Regulatory compliance and standard requirements
-
News
24 Apr 2025
Data breach class action costs mount up
Organisations exposed to the US market paid out over $150m in class action settlements in just six months. Security leaders must do more to address cyber gaps, respond better to incidents and demonstrate compliance Continue Reading
-
Opinion
24 Apr 2025
Challenges persist as UK’s Cyber Security and Resilience Bill moves forward
Elements of the Cyber Security and Resilience Bill are welcome but questions remain about how best to act in the face of persistent challenges like geopolitical chaos, threats to critical infrastructure, and technological advances Continue Reading
-
News
21 Oct 2020
NSA’s top CVE list a timely reminder to patch
Many of the CVEs detailed on the NSA’s top 25 chart are golden oldies Continue Reading
-
News
21 Oct 2020
Charities warned over ‘Robin Hood’ cyber criminals
Accepting donations from cyber criminal groups could be deemed as profiting from crime, money laundering or handling stolen goods – so don’t do it Continue Reading
-
News
20 Oct 2020
Police given access to self-isolation data
NHS Test and Trace self-isolation data will be made available to police after new guidance changes data-sharing rules Continue Reading
-
News
20 Oct 2020
BA breach penalty sets new GDPR precedents
The 90% reduction in the fine levied on BA over a 2018 data breach has legal experts talking about the ramifications for the future of data protection Continue Reading
-
Podcast
20 Oct 2020
Podcast: Cybersecurity Awareness Month, Covid-19 and storage
We look at how organisations can use Cybersecurity Awareness Month as an opportunity to revisit their handling of data and compliance, especially with changes brought by Covid-19 and home working Continue Reading
-
Opinion
16 Oct 2020
Security Think Tank: Safeguarding PII in the current threat landscape
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cybercrime heighten risk for the enterprise, and what steps can we take to safeguard the personal data we hold? Continue Reading
-
News
16 Oct 2020
BA argues ICO data breach fine down to £20m
Information Commissioner’s Office levies fine of £20m on British Airways for failing to protect the personal data of hundreds of thousands of passengers – a vast reduction on the initial £183m penalty Continue Reading
-
News
16 Oct 2020
Spanish court to question witnesses over ‘illegal surveillance’ of WikiLeaks founder Julian Assange
The Spanish National Court in Madrid is to hear evidence from information security expert Andy Müller-Maguhn and two lawyers who were subject to ‘illegal surveillance’ of their meetings with Julian Assange at the Ecuadorian Embassy in London Continue Reading
-
News
15 Oct 2020
Cloud data protection keeps the Crick’s medical research Covid-secure
Cloud data management services from Rubrik gave the Francis Crick Institute a data protection edge and have helped keep its vital work going through the pandemic Continue Reading
-
News
14 Oct 2020
Public sector security failings leave UK at risk, says think tank
Reform report urges adoption of new policies in the next version of the UK’s National Cyber Security Strategy Continue Reading
-
News
14 Oct 2020
US Elections: Malicious internet domains spike as campaigns heat up
Internet domains related to the US presidential election are 56% more likely to be malicious than regular ones Continue Reading
-
News
14 Oct 2020
Fintech ‘unicorn’ Klarna probed over data misuse
Online bank blames misuse of user data on human error as Information Commissioner’s Office weighs in Continue Reading
-
News
13 Oct 2020
Suppliers neglecting virtual appliance security, putting users at risk
Software suppliers are often distributing their products on virtual appliances that contain known vulnerabilities or are running outdated or unsupported operating systems, according to a report Continue Reading
-
News
12 Oct 2020
Trickbot forced offline in major cyber security victory
Coalition led by Microsoft obtained a court order enabling them to take down the infamous Trickbot botnet’s back-end server infrastructure Continue Reading
-
News
12 Oct 2020
Five Eyes spy group again demands access to private messages
Spooks are once again calling for the tech industry to break end-to-end encryption in messaging platforms Continue Reading
-
News
12 Oct 2020
Making sense of zero-trust security
Implementing zero-trust security is not an easy feat, but enterprises can still get it right if they approach it from a process perspective and get a handle on their infrastructure footprint Continue Reading
-
Opinion
12 Oct 2020
Security Think Tank: Tighten data and access controls to stop identity theft
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cyber crime heighten risk for the enterprise, and what steps can we take to safeguard the personal data we hold? Continue Reading
-
Opinion
09 Oct 2020
Lapsing ISO certifications: Myth versus risk
Allowing ISO certifications to lapse presents businesses with serious risks when workarounds are possible Continue Reading
-
News
08 Oct 2020
NCSC relaunches SME security guide with home working focus
The NCSC is issuing an updated version of its guide to security for SMEs, reflecting the long-lasting changes to the world of work seen in 2020 Continue Reading
-
News
08 Oct 2020
Coronavirus face mask spammer fined by ICO
The director of software company Studios MG spammed members of the public at the height of the pandemic as one of its directors tried to shift a job lot of face masks Continue Reading
