Regulatory compliance and standard requirements

Southeast Asian ‘white hat’ urges more countries to sign the Paris Call

A renowned ethical hacker in Malaysia has called for more nations to support the Paris Call for Trust and Security in Cyberspace to counter the threat of cyber warfare Continue Reading

Using tech to boost staff morale

In this week’s Computer Weekly, we look at the emerging technologies being used to improve employee experience and raise staff loyalty and motivation. The CIO of the Football Association explains how IT is changing the way the national game is administered. And we examine the growing role of AI in preventing cyber attacks. Read the issue now. Continue Reading

ICO joins international call for transparency around Facebook’s Libra currency

Data protection regulators from around the world have signed a statement raising privacy concerns about Libra Continue Reading

Security Think Tank: Close interdisciplinary ties are key to security integration

How can infosec professionals and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading

Enhancing business purpose with privacy compliance

Computer Weekly looks at the importance of building on basic GDPR compliance and making privacy a key foundation of business culture Continue Reading

Security Think Tank: CIA at heart of infosec-data architect partnership

How can infosec professionals and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading

Facebook asked to explain discrepancies in evidence over Cambridge Analytica

DCMS Committee chairman asks Facebook to clarify what it knew about Cambridge Analytica’s use of its data and when Continue Reading

GDPR taken more seriously after first fines

Security professionals believe the first big fines under the General Data Protection Regulation will get organisations to take the new rules more seriously, but will not necessarily change policies or practices Continue Reading

Leaked Sephora databases peddled on dark web

Cyber security firm finds two databases likely to be related to the Sephora data breach that affected online customers in Southeast Asia, Australia and New Zealand Continue Reading

Cisco pays $8.6m after whistleblower discloses security flaws in video surveillance system

James Glenn, a video surveillance expert working for a Cisco reseller in Denmark, alerted Cisco to security faults and stands to gain a share of a multimillion-dollar settlement with the US government Continue Reading

Australian firms grappling with “train-smash” of security legislation

While businesses should avoid going into checkbox compliance mode, the constant flux of regulations on cyber security and privacy has led to calls for more legislative coherence from regulators Continue Reading

ICO selects first innovation Sandbox participants

UK privacy watchdog has chosen the first firms to take part in its Sandbox programme aimed at developing innovative and beneficial products and services that are privacy compliant Continue Reading

Think beyond tick-box compliance

A year on since GDPR, many organisations are yet to stop fretting over fines and focus instead on business value Continue Reading

F-Secure talks up threat-hunting to stay ahead of cyber attacks in APAC

Cyber security firm calls for organisations to double up on threat-hunting now that nearly all attack and reconnaissance traffic is automated Continue Reading

Facebook shrugs off $5bn fine, reports strong quarter

Investors responded positively after social networking firm reported better-than-expected second-quarter results after budgeting for FTC fine, but the company faces a further antitrust investigation Continue Reading

Zuckerberg responsible for Facebook privacy compliance after $5bn FTC fine

Facebook pays record fine after breaching users’ privacy, following settlements with Federal Trade Commission and Securities and Exchange Commission Continue Reading

Controversial ‘immigration exemption’ used in 60% of cases

The UK government has used a controversial GDPR opt-out in response to the majority of its immigration-related data requests since the start of 2019, the High Court has heard Continue Reading

Phishing attack highlights cyber security need at universities

UK university cyber security is once again under the spotlight after Lancaster University reveals that it has been targeted by a phishing attack used to send fake invoices Continue Reading

Almost a third of European firms still not compliant with GDPR

Almost a third of European businesses admit they are still not compliant with the EU’s General Data Protection Regulation, but there are encouraging signs of increased maturity in data protection, with the new rules driving better, business-supporting practices Continue Reading

High Court to hear challenge to immigration exemption in DPA

The High Court is to hear a challenge by two human rights groups of a controversial clause in new UK data protection legislation they say is in conflict with the EU’s Charter of Fundamental Rights and undermines the General Data Protection Regulation Continue Reading

