Regulatory compliance and standard requirements
-
News
20 Oct 2025
France’s Atos eyes UK public sector with investment in secure UK infrastructure
French IT services supplier invests in highly secure and accredited UK-based infrastructure Continue Reading
-
News
16 Oct 2025
Microsoft identifies boardroom cyber awareness as a top priority
Digital security report urges IT leaders to convince company boards that cyber security is a board-level problem Continue Reading
-
News
15 Oct 2025
ICO fines Capita £14m after ransomware caused major data breach
Outsourcing giant hit with £14m fine over 2023 cyber attack, but costs could rise as legal actions continue Continue Reading
-
News
15 Oct 2025
Obsession with cyber breach notification fuelling costly mistakes
The race to meet security breach notification deadlines is leading to staff burnout, destroyed evidence and a culture of blame, warns a Trend Micro risk and security strategist Continue Reading
-
News
07 Oct 2025
The Security Interviews: David Bradbury, CSO, Okta
Okta’s chief security officer talks security by default and explains why he thinks time is running out for the shared responsibility model Continue Reading
-
Opinion
07 Oct 2025
Building resilience in the cloud: Bridging SLA gaps and mitigating risk
The Computer Weekly Security Think Tank considers how security leaders can help assure access to the new and innovative cloud tech while minimising risk and ensuring they do not fall foul of regulators. Continue Reading
-
News
06 Oct 2025
Police ordered to give reasons in closed court for seizing phone of UK Hamas lawyer
London court orders police to disclose reasons for seizing and copying the contents of a phone belonging to a UK lawyer who represented Hamas, but refuses an injunction to prevent police from reviewing the phone until after judicial review Continue Reading
-
News
06 Oct 2025
Data sovereignty demand pushes Herabit to get S3 storage
Italian service provider gets Cubbit DS3 distributed S3 storage to provide up to 2PB of cloud services to customers demanding data sovereignty, while cutting costs by up to 50% Continue Reading
-
News
02 Oct 2025
PSNI appoints legal counsel to report on police conduct after McCullough surveillance review
The Police Service of Northern Ireland has commissioned a senior lawyer to report back on whether there was any misconduct by police officers following the McCullough Review into the surveillance of journalists, lawyers and NGOs Continue Reading
-
News
01 Oct 2025
Home Office issues new ‘backdoor’ order over Apple encryption
A second Home Office technical capability notice requires Apple to provide access to encrypted data and messages of British users stored on its iCloud service Continue Reading
-
News
01 Oct 2025
US government shutdown stalls cyber intel sharing
A key US law covering cyber security intelligence sharing has expired without an extension or replacement amid a total shutdown of the federal government, putting global security collaboration at risk. Continue Reading
-
News
01 Oct 2025
EU Chat Control plans pose ‘existential catastrophic risk’ to encryption, says Signal
As EU member states prepare to vote on plans to mandate tech companies to introduce technology to scan messages before they are encrypted, Signal warns that Chat Control will create new security risks Continue Reading
-
News
30 Sep 2025
MPs press outsourcer TCS over Jaguar cyber attack
The government’s cross-bench Business and Trade Committee has written to Tata Consultancy Services seeking answers over possible links to cyber attacks on Jaguar Land Rover, Marks and Spencer, and Co-op Continue Reading
-
News
29 Sep 2025
JLR tentatively restarts production, following £1.5bn government backing
Jaguar Land Rover is to resume car production after a £1.5bn government loan guarantee amid its cyber attack fallout. Debate is growing over the bailout and insurance Continue Reading
-
News
26 Sep 2025
Over half of India-based companies suffer security breaches
Business supply chains, which include Indian companies, are at risk of attack as more than half of suppliers were breached last year Continue Reading
-
News
26 Sep 2025
Microsoft hides key data flow information in plain sight
Microsoft’s own documentation confirms that data hosted in its hyperscale cloud architecture routinely traverses the globe, but the tech giant is actively obfuscating this vital information from its UK law enforcement customers Continue Reading
-
News
26 Sep 2025
Okta CEO: AI security and identity security are one and the same
At Oktane 2025 in Las Vegas, Okta CEO Todd McKinnon describes AI security and identity security as inseparable as he tees up a series of agentic security innovations Continue Reading
-
News
25 Sep 2025
Netherlands establishes cyber resilience network to strengthen public-private digital defence
Network will connect organisations in a cyber crime defence initiative that goes way beyond information sharing Continue Reading
