Regulatory compliance and standard requirements

EU seeking pan-European Covid-19 passport solution

The European Union’s proposal could see the creation of a Covid-19 vaccine passport to enable travel across the EU Continue Reading

Digital secretary Dowden outlines UK post-Brexit data approach

The UK government is searching for a new information commissioner with an updated remit to use data to support growth and innovation, and plans on reaching new international data partnerships Continue Reading

GCHQ sets out rules of the road for AI in cyber

A paper produced by GCHQ shows how the intelligence agency can use artificial intelligence responsibly as a tool to protect the UK’s national security Continue Reading

Npower shuts off app after credential stuffing attack

Npower customers will have to log in to their accounts on its website after its app was withdrawn following a security breach Continue Reading

Transport for NSW hit by Accellion breach

Australian state agency Transport for New South Wales is the latest victim of the supply chain attack against Accellion’s legacy file transfer system Continue Reading

Vaccine passports prove an ethical minefield

Privacy campaigners warn that vaccine passports may turn out to be discriminatory and invasive, while technologists agree careful consideration must be given to their design Continue Reading

Is Clubhouse safe, and should CISOs stop its use?

With more concerns being raised over the privacy and security of social media app Clubhouse, we consider whether security teams should consider restricting or stopping employees from using it Continue Reading

CyberScotland offers centralised security resource hub

Newly launched partnership brings together security resources for individuals and organisations across Scotland Continue Reading

Pandemic has exposed fractures in cyber fraud strategy

RUSI report urges a bolder and more coordinated response to cyber-enabled fraud as the pandemic lays bear the scale of the problem Continue Reading

European Commission proposes UK data adequacy agreement

The publication of two draft data adequacy decisions brings the UK closer to a final positive decision, which will enable the continued free flow of data between the EU and the UK if green-lit by member states Continue Reading

Biden will act on cyber security to fix SolarWinds mess

US will take action to modernise its defences in the wake of the SolarWinds attack, says US government cyber lead Anne Neuberger Continue Reading

Swedish police fined for unlawful use of facial-recognition app

Sweden’s data watchdog has found that Swedish police failed to conduct the data protection checks required by law before using controversial facial-recognition tool Continue Reading

City of Helsinki adopts MyData principles to improve digital services

Principles on the use of personal data for the benefit of society will guide Finnish capital’s ambitious digital plans Continue Reading

2020 a record year for cyber, thanks to Covid

The UK’s cyber industry now employs close to 50,000 people and contributes billions to the economy Continue Reading

Assessing UK law enforcement data adequacy

Data protection experts discuss the consequences of achieving data adequacy between the UK and EU for the UK’s intelligence services and criminal justice sector Continue Reading

Security pros agree: We need to take a break

As many as 85% of security staff engage in leisure activities during working hours, but they have excellent reasons for doing so Continue Reading

Qatar regulator launches platform to monitor human understanding of financial crime

Qatari financial services regulator works with global body to provide digital platform to assess whether financial services workers understand how to prevent financial crime Continue Reading

Security Think Tank: Towards a united state of security

As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading

Security Think Tank: Renewed US stability may ease cyber tensions

As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading

Security Think Tank: Biden must address insider security threat first

As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading

Hacked Finnish therapy business collapses

Vastaamo, the Finnish psychotherapy centre whose patients were blackmailed by a cyber criminal gang, has filed for bankruptcy Continue Reading

Is it time to ban ransomware insurance payments?

The former head of the NCSC recently called for a dialogue over whether or not it is time to ban insurers from covering ransomware payments. Is he on the right track? Continue Reading

Security Think Tank: Biden’s team can make a difference on security

As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading

Singtel falls prey to supply chain attack

The Singapore telco reveals that its Accellion file sharing system was illegally hacked in a supply chain attack Continue Reading

Security Think Tank: UK well-placed to work with Biden on cyber

As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading

Facebook sued for data-sharing practices with third parties

Data protection claim filed in London against social media giant for its alleged failure to give at least one million users in England and Wales meaningful control over their personal data Continue Reading

‘Batman Begins’ cyber attack is a warning to CNI providers

A thwarted cyber attack in a Florida town that could have resulted in the poisoning of the water supply is a timely reminder of the vulnerability of critical services Continue Reading

Security Think Tank: Biden has a chance to renew cyber alliances

As President Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard? Continue Reading

