekly’s top 10 technology and ethics stories of 2023 Continue Reading
-
News
27 Dec 2023
Top 10 police technology stories of 2023
Here are Computer Weekly’s top 10 police technology stories of 2023 Continue Reading
-
News
22 Dec 2023
Top 10 government IT stories of 2023
In the year that gave life to four new government departments, Whitehall bosses have continued to fly the flag for technology, with mixed results and success. Here are the stories that made waves in 2023 Continue Reading
-
Definition
21 Dec 2023
What is the CIA triad (confidentiality, integrity and availability)?
The CIA triad refers to confidentiality, integrity and availability, describing a model designed to guide policies for information security within an organization. Continue Reading
-
News
21 Dec 2023
Top 10 cyber crime stories of 2023
Ransomware gangs dominated the cyber criminal underworld in 2023, a year that will prove notable for significant evolutionary trends in their tactics Continue Reading
-
Opinion
20 Dec 2023
Zero-trust principles: Your gateway to securing remote workers
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Opinion
20 Dec 2023
What we learned in cyber in 2023, and what to look out for
PA Consulting's Rasika Somasiri looks back at a busy 12 months in the cyber security world, and highlights some key learnings from 2023 Continue Reading
-
News
19 Dec 2023
Top 10 cyber security stories of 2023
The past 12 months have seen the security agenda dominated by the usual round of vulnerabilities, concerns over supply chain security and more besides, but it was the chaotic state of global geopolitics that really made an impact Continue Reading
-
Feature
18 Dec 2023
How hybrid work patterns change end user computing
While some organisations have mandated that staff return to the office, many places still operate a hybrid policy – we look at the IT admin challenges Continue Reading
-
News
14 Dec 2023
Government plans to regulate to tackle datacentre threats
DSIT outlines a range of proposals designed to protect data storage facilities from cyber attacks, as well as physical threats and the effects of climate breakdown Continue Reading
-
News
14 Dec 2023
ICO complaint seeks answers from prosecutors over deleted Assange emails
An Italian journalist has complained to the data protection watchdog after the Crown Prosecution Service gave conflicting explanations over its deletion of key emails on WikiLeaks founder Julian Assange Continue Reading
-
News
13 Dec 2023
How ransomware gangs use the tech media against their victims
Ransomware gangs are increasingly media-savvy operators, and this means incident response plans now need to account for communications and PR strategies too Continue Reading
-
News
13 Dec 2023
Inside the Singapore government’s cloud journey
The Smart Nation Group’s chief digital technology officer outlines the government’s cloud journey, including its approach to cloud migration and how it came to host mission-critical workloads on AWS Continue Reading
-
News
12 Dec 2023
MoD fined after breach of Afghan staffers’ data put lives at risk
The MoD has been fined £350,000 by the ICO after an email blunder exposed data on Afghan nationals who had worked with British forces and were at risk of Taliban reprisals Continue Reading
-
News
12 Dec 2023
Outdated data protection practice key factor in PSNI data breach
The August 2023 data breach at the Police Service of Northern Ireland arose chiefly from an outdated approach to data protection and compliance at the force, according to an independent review Continue Reading
-
News
12 Dec 2023
Top IT predictions in APAC in 2024
Generative AI will continue to leave its mark on many areas in business and IT, along with other trends such as sustainability, cyber security and smart factories that are expected to shape the region’s technology landscape in 2024 Continue Reading
-
News
11 Dec 2023
Nordic governments join forces to protect data transfers
Nordic countries deepen their cooperation over cyber security amid heightened threat from neighbouring Russia Continue Reading