-
News
24 Sep 2025
McCullough Review finds PSNI failures but no ‘systemic’ surveillance of journalists
A review by Angus McCullough KC reveals that Northern Ireland police failed to comply with the law but that there was no ‘widespread and systemic’ surveillance of journalists, lawyers and NGOs Continue Reading
-
Definition
23 Sep 2025
What is SOX compliance? A complete guide and checklist
SOX compliance entails adhering to the Sarbanes-Oxley Act of 2002, a U.S. law introduced to enhance investor protection by ensuring greater accuracy, transparency and accountability in public companies' financial reporting. Continue Reading
-
News
23 Sep 2025
‘Our worst day’: The untold story of the Electoral Commission cyber attack
As head of digital at The Electoral Commission, Andrew Simpson’s mettle was tested when threat actors gained access to the regulator’s email systems and accessed sensitive voter data. Three years on, he tells his story to Computer Weekly Continue Reading
-
Opinion
23 Sep 2025
Angus McCullough’s review: A reckoning for the PSNI – and for press freedom
The McCullough Review to be published on Wednesday could mark a turning point for press freedom and for policing in Northern Ireland Continue Reading
-
Opinion
22 Sep 2025
From breach to resilience: How the Electoral Commission rebuilt its cyber defences
The UK's Electoral Commission fell victim to a major cyber attack in 2022. Three years on, the organisation is reflecting on its experience and sharing the lessons it learned to help others improve their security resilience. Continue Reading
-
Definition
22 Sep 2025
What is regulatory compliance?
Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business processes. Continue Reading
-
News
19 Sep 2025
UK cyber action plan lays out path to resilience
A report produced for the government by academics at Imperial College London and the University of Bristol sets out nine recommendations to strengthen the UK’s cyber sector Continue Reading
-
News
19 Sep 2025
French court ruling may lead to legal challenges over state Sky ECC and EncroChat phone hack
A decision by the French supreme court may pave the way for defendants to challenge the lawfulness of France’s hacking of the EncroChat and Sky ECC cryptophone networks used by organised crime groups Continue Reading
-
News
17 Sep 2025
Firms urged to adopt risk-based data sovereignty strategy
Geopolitical uncertainty is forcing organisations to rethink where their data is located, but a full retreat from the public cloud is not the answer Continue Reading
-
Podcast
17 Sep 2025
Podcast: Data sovereignty and what you need to do about it
Patrick Smith, EMEA CTO of Pure Storage, talks about data sovereignty, what’s driving heightened interest in it, and how customers, the tech industry and states are preparing for it Continue Reading
-
News
17 Sep 2025
Hamas lawyer challenges police after they seized legal files from phone in Schedule 7 stop
A UK solicitor hired by Hamas to challenge its proscription in the UK as a terrorist organisation argues police acted unlawfully by seizing a phone containing confidential legally privileged material about his clients Continue Reading
-
Opinion
16 Sep 2025
Cyber leaders must make better use of risk experts
The Computer Weekly Security Think Tank considers how security leaders can help assure access to the new and innovative cloud tech while minimising risk and ensuring they do not fall foul of regulators. Continue Reading
-
News
15 Sep 2025
Arqit to support NCSC’s post-quantum cryptography pilot
Quantum specialist Arqit will provide specialised post-quantum migration planning services to organisations preparing to address the imminent risks to traditional cryptography Continue Reading
-
News
15 Sep 2025
Forrester Technology & Innovation Summit preview: Digital sovereignty in the public cloud
We look at how IT leaders need to balance data access, data residency and data sovereignty Continue Reading
-
News
11 Sep 2025
Chat Control: EU to decide on requirement for tech firms to scan encrypted messages
Law enforcement and police experts meet on Friday to decide on proposals to require technology companies to scan encrypted messages for possible child abuse images amid growing opposition from security experts Continue Reading
-
News
10 Sep 2025
UK contactless card payment limits could be unlimited
The UK Financial Conduct Authority says contactless payment technology and fraud protections have advanced enough for firms to adjust the limit Continue Reading
-
News
08 Sep 2025
Northern Ireland police kept inspectors in dark over surveillance of journalists
The Police Service of Northern Ireland failed to inform the Investigatory Powers Commissioner’s Office about surveillance operations against journalists during annual inspections Continue Reading
-
News
05 Sep 2025
US politicians ponder Wimwig cyber intel sharing law