UK Cyber Security Council to take charge of skills strategy

New government-backed body will be set up to boost careers opportunities and professional standards in the cyber security sector Continue Reading

Too few UK organisations offering cyber training for remote work

Nearly a year into the pandemic, a study reveals a concerning tendency for organisations not to bother offering security training for remote workers Continue Reading

Data of thousands of Dutch citizens leaked from government Covid-19 systems

Weak access controls and outdated systems blamed for leaking of the personal details of thousands of Dutch citizens tested for Covid-19 Continue Reading

EncroChat: Appeal court finds ‘digital phone tapping’ admissible in criminal trials

Appeal Court decides EncroChat-encrypted phone records can be used in criminal trials. Critics say the decision means phone tapping no longer has a ‘clear meaning in the digital age’ Continue Reading

Fraud and cyber crime still vastly under-reported

The scale of digitally enabled crime in the UK is dramatically under-reported, new statistics indicate Continue Reading

‘Victory for free speech and openness’ after tribunal confirms no territorial restrictions to FOIA

Freedom of information tribunal rules that investigative journalists and others can use the Freedom of Information Act if they live outside the UK or are not British citizens Continue Reading

Hunting and anti-hunting groups locked in tit-for-tat row over data gathering

The leaking of internal documents has prompted a row between pro- and anti-hunting groups about the legality of the other’s data collection practices Continue Reading

Biometrics ethics group addresses public-private use of facial recognition

Home Office’s Biometrics and Forensics Ethics Group releases briefing note on the use of live facial recognition in public–private collaborations following a year-long investigation Continue Reading

Human factor dominates Australia’s latest data breach numbers

The number of data breaches resulting from human error increased by 18% in the second half of 2020, according to Australian government’s latest notifiable data breaches report Continue Reading

Conservatives broke data law to racially profile millions

The Conservative Party acted illegally in collecting data that inferred voters’ ethnicity and religious background, a Select Committee has heard Continue Reading

ICO extends commissioner Denham’s term of office

Extension of Elizabeth Denham’s tenure as information commissioner will give the government more time to appoint her successor Continue Reading

Salad as a service: How tech could revolutionise farming

In this week’s Computer Weekly, we find out how new technologies are supporting the rise of vertical farming, and could revolutionise food supply chains. We examine one of the biggest trends in the cloud – serverless computing. And Brexit has not yet ended the debate about UK-EU data protection. Read the issue now. Continue Reading

How can healthcare organisations fight increased cyber crime in 2021?

As the Covid-19 pandemic enters what may be its most dangerous phase, we explore how healthcare organisations can ward off cyber threats while preserving their ability to deliver critical care Continue Reading

Two-thirds of CISOs say they’ll be cyber attack victims this year

Security professionals are ever alert to the threats they face, but some still seem to think it is unlikely they will be attacked Continue Reading

Interview: Tony Porter, chief privacy officer, Corsight AI

Tony Porter speaks to Computer Weekly about the changes in facial-recognition during his time as surveillance camera commissioner, the ethics of using the technology, and his new role as chief privacy officer at Corsight AI Continue Reading

UK fraud agency deploys ArcGIS dashboard for data sharing

The National Fraud Intelligence Bureau says it has achieved improved transparency with the public, as well as saving 3,500 staff hours and £100,000 Continue Reading

Value of GDPR fines shows dramatic increase in 2020

European regulators imposed almost €160m worth of fines during the past 12 months, a substantial rise Continue Reading

Criminals fiddled stolen Covid-19 vaccine data to damage trust

Malicious actors manipulated stolen Covid-19 data in a way clearly intended to damage public trust in vaccines, says the EMA Continue Reading

MAS offers guidance on mitigating supply chain threats

Monetary Authority of Singapore revises its technology risk management guidelines to help the financial sector guard against supply chain attacks Continue Reading

Australians lost A$176m to scams in 2020

Investment scams topped the list of scams, which grew by 23.1% in 2020 as criminals exploited human psychology using social engineering Continue Reading

150,000 records accidentally wiped from police systems

Home Office claims data wiped from national police systems only relates to people who have never been convicted of a crime or had further police action taken against them following an arrest Continue Reading

US cyber security agencies get $9bn in Biden plan

New funding proposals come as US government reels from the impact of the December 2020 SolarWinds attack Continue Reading

All EU states can take data protection cases against Facebook, says EU court

An opinion from the European Court of Justice has the potential to lead to a flood of privacy complaints against Facebook if upheld Continue Reading