How Apollo 11 influenced modern computing

In this week’s Computer Weekly, on the 50th anniversary of the Moon landings we look at the influence Apollo 11 had on modern hardware and software. Our latest buyer’s guide examines data protection. And we find out how retailers with physical stores are using technology to respond to the rise of online shopping. Read the issue now. Continue Reading

Analytics and GDPR compliance: How to achieve it

Mathieu Gorge, CEO of Vigitrust, looks at technologies such as pseudonymisation that can help organisations stay GDPR-compliant while gaining value from analytics on customer data Continue Reading

GDPR one year in

Until recently, no one assumed the ICO would issue large fines for GDPR non-compliance. But that has all changed now that it plans to fine BA Continue Reading

Latest ICO fine highlights privacy due diligence

A week after issuing the first serious GDPR fines, the ICO has further underlined the importance of data stewardship and due diligence regarding privacy practices Continue Reading

MPs warn of data adequacy hole in no-deal Brexit

Transferring data to and from the EU will only be possible if an agreement is in place before the UK leaves. No deal means no data agreement Continue Reading

How IT pros are building resilience against email security threats

For most people, emails are an easy and harmless way to communicate in the workplace, but they could also be a security disaster waiting to happen Continue Reading

CW ASEAN: Trend Watch – Security

Artificial intelligence tools are becoming a vital part of the security arsenal for organizations and cyber criminals alike. In this handbook, Computer Weekly looks at how ASEAN firms are using AI to combat cyber threats and experts discuss the latest smart cyber security tools. Continue Reading

Australia’s Notifiable Data Breaches scheme drives compliance but issues remain

Australia’s data breach notification rules have largely been complied with, but some quarters are calling for more clarity on the reporting threshold and tougher action against errant firms. Continue Reading

Free tool reveals the true cost of ‘free’ online services

New data discovery portal developed by Finnish security firm F-Secure helps to uncover what Facebook, Amazon, Google and other tech giants know about consumers Continue Reading

CW ANZ: Trend Watch – Security

With regulations pushing data protection up the business agenda, we look at how Australia’s Notifiable Data Breaches scheme has been received and consider why a survey that found Australian firms are experiencing fewer cyber breach incidents appears to conflict with anecdotal evidence that suggests the opposite. Continue Reading

Security Think Tank: Engage business to address commercial risk

What strategies can infosec pros use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading

Parliamentary committee calls for halt to facial recognition trials

Issues with biometrics and forensics pose a significant risk to effective functioning of the criminal justice system, according to a report by the Science and Technology Committee Continue Reading

Most security pros still concerned about public cloud security

Despite accelerated adoption of public cloud services by companies keen to benefit from increased efficiency, scalability and agility, most security professionals have reservations Continue Reading

Security Think Tank: Translating GDPR compliance into business benefits

What strategies can information security professionals use to shift focus from General Data Protection Regulation fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading

NCSC calls out Microsoft over Dmarc reports

The UK’s cyber security agency has called out Microsoft for seriously undermining global email security by failing to provide crucial reports from its email platforms Continue Reading

UN resolution ignores special rapporteur’s call for halt to spyware sales

UN’s Human Rights Council adopts resolution to explore the impact of new and emerging digital technologies on human rights, but the text ignores a damning report by the council’s own expert on freedom of expression Continue Reading

Security Think Tank: Aligning data privacy with business objectives

What strategies can infosec pros use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading

BA/Marriott GDPR fines: What they were for and how to avoid them

We talk to Mathieu Gorge, CEO of Vigitrust, about the BA and Marriott GDPR fines and what organisations can do to ensure they achieve compliance with GDPR and similar regulations Continue Reading

Billion-dollar privacy penalties put CEOs on notice

Facebook’s potential $5bn settlement with the FTC follows notifications of planned GDPR fines for British Airways and Marriott International, underlining the importance of data stewardship Continue Reading