-
News
08 Oct 2020
Crown Prosecution Service suffers 1,600 data breaches in 12 months
CPS sees a spike in data security incidents, many of them serious enough to be reported to the Information Commissioner’s Office Continue Reading
-
News
08 Oct 2020
Threat of GDPR fines increasingly driving security buying decisions
Scaring the people who hold the purse strings may be the best option for CISOs who need a little extra budget Continue Reading
-
News
07 Oct 2020
5G regulation failures are a threat to UK’s national security
Defence Committee report on the security of 5G brands existing regulations outdated and unsatisfactory Continue Reading
-
News
07 Oct 2020
Department for Education failed to protect data on millions of children, says ICO
The Department for Education’s National Pupil Database, which contains millions of items of data on the UK’s schoolchildren, was found to be non-compliant with data protection regulations across the board Continue Reading
-
News
07 Oct 2020
ICO wraps up Cambridge Analytica investigation
Information Commissioner’s Office concludes its investigation into Cambridge Analytica, saying no additional evidence has come to light that would change its previous assessments Continue Reading
-
News
07 Oct 2020
Southeast Asia remains hotspot for cyber attacks
Geopolitics and Covid-19 have been fodder for cyber criminals to advance their motives in Southeast Asia in 2020 Continue Reading
-
News
06 Oct 2020
EU’s top court questions legality of UK phone and internet data surveillance
European Court of Justice rules that the UK and EU member states must comply with EU privacy laws when harvesting people’s sensitive communications data from telecoms and internet companies Continue Reading
-
Opinion
06 Oct 2020
The privacy and compliance challenges organisations face in 2021
Privacy and compliance teams have a lot on their plate as 2021 approaches. What are the key issues to consider? Continue Reading
-
News
06 Oct 2020
CISOs struggle to keep up with MITRE ATT&CK framework
Despite its proven benefits for security, the MITRE ATT&CK framework is proving difficult for many, according to a joint study from McAfee and UC Berkeley Continue Reading
-
News
05 Oct 2020
FBI seized ‘legally privileged’ material from Ecuador Embassy, claims Julian Assange’s lawyer
The US struck a secret deal with Ecuador to seize WikiLeaks founder Julian Assange’s property from the Ecuadorian Embassy in London days before his arrest. The haul included legally privileged documents, says his solicitor Continue Reading
-
News
02 Oct 2020
Honesty is the best policy: Forging a security culture in the NHS
Clinician and technologist Sam Shah helped set up NHSX in 2019. Now he’s helping advance digital transformation in healthcare from the outside, and a big part of that is addressing security in the sector Continue Reading
-
News
02 Oct 2020
Security pros face sanctions if they help ransomware victims pay
New advisory from the US government warns cyber insurance and incident response specialists that they could be skating on thin ice if they help ransomware victims pay their attackers off Continue Reading
-
News
01 Oct 2020
Judge to give verdict on Julian Assange’s extradition after Christmas
Judge Vanessa Baraitser said today that she would make a ruling in early January on whether WikiLeaks founder Julian Assange should be extradited to the US Continue Reading
-
News
01 Oct 2020
WikiLeaks revelations ‘shed light of truth’ on war on terror, court hears
WikiLeaks disclosures led to ‘revelations of extraordinary journalistic importance’ about detention in Guantanamo Bay and civilian casualties in Iraq and Afghanistan Continue Reading
-
News
30 Sep 2020
‘American friends’ spied on Julian Assange in Ecuadorian Embassy, court hears
Two former employees of UC Global, which provides security services to the Ecuadorian Embassy in London, claim the company shared surveillance footage with the US of the WikiLeaks founder meeting with lawyers and other visitors Continue Reading
-
News
29 Sep 2020
NatWest offers online banking customers free security services
Bank responds to a surge in cyber crime targeting users of online banking services Continue Reading
-
News
28 Sep 2020
Julian Assange would be held in ‘solitary confinement’ in US jail
WikiLeaks founder would be held in a cell the size of a parking space for 22 or 23 hours a day without contact with other inmates before trial Continue Reading
-
News
28 Sep 2020
Sustrans opens door to NCSC cyber certification via the cloud
Sustainable transport charity turned to Qualys to help it attain needed certifications to bid for government work Continue Reading
-
News
28 Sep 2020
Police Scotland to set up new cyber crime centre
National Centre of Excellence will employ specially trained officers to tackle a vertiginous rise in cyber crime Continue Reading
-
News
28 Sep 2020
Security now main driving force behind digital transformation
Organisations are urgently remodelling their core technology stack in the light of the Covid-19 pandemic, and this is pushing security to the top of the agenda Continue Reading
-
Opinion
25 Sep 2020
Covid-19 has changed how we think about cyber security forever
Six months into the global pandemic, the true impact on the future of cyber security is beginning to look clearer, says Microsoft’s Ann Johnson Continue Reading
-
News
24 Sep 2020