Experian calls for less bureaucratic data regulations

Open banking requires cross-industry collaboration, but sharing personal data requires explicit consent, which can become a bottleneck Continue Reading

Unforeseen consequences of new technologies put UK at risk

Lords committee told that the risks associated with various emerging digital technologies must be assessed together, with input from UK citizens, if the government is to avoid ‘siloisation’ of fundamentally interconnected problems Continue Reading

APAC firms grapple with cyber security amid pandemic

Some aspects of cyber security have taken a backseat as companies across the Asia-Pacific region rush to shore up their infrastructure to cope with the demands of remote work Continue Reading

Covid-19 immunity passport tests to begin in UK

A Covid-19 immunity and vaccination passport developed by two UK firms and backed by Innovate UK has entered the live testing phase Continue Reading

Palo Alto Networks opens Australia cloud location

The cyber security company’s Australia cloud location will address data localisation requirements amid growing adoption of cloud-based security services Continue Reading

Former ministers speak out on Mike Lynch extradition

As Mike Lynch, founder and former CEO of Autonomy, awaits his US extradition hearing, several former Tory MPs have expressed their concerns Continue Reading

Security Think Tank: Time for security teams to learn from Covid

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading

New SolarWinds CEO sets out rescue plan

Customers can expect to see more regular and thorough checks on SolarWinds products, alongside greater engagement with the security community Continue Reading

Security Think Tank: Don’t bet on a new normal just yet

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading

Government use of 'general warrants' to authorise computer and phone hacking is unlawful

A court has ruled that the security and intelligence services can no longer rely on ‘general warrants’ to authorise the hacking of large numbers of computers and phones belonging to UK citizens Continue Reading

Picking the right IAM tools is based on more than today’s needs

With remote working now normal, it is important to take proactive steps in managing credentials across platforms that can be subject to multiple data protection regulations. IAM services can streamline this process, but care must be taken to ensure the correct one is chosen Continue Reading

Which? online banking investigation reveals ‘worrying gaps’ in security

Consumer rights organisation has ranked the security of UK online current account providers Continue Reading

Biden picks cyber veteran to reinvigorate security response

Appointment of career intelligence operative Anne Neuberger signals refreshed security approach for the US government under Joe Biden's administration Continue Reading

WikiLeaks founder Julian Assange to remain in prison despite winning extradition battle

Judge cites Assange’s support of NSA whistleblower as one of the reasons for him being at high risk of absconding. He will remain in Belmarsh prison until the US government completes its appeal Continue Reading

SolarWinds attack almost certainly work of Russian spooks

Investigations into the far-reaching SolarWinds Solorigate attack did not let up during the holidays Continue Reading

Security Think Tank: Cyber effectiveness, efficiency key in 2021

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading

WikiLeaks founder Julian Assange cannot be extradited to face charges in US, court rules

Court rules it would be oppressive to send Julian Assange to the US to face trial after finding he is at high risk of suicide. US government says it will appeal Continue Reading

Security Think Tank: The year of the work-from-home hangover

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading

Journalists’ FOI bids stayed as court reconsiders freedom of information rights of people outside UK

Tribunal questions whether people without a British passport or Britons living overseas are eligible to use the UK’s Freedom of Information Act Continue Reading

Top 10 investigations and national security stories of 2020

Here are Computer Weekly’s top 10 investigations and national security stories of 2020 Continue Reading

Top 10 technology and ethics stories of 2020

Here are Computer Weekly’s top 10 technology and ethics stories of 2020 Continue Reading

Top 10 cyber crime stories of 2020

Here are Computer Weekly’s top 10 cyber crime stories of 2020 Continue Reading

Security Long Reads: Cyber insiders reveal what’s to come in 2021

In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021 Continue Reading

How to manage non-human identities

Identity management has traditionally focused on human identities, but non-human identities are proliferating and must not be overlooked. Businesses can reduce risk by managing both types of identity in the same way using a services-based approach Continue Reading

Top 10 cyber security stories of 2020

Here are Computer Weekly’s 10 top cyber security stories of 2020 Continue Reading

Ministry of Justice in the dock for catalogue of serious data breaches

Annual report reveals major incidents of personal data loss affecting 121,355 people and including misplaced, unencrypted USB stick containing documents from a trial, accidental disclosure of identities, and staff files made visible to unauthenticated users Continue Reading