UK public sector needs to prioritise mobile device security

Only 10% of public service stolen and lost mobile are recovered, underlining the need for mobile-centric, zero-trust model to reduce the risk, says MobileIron Continue Reading

Security Think Tank: Don’t dismiss the business benefits of GDPR

What strategies can infosec pros use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading

New FinSpy versions extend surveillance capabilities

New versions of the FinSpy malware for iOS and Android smartphones have extended targeted surveillance capabilities, warn security researchers Continue Reading

Security Think Tank: Align compliance objectives with business goals

What strategies can information security professionals use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading

Dutch privacy watchdog tells banks not to use customer payment data for marketing

Autoriteit Persoonsgegevens tells banks to respect client privacy and not to market products based on spending data Continue Reading

Max Schrems not calling for SCCs to be invalidated

The privacy activist at the centre of legal battle against Facebook is not calling for all standard contractual clauses to be invalidated, according to his non-profit privacy organisation Continue Reading

Security Think Tank: Changing the GDPR focus to business benefit

What strategies can information security professionals use to shift focus from General Data Protection Regulation fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading

Demand for ICO help escalates in GDPR's first year

The past year has seen increased demand across all support services offered by the UK’s privacy watchdog as new data protection laws went into force Continue Reading

Marriott International facing £99m GDPR fine

Hotel group Marriott International is the second major company to be fined by the UK privacy watchdog for infringements of the GDPR Continue Reading

ICO issues warning about using facial recognition technology

The UK privacy watchdog has ruled that any police force or private organisation using live facial recognition technology is processing personal data and needs to pay attention to data protection laws Continue Reading

Data protection: How privacy can be a benefit, not a burden

With the growing number of data breaches, consumers are becoming increasingly concerned about how their data is used. Organisations can take advantage of this trend by treating data protection and user privacy as product features Continue Reading

Security Think Tank: Benefits of GDPR compliance

What strategies can information security professionals use to shift focus from General Data Protection Regulation fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading

European Court hears case on EU-US data transfers

Facebook could be forced to rethink its legal position regarding transfers of data of EU citizens to the US, as the CJEU considers the validity of standard contractual clauses that many businesses rely on Continue Reading

Drone tech and the roar of Malaysia’s flying dragons

Malaysia is ramping up initiatives to speed up the global growth of local technology champions in the drone tech sector Continue Reading

Security Think Tank: Embrace data protection as a necessary business process

What strategies can information security professionals use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading

British Airways facing £183m GDPR fine

British Airways is to appeal against a record fine for infringement of data protection rules for a breach of customer data in 2018 Continue Reading

Security and privacy key to smart buildings and cities

Security and privacy capabilities are essential for stakeholders if they are to realise the benefits of smart buildings and cities, says expert whitepaper Continue Reading

APAC experts weigh in on cyber security trends

The onslaught of cyber attacks being reported each day has been a wake-up call, but experts say businesses need to be mindful of the limitations of certain security measures Continue Reading

UK consumers still concerned about personal data security

Most UK consumers are still concerned about the security of their personal data, indicating that organisations need to do more to gain consumer trust, such as implementing biometric controls Continue Reading

Sweden’s Protective Security Act targets cyber risks

IT suppliers must comply with tighter cyber security requirements, but are being offered help from government agencies Continue Reading

Few UK firms are cyber insured despite financial losses

More than one-fifth of UK firms have been impacted financially by cyber attacks, yet potentially more than three-quarters of companies polled have never been insured for cyber-related losses Continue Reading

Facebook’s privacy game – how Zuckerberg backtracked on promises to protect personal data

Facebook promised its users privacy then quietly abandoned its promises in pursuit of profits. Now it faces antitrust regulation Continue Reading

Huge jump in cyber incidents reported by finance sector

The number of cyber incidents reported by financial services firms increased nearly 12-fold in 2018 from 2017, mainly due to third-party failures, highlighting several key areas that need improvement Continue Reading