US cyber data sharing legislation is set to replace an Obama-era law, but time is running out to get it over the line, with global ramifications for the security industry, and intelligence and law enforcement communities Continue Reading
-
Opinion
05 Sep 2025
SLA promises, security realities: Navigating the shared responsibility gap
The Computer Weekly Security Think Tank considers how security leaders can help assure access to the new and innovative cloud tech while minimising risk and ensuring they do not fall foul of regulators. Continue Reading
-
News
04 Sep 2025
UK sets out plans for AI assurance leadership
Labour wants the UK to become the world leader in artificial intelligence assurance Continue Reading
-
Opinion
03 Sep 2025
Bridging the SLA gap: A guide to managing cloud provider risk
The Computer Weekly Security Think Tank considers how security leaders can help assure access to the new and innovative cloud tech while minimising risk and ensuring they do not fall foul of regulators. Continue Reading
-
News
03 Sep 2025
European court upholds EU-US Data Privacy Framework data-sharing agreement
EU General Court upholds EU-US Data Privacy Framework, bringing certainty to businesses that exchange data with the US – for now. An appeal may be in the offing Continue Reading
-
News
31 Aug 2025
Google Cloud brings on-premise Gemini AI to Singapore
Move allows government agencies and regulated industries to run Google’s most powerful artificial intelligence models in their own datacentres, directly addressing data security and residency requirements to fuel the nation’s AI ambitions Continue Reading
-
News
29 Aug 2025
Home Office ‘backdoor’ seeks worldwide access to Apple iCloud users’ data, court documents confirm
A court filing states that a government order against Apple would give it the capability to access communications and metadata of customers using the iCloud service anywhere in the world Continue Reading
-
Feature
28 Aug 2025
AI and backup: How backup products leverage AI
We look at how AI helps with backup, from AI analysis of backup jobs and their integrity through natural language support functionality to ransomware and anomaly detection Continue Reading
-
News
28 Aug 2025
UK cyber security centre helps expose China-based cyber campaign
GCHQ cyber security centre and its international partners release details of malicious cyber activity linked to Chinese businesses Continue Reading
-
News
21 Aug 2025
Scale of MoD Afghan data breaches widens dramatically
Many more data breaches at the MoD's Arap programme to relocate at-risk Afghan citizens to Britain have emerged following an FoI request by BBC journalists Continue Reading
-
Feature
21 Aug 2025
European digital sovereignty: Storage, surveillance concerns to overcome
As China and the US increase surveillance capabilities, are European companies caught in the middle of a data security storm? Continue Reading
-
News
20 Aug 2025
Microsoft starts including PQC algorithms in cyber foundations
Microsoft updates on its post-quantum cyber strategy as it continues integrating quantum-safe algorithms into some of the core foundations underpinning its products and services Continue Reading
-
News
19 Aug 2025
Google spins up agentic SOC to speed up incident management
Google Cloud elaborates on its vision for securing artificial intelligence unveiling new protections and capabilities across its product suite Continue Reading
-
News
19 Aug 2025
ISACA launches AI security management certification
ISACA accredited security professionals can now pursue a new AI security management credential Continue Reading
-
News
19 Aug 2025
US says UK has agreed to drop encryption ‘backdoor’ demands against Apple
US and UK end diplomatic row over UK encryption ‘backdoor’ order against Apple, but it remains unclear whether Apple will restore advanced encryption services to UK users Continue Reading
-
News
19 Aug 2025
Singapore board directors to get cyber crisis training
The Singapore Institute of Directors and Ensign InfoSecurity have launched a programme to equip 1,000 board leaders with the skills to navigate high-stakes decisions during a cyber crisis Continue Reading
-
News
18 Aug 2025
L’Oréal to promote cyber resilience for Britain’s beauty salons
L’Oréal UK and Ireland will work with law enforcement, cyber educators and students, and other large organisations to help thousands of small salons across the UK improve their cyber resilience practice Continue Reading
-
News
15 Aug 2025
UK cyber leaders feel impact of Trump cutbacks
The ripple effects of US cyber security cutbacks have reached this side of the Atlantic, according to a report Continue Reading
-
News
15 Aug 2025
US trade body calls on Washington to cut cyber red tape
The US Information Technology Industry Council has called on the White House’s Office of the National Cyber Director to cut burdensome regulations in areas such as AI and incident reporting, and to do more to build a unified security regime Continue Reading