-
News
08 Dec 2023
Fancy Bear targets Nato entities via critical Outlook flaw
A vulnerability patched in March has likely been exploited by the Russian state actor Fancy Bear, for over two years, according to the latest intelligence Continue Reading
-
News
07 Dec 2023
UK names Russian FSB agents behind political hacking campaign
Russian hacking group, Star Blizzard, was part of a Russian intelligence operation aimed at interfering with UK politics and the democratic process, says government. Continue Reading
-
News
07 Dec 2023
NCSC exposes Russian cyber attacks on UK political processes
The NCSC has firmly attributed a long-running campaign of cyber attacks targeting UK political processes to a group run out of Russia’s FSB intelligence agency, known as Star Blizzard Continue Reading
-
Opinion
07 Dec 2023
Considerations for the security of evolving workspaces
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
News
07 Dec 2023
How Proofpoint is helping to mitigate AI security threats
Proofpoint is offering monitoring tools to prevent leakage of sensitive information in generative AI models and other capabilities to mitigate AI mediated attacks Continue Reading
-
News
05 Dec 2023
Operator of Sellafield nuclear facility denies hacking claims
The operator of the Sellafield nuclear site has denied allegations that senior managers covered up a series of cyber security lapses that enabled Chinese and Russian threat actors to compromise its networks Continue Reading
-
News
04 Dec 2023
Rhysida ransomware gang hits hospital holding royal family’s data
Ransomware gang boasts of having stolen data on the royal family in an attack on a private London hospital Continue Reading
-
News
01 Dec 2023
Human augmentation tech requires dual use oversight
Researchers investigating human augmentation technologies must acknowledge the potential military applications of their work, and military bodies cannot be allowed to dismiss ethical concerns in their pursuit of national security interests, says NGO Drone Wars UK Continue Reading
-
News
01 Dec 2023
Report reveals sorry state of cyber security at UK football clubs
Football clubs up and down the country are putting staff, players and fans alike at risk through outdated attitudes to cyber security, according to a report Continue Reading
-
Opinion
01 Dec 2023
Security Think Tank: Four steps to secure remote workers
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Definition
30 Nov 2023
privacy policy
A privacy policy is a legal document that explains how an organization handles any customer, client or employee information gathered in its operations. Continue Reading
-
News
30 Nov 2023
Government’s Online Fraud Charter welcomed
The government has corralled 11 of the largest tech platforms in the world to commit to its Online Fraud Charter, designed to tackle online scams, fake adverts, and more Continue Reading
-
News
30 Nov 2023
Rhysida gang stole hundreds of gigabytes of British Library data
The Rhysida ransomware gang behind the cyber attack on the British Library has published almost 600GB of stolen data to its dark web leak site Continue Reading
-
News
28 Nov 2023
Meta faces GDPR complaint over processing personal data without 'free consent'
Paid-for service means data protection is only available to those who can afford it, privacy group argues in data protection complaint Continue Reading
-
Opinion
24 Nov 2023
DORA raises the stakes for cloud use in financial services
The EU's DORA regulations will raise the stakes for cloud in financial services but resilience is more than just a tech issue, says NetApp's Steve Rackham Continue Reading
-
News
24 Nov 2023
UK police plan national roll-out of facial-recognition phone app
UK police chiefs plan to expand use of facial-recognition technology through a nationwide roll-out of mobile-based tools and increases in retrospective facial-recognition, but oversight problems persist Continue Reading
-
Blog Post
24 Nov 2023
Was the devil's greatest trick making you think tech CEOs are just people?