EU security strategy a ‘step up’ on cyber leadership, says Brussels

The EU’s new cyber security strategy forms a key component of Shaping Europe’s Digital Future, the Recovery Plan for Europe, and the EU Security Union Strategy Continue Reading

UK police unlawfully processing over a million people’s data on Microsoft 365

The roll-out of Microsoft 365 to dozens of UK police forces may be unlawful, because many have failed to conduct data protection checks before deployment and hold no information on their contracts Continue Reading

Cyber crime victims in the Netherlands not reporting offences

Dutch victims of online crime rarely report it to the police and when they do, they are often dissatisfied Continue Reading

Negotiating the complexities of international transfers of personal data

How to navigate international data transfers, standard contractual clauses and the impact of Brexit on data protection Continue Reading

Singapore trials beacons to bolster police operations

Police beacons equipped with video cameras, sirens, floodlights and speakers are being deployed at two parks to improve public safety in a year-long trial Continue Reading

Met Police failed to clear backlog of subject access requests

Metropolitan Police failed to comply fully with an enforcement notice issued by the Information Commissioner, and despite hundreds of overdue subject access requests the regulator did not take further action Continue Reading

HMRC referred 11 data security incidents to ICO in 2019-20

HM Revenue & Customs shares details of a number of data security incidents that occurred during the 2019-20 financial year in its annual report Continue Reading

SIEM or SOAR or both? Consider your business complexity first

SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading

MI5 accused of withholding surveillance compliance failures from cabinet minister

MI5 withheld high-risk concerns about its ability to comply with legislation from the home secretary when it submitted applications for surveillance warrants, NGOs Privacy International and Liberty claimed last week Continue Reading

UK government ramps up efforts to regulate tech giants

The Digital Markets Unit of the Competitions and Markets Authority aims to protect consumer privacy and lower barriers to entry for businesses Continue Reading

NI police unable to delete data seized unlawfully from journalists for 10 years

The Police Service of Northern Ireland is unable to delete terabytes of unlawfully seized data taken from journalists who exposed police failings in the investigation of the Loughinisland sectarian murders Continue Reading

Algorithmic transparency obligations needed in public sector

Public sector’s use of algorithms with social impacts needs to be more transparent to foster trust and hold organisations responsible for the negative outcomes their systems may produce, says report Continue Reading

How to modernise identity governance and administration

Modernising identity governance and administration (IGA) capabilities is essential for organisations to manage identities effectively to ensure they remain competitive, compliant and secure Continue Reading

How Grab is using technology to improve trust and safety

Southeast Asian unicorn Grab is tapping artificial intelligence and other technologies to keep its users safe and cyber criminals at bay Continue Reading

Merger of national policing systems over budget and behind schedule

UK government effort to replace legacy IT systems suffers further delays, and will not be fully completed until 2025 at the earliest Continue Reading

From front line to back office – how supporting the cyber community keeps the NHS safe

NHS Digital’s chief information security officer describes how the Cyber Associates Network benefits security experts in health and care Continue Reading

Telcos could face huge fines under new security laws

Government boasts of unprecedented powers to boost the security standards of the UK’s critical national infrastructure Continue Reading

Data protection impact assessment tips and templates

Conducting a data protection impact assessment is key to evaluating potential risk factors that could pose a serious threat to individuals and their personal information. Continue Reading

Security pros fear prosecution under outdated UK laws

CyberUp, a group of campaigners who want to reform the Computer Misuse Act, finds 80% of security professionals are concerned that they may be prosecuted just for doing their jobs Continue Reading

Data silos and IT complexity stifle business potential

A study from 451 Research highlights the problems organisations face in managing data Continue Reading

Automated image recognition: How using ‘free’ photos on the internet can lead to lawsuits and fines

Germany-based photographer Marco Verch uses computer scripts to populate the internet with topical images and photographs. People and companies who make mistakes in following the complex licensing terms of his ‘free to share and adapt’ photographs receive threatening ‘legal’ demands Continue Reading

Kaspersky shuts down data-processing activities in Russia

Cyber security provider’s data storage and processing activities for customers in Europe, the US and Canada, have now been fully relocated to Switzerland Continue Reading

How to build an effective vulnerability management programme

As cyber criminals increasingly look to exploit vulnerabilities in software and hardware, businesses must build and implement an effective vulnerability management programme to counter this growing threat Continue Reading