-
Opinion
13 Aug 2025
What the UK's ransomware crackdown signals for Europe
The UK government is forging a bold path as it aims to ban ransomware payments from certain organisations. Its actions could herald an inflexion point in Europe's broader response to ransomware. Continue Reading
-
News
12 Aug 2025
Norway fixing Big Bang e-health botch with fintech security
Experts call for Europe’s health sector to protect medical APIs with security originated from UK open banking as officials take urgent measures against unprecedented attacks Continue Reading
-
Opinion
11 Aug 2025
How CISOs can adapt cyber strategies for the age of AI
Traditional security measures may not be able to cope with the AI reality. In order to safeguard enterprise operations, reputation and data integrity in an AI-first world, security leaders need to rethink. Continue Reading
-
News
11 Aug 2025
McCullough Review into PSNI spying on journalists and lawyers delayed
Angus McCullough KC is to present findings of an independent review of police spying on phone data of lawyers, journalists and NGOs in Northern Ireland in October Continue Reading
-
News
11 Aug 2025
Watching the watchers: Is the Technical Advisory Panel a match for MI5, MI6 and GCHQ?
Dame Muffy Calder is chair of the Technical Advisory Panel (TAP), a small group of experts that advises the Investigatory Powers Commissioner on surveillance technology. Do they have what it takes to oversee the intelligence community? Continue Reading
-
News
06 Aug 2025
Black Hat USA: Startup breaks secrets management tools
Researchers at Cyata, an agentic identity specialist that has just emerged from stealth, found 14 CVEs in the widely used CyberArk Conjur and HashiCorp Vault enterprise secrets management platforms Continue Reading
-
News
06 Aug 2025
Companies House ID verification to start in November 2025
Companies House plans to start vetting director identities from mid-November, but its reliance on the troubled One Login digital identity service may be cause for concern Continue Reading
-
News
06 Aug 2025
NCSC updates CNI Cyber Assessment Framework
Updates to the NCSC’s Cyber Assessment Framework are designed to help providers of critical services better manage their risk profiles Continue Reading
-
News
06 Aug 2025
Australian scaleup to bring AI-led data protection to the MoD
The UK’s Ministry of Defence is embracing AI-led data protection in the wake of a major privacy breach, enlisting Australian cyber firm Castlepoint Systems to oversee sensitive records Continue Reading
-
News
04 Aug 2025
Proliferation of on-premise GenAI platforms is widening security risks
Research finds increased adoption of unsanctioned generative artificial intelligence platforms is magnifying risk and causing a headache for security teams Continue Reading
-
Opinion
01 Aug 2025
The blind spot: digital supply chain is now a board-level imperative
Many companies lack visibility into complex digital supply chains, meaning hidden risks and regulatory exposure. Cyber security requires continuous mapping and board engagement Continue Reading
-
News
30 Jul 2025
AI-enabled security pushes down breach costs for UK organisations
Organisations that are incorporating AI and automation into their cyber security practice are seeing improved outcomes when incidents occur, according to an IBM study Continue Reading
-
Opinion
30 Jul 2025
Cyber governance practices are maturing - and reshaping leadership expectations
How technology leaders can help organisations shape their cyber governance practices and strengthen their collaboration across the executive team Continue Reading
-
Opinion
30 Jul 2025
GDPR’s 7th anniversary: in the AI age, privacy legislation is still relevant
Seven years after GDPR reshaped data protection, AI is forcing a fresh look at governance. GDPR’s principles remain critical, guiding ethical AI use, risk management, and trusted innovation Continue Reading
-
News
30 Jul 2025
Industry experts warn crypto infrastructure is ‘creaking’
A report from experts at HSBC, Thales and InfoSec Global claims decades-old cryptographic systems are failing, putting businesses at risk from current vulnerabilities and the threat from quantum computing Continue Reading
-
News
29 Jul 2025
Senator warns of new UK surveillance risks to US citizens following Apple ‘backdoor’ row
US lawmaker calls for the US to publish an assessment of the risks posed by UK surveillance laws to US citizens in the wake of disclosures that the UK has ordered Apple to introduce ‘backdoors’ in Apple encryption Continue Reading
-
News
29 Jul 2025
Austrian government faces likely legal challenge over state spyware
Civil society groups are talking to opposition MPs about bringing a legal challenge to the Austrian constitutional court over ‘state trojan’ law Continue Reading
-
Definition
29 Jul 2025
What is good automated manufacturing practice (GAMP)?