It’s been one of those weeks where tech makes headlines for all the wrong reasons. (Sadly, the wrong reasons are often the only reasons tech makes national headlines, but anyway…) There was much ... Continue Reading
-
Opinion
23 Nov 2023
Navigating the DPDI Bill: A transformative shift ahead
The Data Protection and Digital Information (No. 2) Bill, or DPDI, is set to reshape the UK’s data protection framework. Louise Brooks of DQM GRC considers the implications Continue Reading
-
News
23 Nov 2023
Australia ups ante on cyber security
Australia’s new cyber security strategy will focus on building threat-blocking capabilities, protecting critical infrastructure and improving the cyber workforce, among other priorities Continue Reading
-
News
22 Nov 2023
Palantir awarded NHS FDP data contract
NHS England has awarded a £330m, seven-year contract to US data specialist Palantir, prompting concerns from data privacy practitioners Continue Reading
-
News
21 Nov 2023
Internal documents leaked as Rhysida claims responsibility for British Library ransomware attack
Ransomware group Rhysida threatens to sell documents stolen from the British Library to the highest bidder Continue Reading
-
News
20 Nov 2023
Kingfisher develops AI-agnostic platform to power DIY assistant
The platform provides a framework for security and compliance and enables developers to test different large language models Continue Reading
-
News
20 Nov 2023
Cubbit DS3 Composer brings DIY cloud to object storage pool
Cubbit customers can now build and configure S3-compatible clouds from unused capacity and offer MSP-grade services with high levels of resilience, security and data sovereignty Continue Reading
-
News
20 Nov 2023
IT not ready for AI, Pure Storage survey finds
Storage, compute and networking hardware won’t cope without upgrades, and that often means total IT infrastructure overhaul Continue Reading
-
News
20 Nov 2023
Defence lawyers seek appeal of tribunal ruling on police EncroChat cryptophone hack
Defence lawyers are seeking leave to appeal against a tribunal ruling that found the National Crime Agency had lawfully obtained warrants to access messages from 9,000 cryptophones used in the UK Continue Reading
-
Podcast
17 Nov 2023
Walmart’s enterprise software: A Computer Weekly Downtime Upload podcast
We speak to Walmart’s David Glick about the build/buy debate and how the retailer works with large language models Continue Reading
-
News
16 Nov 2023
Outgoing police tech watchdog warns of declining oversight
The outgoing biometrics and surveillance camera commissioner for England and Wales discusses police deployment of powerful new surveillance technologies, and the declining state of oversight in this area Continue Reading
-
News
16 Nov 2023
Ransomware gang grasses up uncooperative victim to US regulator
The ALPHV/BlackCat ransomware gang has added a new tactic to its playbook, going to ever more extreme lengths in search of a pay-off Continue Reading
-
News
16 Nov 2023
British Library’s Halloween cyber scare was ransomware
The British Library has provided an update on an ongoing cyber incident affecting its systems, confirming it to be the result of a ransomware attack Continue Reading
-
News
15 Nov 2023
BlackCat affiliate seen using malvertising to spread ransomware
Researchers at eSentire identified a wave activity from an ALPHV/BlackCat ransomware affiliate which has adopted a somewhat unusual approach to delivering its locker Continue Reading
-
News
15 Nov 2023
Russian cyber criminal pleads guilty to running IPStorm botnet
Sergey Manikin faces years in jail after his illicit proxy botnet service was taken down by US law enforcement Continue Reading
-
News
13 Nov 2023
Rogue state-aligned actors are most critical cyber threat to UK
The prospect of rogue nation-state-aligned attackers bringing down the UK’s critical infrastructure is keeping the NCSC up at night Continue Reading
-
News
13 Nov 2023
Encrypted mail service Tuta says it was wrongly accused of being a front for intelligence services
German encrypted email service Tuta, formerly known as Tutanota, has denied claims by a former Canadian police intelligence officer accused of passing secrets to criminals that it was compromised by intelligence services Continue Reading
-
News
13 Nov 2023
ICO alerted after technical ‘issue’ exposed college files to student barristers
A training college for barristers has reported a data breach that left sensitive data on hundreds of current and former students accessible to other trainees Continue Reading
-
News
09 Nov 2023
NCSC makes annual Black Friday plea to consumers