Fido Alliance announces new standards

Fido Alliance announces new identity verification and IoT initiatives to expand the reach and impact of Fido authentication, which seeks to eliminate the world’s dependence on password-based security Continue Reading

Commercial interests put customer security at risk, survey shows

Firms are bypassing security to push products and services into the market, increasing security risks for the organisation and its customers, a poll of information security professionals shows Continue Reading

Singapore government forms digital industry office

New office will help local tech firms grow their regional footprint and build new capabilities in order to thrive in APAC’s booming digital economy Continue Reading

How facial recognition technology threatens basic privacy rights

As adoption of facial recognition systems continues to grow worldwide, there is increasing concern that this technology could undermine fundamental privacy rights and how it can be kept in check Continue Reading

UK cyber security progress stalled, says report

UK firms rank cyber attacks as a top business issue, but are stalling in cyber security best practice, lagging behind top performers in India Continue Reading

UK takes world lead in surveillance camera security

Although the UK is sometimes referred to as “the most surveilled country” in the world, it has taken the lead in setting minimum security requirements for surveillance cameras. But how will this make a difference internationally? Continue Reading

Disaster planning: How to expect the unexpected

Focusing too much on specific disasters rather than considering an organisation’s data protection, network security and process requirements, can lead to unpredicted vulnerabilities Continue Reading

Surveillance camera czar calls for stronger UK code of practice

Surveillance cameras are for supporting communities, not spying on them, but the UK needs stronger regulation and citizen engagement in this area, says surveillance camera commissioner Continue Reading

UK to host world’s first surveillance camera day

The UK is to host the world’s first surveillance camera day to raise awareness about surveillance cameras and generate a debate about how they are used Continue Reading

Singapore faced fewer cyber threats in 2018

Despite the fall in the number of common cyber threats last year, Singapore will continue to face advanced persistent threats, CSA warns Continue Reading

Inside F5’s cyber security playbook

F5 Networks' CISO talks up measures that the application delivery and security specialist is employing to fend off cyber attackers that come knocking on its doors Continue Reading

Austrian Supreme Court green-lights GDPR case against Facebook

A potential landmark case against Facebook for violating General Data Protection Regulation rights has been given the go-ahead by the Austrian Supreme Court Continue Reading

In a cyber data breach, preparation is key

The importance of preparation was strongly emphasised at a breach response workshop hosted by DAC Beachcroft as part of London Tech Week Continue Reading

MP brands Huawei exec a ‘moral vacuum’ as operators demand 5G clarity

Huawei chief security officer John Suffolk faces tough questions from parliament’s Science and Technology Select Committee over the firm’s links to the Chinese government Continue Reading

How ASEAN firms are using AI to combat cyber threats

Artificial intelligence tools are becoming a vital part of the security arsenal for organisations and cyber criminals alike Continue Reading

Is GDPR worth the cost?

Regulations have costs, which are meant to be recouped by the expected benefits. But who decides whether this is a good deal? Ultimately, it’s you Continue Reading

Big tech chiefs boycott parliamentarians investigating citizens’ privacy

An International Grand Committee on Big Data, Privacy and Democracy considers whether failure to protect citizens’ privacy constitutes grounds for anti-trust regulation against Facebook and other big tech companies Continue Reading

Beware of security blind spots in encrypted traffic

The growth of encrypted traffic has put the spotlight on intrusion prevention systems that help to surface cyber attacks conducted under the cloak of network encryption Continue Reading

Australia’s Notifiable Data Breaches scheme drives compliance but issues remain

Australia’s data breach notification rules have largely been complied with, but some quarters are calling for more clarity on the reporting threshold and tougher action against errant firms Continue Reading

Data governance: The importance of getting it right

With ever-increasing storage capacity, organisations are needing to take more control of their file management systems with thorough data governance policies. Otherwise, they run the risk of project data being exposed Continue Reading