Good automated manufacturing practice (GAMP) is a set of guidelines for pharmaceutical manufacturers. Continue Reading
-
Opinion
25 Jul 2025
The UK’s ransomware payment ban is a strategic win
The UK's proposed public sector ransomware payment ban could be a bold step, but it can't operate in isolation. Continue Reading
-
News
24 Jul 2025
Scattered Spider victim Clorox sues helpdesk provider
Cleaning products manufacturer Clorox fell victim to a Scattered Spider social engineering attack two years ago – it blames its IT helpdesk provider, Cognizant Continue Reading
-
News
24 Jul 2025
Dutch researchers use heartbeat detection to unmask deepfakes
Dutch method to counter deepfakes analyses blood flow patterns in faces that current deepfake generation tools cannot yet replicate Continue Reading
-
News
24 Jul 2025
Monzo’s £21m fine highlights banks’ cyber security failures
Monzo’s recent fine over failings in its customer verification processes highlights wider security and privacy shortcomings in the personal finance world Continue Reading
-
News
23 Jul 2025
WhatsApp is refused right to intervene in Apple legal action on encryption ‘backdoors’
Investigatory Powers Tribunal to hear arguments in public over lawfulness of secret UK order requiring Apple to give UK law enforcement access to users’ encrypted data stored on the Apple iCloud Continue Reading
-
Opinion
23 Jul 2025
Is it time to rethink the OWASP Top 10?
The OWASP Top 10 serves as a key reference point for developers and security professionals, but with a new iteration on the horizon, we need to confront a hard truth: has it lost its effectiveness, or have we failed to implement it meaningfully? Continue Reading
-
Feature
23 Jul 2025
Disaster recovery: As-a-service vs on-premise?
It’s easy to backup to the cloud, and we run lots of applications there now, too. So, running DR as-a-service in the cloud makes perfect sense for many. We look at the pros and cons Continue Reading
-
Opinion
22 Jul 2025
Overconfidence in cyber security: a silent catalyst for CNI breaches
Many CNI organisations are perilously overconfident in their ability to manage and combat cyber risks, according to Bridewell research. This is leaving vital systems exposed. Continue Reading
-
News
22 Jul 2025
UK government to bring in ransomware payment ban
Critical infrastructure operators, hospitals, local councils and schools will be among those banned from giving in to cyber criminal demands as the UK moves forward with proposals to address the scourge of ransomware Continue Reading
-
News
22 Jul 2025
Interview: How OpenAI is making ChatGPT public and private sector-ready
We speak to OpenAI’s solution engineering lead, Matt Weaver, about enterprise adoption and making ChatGPT secure Continue Reading
-
News
21 Jul 2025
UK may be seeking to pull back from Apple encryption row with US
UK government officials say that attempts by the Home Office to require Apple to introduce ‘backdoors’ to its secure encrypted storage service will cross US red lines Continue Reading
-
News
21 Jul 2025
Darktrace buys network visibility specialist Mira
AI cyber giant Darktrace buys network security firm Mira for an undisclosed sum, seeking to enhance the tech stack it offers to highly regulated sectors Continue Reading
-
News
21 Jul 2025
The Security Interviews: Jason Nurse, University of Kent
Jason Nurse, reader in cyber security at the University of Kent, discusses the psychological side of cyber and online safety, why placing blame on users as ‘the weakest link’ is wrong – and why security pros should think about user needs more Continue Reading
-
News
21 Jul 2025
Netherlands calls for European shift to post-tracking internet as privacy laws fail
Dutch research institute argues decade of regulation hasn’t curbed surveillance capitalism, proposes fundamental business model change Continue Reading
-
News
17 Jul 2025
Estimated 96% of EMEA financial services sector not ready for DORA
Research from data backup provider Veeam indicates that vast majority of European financial services firms do not feel ready to meet the resiliency requirements of the EU’s DORA act Continue Reading