Ahead of the annual festival of retail avarice, the NCSC is once again asking consumers to do the bare minimum to avoid falling victim to scams Continue Reading
-
News
09 Nov 2023
UK government does not see need for specific AI legislation
The UK government does not currently see the need for new artificial intelligence legislation, as many regulators are already dealing effectively with AI-related harms Continue Reading
-
News
08 Nov 2023
Data-sharing management gap highlights cyber risk, says report
Organisations are struggling to secure their use of communications tools to share data with third-party partners and suppliers, and in the process are exposing themselves to heightened levels of risk, according to a report Continue Reading
-
News
08 Nov 2023
Iconic Singapore hotel caught up in major data breach
The Marina Bay Sands resort in Singapore uncovered a data breach of its guest loyalty programme last month Continue Reading
-
News
08 Nov 2023
King’s Speech misses the mark on cyber law reform, says campaign
A group of activists who want to reform the UK’s computer misuse laws to protect bona fide cyber pros from prosecution have been left disappointed by a lack of legislative progress Continue Reading
-
News
07 Nov 2023
Unesco unveils seven-point anti-disinformation plan
United Nations body outlines seven proposals for civil society, governments, regulators and tech platforms to adopt to combat the source of disinformation Continue Reading
-
E-Zine
07 Nov 2023
How ExxonMobil is leading with data
In this week’s Computer Weekly, we talk to the leader of ExxonMobil’s data organisation, about the energy giant’s strategy to establish enterprise-wide principles for the use of data. As the UK’s Online Safety Act comes into force, we examine the tech sector’s concerns over the laws around end-to-end encryption. And we look at the software tools available to HR teams to help improve staff retention. Read the issue now. Continue Reading
-
06 Nov 2023
Tech firms flag risk to end-to-end encryption as Online Safety Bill gets royal assent
Technology organisations remain concerned that the newly implemented Online Safety Act could undermine end-to-end encryption, despite government reassurances that it will ensure online safety. Continue Reading
-
News
02 Nov 2023
UK workers exhibit poor security behaviours, report reveals
Report by KnowBe4 has found that four in five UK workers do not make security-conscious choices, whether in-office, remote or hybrid working Continue Reading
-
Opinion
02 Nov 2023
Use existing structures to build your incident response plan
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
-
News
02 Nov 2023
How the UK crime agency repurposed Amazon cloud platform to analyse EncroChat cryptophone data
UK crime agency repurposed AWS-based analytics platform to triage EncroChat data and identify threats to life in messages sent on encrypted phone network Continue Reading
-
News
02 Nov 2023
EU digital ID reforms should be ‘actively resisted’, say experts
Over 300 cyber security experts have called for the EU to rethink its proposals for eIDAS digital identity reforms, saying some of the provisions risk damaging user privacy and security Continue Reading
-
News
01 Nov 2023
Darktrace CEO Poppy Gustafsson on her AI Safety Summit goals
As the AI Safety Summit at Bletchley Park takes place, Computer Weekly caught up with Darktrace CEO Poppy Gustafsson to find out what one of the UK’s most prominent AI advocates wants from proceedings Continue Reading
-
News
31 Oct 2023
Biden’s AI plans focus on US workers’ protection
The US president has issued an Executive Order that sets out his administration’s strategy for AI safety and security Continue Reading
-
Definition
30 Oct 2023
supercookie
A supercookie is a type of tracking cookie inserted into an HTTP header to collect data about a user's internet browsing history and habits. Continue Reading
-
News
30 Oct 2023
Frontier AI Taskforce starts recruitment drive
The second progress report from the Frontier AI Taskforce reveals new hires plus vacancy posts for software and research engineers Continue Reading
-
Opinion
30 Oct 2023
Reported major cyberattacks are falling – but watch out for the massive threats posed by gen AI
The number of reported major cyberattacks is falling. Are we just getting used to them? Continue Reading
-
Feature
30 Oct 2023
Greek data watchdog to rule on AI systems in refugee camps
A forthcoming decision on the compliance of surveillance and security systems in Greek refugee camps could set a precedent for how AI and biometric systems are deployed for ‘migration management’ in Europe Continue Reading