Facebook loses bid to halt European court decision on EU-US data sharing

Irish Supreme Court dismisses attempt by Facebook to prevent the European Court of Justice considering the validity of US-EU data transfers, after Austrian lawyer Max Schrems argued that they put the privacy of EU citizens at risk Continue Reading

GCHQ urged to abandon plans to access encrypted chats

Tech companies and security and policy experts are calling for more dialogue with GCHQ on encryption, urging it to ditch its proposal for eavesdropping on encrypted chats Continue Reading

2.3 billion business and consumer data files exposed online

In the year since the GDPR compliance deadline, the number of data files exposed online without adequate protection is up more than 50% due to misconfigured security controls, report reveals Continue Reading

ICO to shortlist Sandbox applicants

Privacy watchdog’s Sandbox service aims to help develop innovative and beneficial products and services that are privacy compliant Continue Reading

Many search engine users unaware of personal data collection

Many users of online search engines are still unaware that data is being collected about them for personalised advertising, a study has revealed Continue Reading

Australian firms coming to grips with AI ethics

Australian businesses are warming up to AI, but just two in five have standards and guidelines for AI ethics, a study finds Continue Reading

Just over half of UK firms don’t have a cyber resilience plan

Many UK firms still lack cyber resilience and data protection capabilities covering email a year after the implementation of the GDPR aimed at improving personal data protection Continue Reading

GDPR: Are we there yet?

A full year since the General Data Protection Regulation was implemented, there has not been the severe punitive action expected by many and personal data breaches continue to happen, leaving many wondering if any progress has been made Continue Reading

Effect of GDPR yet to be felt, says law firm Hogan Lovells

Despite the fact that the GDPR has been in full effect for a year, the true effect of the regulation is yet to be felt and organisations should ensure they keep their eye on the ball, says leading privacy law firm Continue Reading

No real change a year into GDPR, says privacy expert

A year after the GDPR compliance deadline, many organisations still have a lot of work to do to make real changes and shift focus away from fines to business value and gain, says PwC’s GDPR and data protection lead Continue Reading

SurveyMonkey opens Dublin datacentre region to court data-security conscious enterprises in Europe

Online survey software provider SurveyMonkey is on a Europe-wide enterprise charm offensive, and is focusing on winning over CIOs with the offer to locally host their data within its European datacentre region Continue Reading

Arm China seeks solutions to US export controls with Huawei

Chip design firm in communication with Huawei-owned semiconductor firm HiSilicon following US move to halt exports of US technology to Chinese tech giant Continue Reading

IBM’s investment in automation pays off in GDPR’s first year

The first year of the EU’s General Data Protection Regulation has demonstrated the value of IBM’s investment in machine learning-based automation and the importance of having the right strategy and systems in place, according to the firm’s data protection officer Continue Reading

TalkTalk admits new failings in 2015 data breach notification

TalkTalk’s failure to notify all those affected by its 2015 data breach highlights the importance of data visibility so that breach notifications are fast and accurate – a key requirement of the GDPR Continue Reading

Singapore proposes data portability provisions

The Personal Data Protection Commission is seeking public feedback on proposed provisions that will let consumers move their personal data across organisations Continue Reading

GDPR an opportunity to improve data systems and processes

A year after the official implementation of the GDPR, it is important to highlight the positive opportunities that compliance provides and the insights breach reports are providing, say Deloitte consultants Continue Reading

ICO to support GDPR certification schemes

The UK data protection watchdog is accepting enquiries from organisations considering developing GDPR certification schemes, which the ICO says could help recipients achieve competitive advantage Continue Reading

Facebook engaged in ‘calculated’ campaign to eliminate competition, claims businessman

A US businessman is seeking damages from Facebook after accusing the social media company of unfairly blocking “humorous” Facebook pages which generated hundreds of thousands of dollars in advertising revenue Continue Reading