-
News
15 Jul 2025
Current approaches to patching unsustainable, report says
Organisations are struggling to prioritise vulnerability patching appropriately, leading to situations where everything is a crisis, which helps nobody, according to a report Continue Reading
-
Opinion
15 Jul 2025
Data (Use and Access) Act: Reflections on an eight-month statute
It took a long time, but the government's new data legislation finally made it into the statute book - it holds a lot of promise, but also leaves a lot of unanswered questions Continue Reading
-
Feature
14 Jul 2025
Assessing the risk of AI in enterprise IT
We speak to security experts about how IT departments and security leaders can ensure they run artificial intelligence systems safely and securely Continue Reading
-
News
11 Jul 2025
MoD supply chain cyber scheme gets up and running
The Ministry of Defence and IASME have launched a certification scheme for organisations working in the UK defence supply chain, with construction firm Morgan Sindall the first business to achieve compliance Continue Reading
-
News
11 Jul 2025
European Commission accused of rigging data watchdog appointment
The European Commission has been accused of rigging the selection process for the next European Data Protection supervisor Continue Reading
-
News
09 Jul 2025
NAO says government should employ data analytics to tackle fraud
The National Audit Office recommends public bodies share and manage data in a way that prevents fraud and saves taxpayers’ money Continue Reading
-
News
08 Jul 2025
M&S calls for mandatory ransomware reporting
The government should extend ransomware reporting mandates to businesses to help gather more intelligence and better support victims, says M&S chairman Archie Norman Continue Reading
-
News
08 Jul 2025
SEC and SolarWinds to settle lawsuit over 2020 breach
The US SEC and SolarWinds have reached a settlement in principle to resolve litigation over alleged security failings that led to the 2020 compromise of the supplier’s Orion platform by Russian cyber spies Continue Reading
-
News
08 Jul 2025
NHS trust accused of ‘at best cavalier, at worst deceitful’ behaviour after deleting emails
A London hospital trust faces allegations it withheld key evidence from a tribunal hearing after one of its directors attempted to destroy more than 90,000 emails Continue Reading
-
News
07 Jul 2025
Digital warfare is blurring civilian front lines
Singapore’s defence cyber chief warns that the traditional lines between military conflict and civilian life are blurring, with adversaries now targeting civilian systems and using AI to put the threat landscape on steroids Continue Reading
-
News
04 Jul 2025
Medow Health AI debuts AI scribe tool in Singapore
The Australian health technology company has launched its AI-powered scribe platform in Singapore to help healthcare professionals automatically capture and structure clinical notes, reports and referral letters Continue Reading
-
News
03 Jul 2025
Fine-tuning to deliver business AI value
Foundation AI models offer knowledge that spans the internet, but they generally lack an understanding of proprietary business data and processes Continue Reading
-
News
02 Jul 2025
Scattered Spider link to Qantas hack is likely, say experts
A developing cyber attack at Australian airline Qantas that started at a third-party call centre is already being tentatively attributed to Scattered Spider. Find out more and learn about the next steps for those affected Continue Reading
-
News
02 Jul 2025
Dutch study uncovers cognitive biases undermining cyber security board decisions
Dutch research reveals how cognitive biases can lead to catastrophic security decisions Continue Reading
-
News
01 Jul 2025
Cloudflare to let customers block AI web crawlers
Publishers and other providers of creative content now have the option to block AI crawlers from accessing and scraping their intellectual property with new tools from Cloudflare. Continue Reading