-
News
27 Oct 2023
Tech firms cite risk to end-to-end encryption as Online Safety Bill gets royal assent
Tech firms continue to be concerned that the Online Safety Bill could undermine end-to-end encryption despite government reassurances Continue Reading
-
News
27 Oct 2023
Domestic abuse charities surface fresh worries over NHS data sharing
With new NHS data access options coming into effect at the end of October, a group of campaigners including womens' charities and the BMA have warned that the revived GP-patient data sharing scheme risks putting vulnerable people at risk Continue Reading
-
News
27 Oct 2023
How Elastic manages cyber security threats
Mandy Andress, CISO at Elastic, highlights the company’s approach to tackling evolving cyber threats through the use of AI tools and enhanced security measures while strengthening the capabilities of its security offerings Continue Reading
-
News
27 Oct 2023
Germany: European Court opinion kicks questions over EncroChat back to national courts
Germany lawfully obtained data on German EncroChat users from France, but whether the evidence is legally admissible is a matter for national courts Continue Reading
-
News
26 Oct 2023
Sunak sets scene for upcoming AI Safety Summit
Prime minister Rishi Sunak has outlined how the UK will approach making AI safe, but experts say there is still too big a focus on catastrophic but speculative risks over real harms the technology is already causing Continue Reading
-
News
26 Oct 2023
Boardrooms losing control in generative AI takeover, says Kaspersky
C-suite executives are increasingly fretful about what they perceive as a ‘silent infiltration’ of generative AI tools across their organisations Continue Reading
-
News
25 Oct 2023
UK Finance paints mixed picture of fraud as losses top £500m
UK losses to fraud in the first six months of the year topped £500m, but a slight decline in overall crime rates was observed, according to UK Finance’s latest data Continue Reading
-
News
25 Oct 2023
1Password caught up in Okta support breach
After breaches at BeyondTrust and Cloudflare, 1Password, a third customer of Okta operating in the same space, has revealed that it too was impacted in a breach of the IAM house’s support systems Continue Reading
-
Opinion
24 Oct 2023
The new data landscape: how will the new UK-US data bridge affect businesses?
With the UK-US data bridge coming into effect on 12 October 2023, find out what steps your organisation can take to take advantage of, and remain compliant with, the new framework Continue Reading
-
News
24 Oct 2023
Kaspersky opens up over spyware campaign targeting its staffers
Kaspersky has shared more details of the TriangleDB spyware that was used against its own workforce by an unknown APT group Continue Reading
-
News
23 Oct 2023
How Ensign is leading the charge in cyber security
Lee Fook Sun, chairman of Ensign InfoSecurity, traces the company’s journey and how it is leading the charge in cyber security by doing things differently, investing in R&D and engaging with the wider ecosystem Continue Reading
-
News
20 Oct 2023
Computer Weekly contributor named Godfather of UK Security
Advent IM founder Mike Gillespie was among those honoured at the eighth annual Security Serious Unsung Heroes Awards Continue Reading
-
News
20 Oct 2023
Five Eyes chiefs warn of Chinese spying campaign to steal high-tech secrets
Intelligence chiefs warn high-tech companies and universities they may be the target of attempts by the Chinese Communist Party to steal technology secrets Continue Reading
-
News
19 Oct 2023
Fears grow over extent of Cisco IOS XE zero-day
Researchers have identified spiking numbers of victims of a recently disclosed Cisco zero-day, as users of the networking supplier’s IOS XE software are urged to take defensive measures Continue Reading
-
News
19 Oct 2023
Sellafield local authority unsure if data was stolen six years on from North Korea ransomware attack
Senior managers at an ‘Achilles heel’ local authority for Europe’s biggest nuclear site ‘still don’t know what was lost’ in a 2017 cyber attack, according to a council source Continue Reading
-
Opinion
19 Oct 2023
DORA: Moving into a new era of digital resilience
The EU’s Digital Operational Resilience Act will come into force in just over a year, the majority of risk management professionals are only at the beginning of their planning journey. Kate Needham-Bennett of Fusion Risk Management explains how to get things moving Continue Reading
-
News
18 Oct 2023
What are the cyber risks from the latest Middle Eastern conflict?
The outbreak of war between Hamas and Israel in October 2023 has seen a wide variety of accompanying cyber attacks from hacktivists and other groups. We look at the risks to organisations Continue Reading
-
News
17 Oct 2023
Five Eyes issues five tips on thwarting nation state threats
Intelligence chiefs from the UK, Australia, Canada, New Zealand and the US have published guidance on building resilience against nation state cyber threats Continue Reading
-
News
17 Oct 2023
Hacktivist attacks against Israeli websites mirror attacks following Russian invasion of Ukraine
Hacktivists supporting Gaza and Palestine have launched hundreds of website defacement attacks against Israeli websites, mirroring the pattern of attacks that occurred after Russia’s invasion of Ukraine Continue Reading
-
News
17 Oct 2023
What it takes to succeed in DevSecOps
Providing engineering leadership and balancing between speed and security are some areas that organisations will need to focus on in their DevSecOps journey Continue Reading
-
Definition
16 Oct 2023
SEO poisoning (search poisoning)
SEO poisoning, also known as 'search poisoning,' is a type of malicious advertising (malvertising) in which cybercriminals create malicious websites and then use search engine optimization (SEO) techniques to cause the sites' links to show up prominently in search results, often as ads at the top of the results. Continue Reading
-
News
13 Oct 2023
US SEC launches probe into mass MOVEit breach
Progress Software is facing an investigation from the SEC for the breach of its MOVEit tool, as well as dozens of legal battles resulting from the exfiltration of personal data from the roughly 2,000 organisations affected Continue Reading
-
News
12 Oct 2023
Scottish biometrics watchdog outlines police cloud concerns
Police Scotland’s response to the biometrics commissioner’s formal information notice ‘did not ameliorate’ his concerns about the sovereignty and security of the sensitive biometric information being uploaded to cloud infrastructure that is subject to intrusive US surveillance laws Continue Reading
-
News
11 Oct 2023
Why only 1% of the Snowden Archive will ever be published
Speaking to Computer Weekly after we published new revelations from the Snowden archive, the Guardian’s Pulitzer Prize winner, Ewen MacAskill, explains why more of the Snowden trove is unlikely to see the light of day Continue Reading
-
Feature
11 Oct 2023
Preparing IT security for the age of quantum computing
We look at what progress is being made to ensure digital communications remain secure as quantum computers make an entrance Continue Reading
-
News
10 Oct 2023
MGM faces £100m loss from cyber attack on its casinos
MGM Resorts has provided further details on the fallout of the hack targeting its casinos in early September, confirming that a range of personal information has been stolen and that it will likely cost the firm around $100m Continue Reading
-
News
05 Oct 2023
Microsoft: Nation-state cyber espionage on rise in 2023
Microsoft’s latest Digital Defence Report outlines how nation-state cyber activity has largely moved from destructive attacks to espionage and intelligence gathering Continue Reading
-
News
05 Oct 2023
Policing minister wants to use UK passport data in facial recognition
The policing minister’s plans to integrate the UK’s passport database with police facial-recognition systems have been met with criticism from campaigners, academics, and the biometrics commissioner for England and Wales Continue Reading
-
News
04 Oct 2023
Lloyds Bank launches digital identity app
Lloyds Bank has launched a digital identity app with tech startup Yoti, after it invested £10m in the firm Continue Reading
-
Feature
04 Oct 2023
Ransomware: All the ways you can protect storage and backup
We survey the key methods of ransomware protection, including immutable snapshots, anomaly detection, air-gapping, anomaly detection, and supplier monetary guarantees Continue Reading
-
News
03 Oct 2023
Cyber experts urge EU to rethink vulnerability disclosure plans
The European Union’s proposed cyber security vulnerability disclosure measures are well-intentioned but ultimately counterproductive, as making unmitigated vulnerabilities public knowledge increases the risk of their exploitation by various actors, experts claim Continue Reading