‘Not unjust’ to extradite WilkiLeaks founder Julian Assange, court hears
Nigel Blackwood, NHS consultant psychiatrist, told the Old Bailey court that WikiLeaks founder Julian Assange had ‘moderate depression’ and autistic traits, but said they did not prevent his extradition Continue Reading
-
News
24 Sep 2020
NHS whistleblower privacy concerns passed on to regulator, but campaigners not holding their breath
NHS Improvement chair Dido Harding acknowledges receiving concerns raised about the anonymity of whistleblowers, but campaigners have little faith that anything will be done Continue Reading
-
News
24 Sep 2020
Government blasted over ‘reckless’ contact-tracing security
The Open Rights Group and Big Brother Watch accuse the government of endangering public health with a reckless attitude to contact-tracing data security Continue Reading
-
News
24 Sep 2020
Australians want more control over privacy
Nearly nine in 10 Australians want more control and choice over the collection and use of their personal information amid declining trust in how organisations handle personal data, survey finds Continue Reading
-
News
23 Sep 2020
Over half of firms intend to continue US data transfers despite Schrems II
Survey shows many organisations do not intend to significantly change their data-sharing practices, at least until there is more guidance from regulators or governments Continue Reading
-
News
22 Sep 2020
GDS reviewing Cloud First policy post-Schrems II
Review seeks to determine the future of government engagement with cloud hosting services as they relate to cross-border data flows Continue Reading
-
Opinion
21 Sep 2020
Why business resilience management should be high on the agenda
Business resilience management is key to business survival in the face of rapidly changing IT, cyber threat and regulatory environments Continue Reading
-
News
21 Sep 2020
Big questions to be answered over TikTok and WeChat reprieve
TikTok and WeChat seem to have received a stay of execution, but big questions and contradictions remain Continue Reading
-
News
21 Sep 2020
WikiLeaks video ‘electrified’ public to civilian war deaths, court hears
New Zealand investigative journalist and author Nicky Hager said that WikiLeaks’ publication of a video showing a US helicopter firing on civilians, along with the publication of secret war logs, ‘electrified’ the world to civilian deaths Continue Reading
-
News
18 Sep 2020
Congressman offered Julian Assange a ‘win-win’ deal that would help President Trump
Details have emerged of US congressman Dana Rohrabacher’s offer of a pardon to WikiLeaks founder Julian Assange in a ‘win-win deal that would benefit US President Donald Trump Continue Reading
-
Feature
17 Sep 2020
Top five ways to benefit from tape today
We look at the benefits that tape can bring, including in backup and recovery, long-term and ‘warm’ archiving, compliance and WORM use cases and ‘air gapping’ to protect data Continue Reading
-
News
17 Sep 2020
Saudi Arabia sees cyber security boom as coronavirus bites
Saudi Arabian CIOs have been forced to increase their security posture as the Covid-19 pandemic transforms working methods Continue Reading
-
News
17 Sep 2020
What are the habits of highly effective CISOs?
Data crunched by Gartner analysts reveals the behaviours that differentiate the top-performing chief information security officers from the pack Continue Reading
-
Opinion
17 Sep 2020
Security Think Tank: Edge security in the world of Covid-19
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentre to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
16 Sep 2020
NCSC steps up ransomware support for schools and universities
New alert and updated guidance comes after several academic institutions were targeted in ransomware attacks Continue Reading
-
Opinion
16 Sep 2020
Security Think Tank: Edge datacentre security depends on specific needs
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
15 Sep 2020
Gartner Security Summit: Covid-19 brings agile security to the fore
The evolving threat landscape is the top driver impacting cyber security during the next three to five years, and Covid-19 has accelerated the trend towards more agile security deployments Continue Reading
-
Opinion
15 Sep 2020
Security Think Tank: No secret sauce for edge security, just good practice
That datacentre security is a complex subject is not in doubt, and given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
15 Sep 2020
TikTok-Oracle partnership moves forward for consideration
Joint venture proposal could create thousands of jobs and secure TikTok’s future outside China Continue Reading
-
News
15 Sep 2020
Data of every Welsh Covid-19 patient leaked online
Data on all 18,105 people in Wales who have received positive tests for the coronavirus was uploaded to a public-facing web server in error Continue Reading
-
News
11 Sep 2020
Travel industry websites are laughably insecure, claims Which?
The travel industry is failing to take the data security of its customers seriously, according to a Which? investigation Continue Reading
-
News
10 Sep 2020
Cyber security is next frontier for open source
Open security will facilitate the interoperability and capabilities of cyber security tools while alleviating vendor lock-in for enterprises, says IBM Continue Reading
-
News
08 Sep 2020
Julian Assange warned against interrupting witnesses in extradition hearing
On the second day of his extradition hearing at the Old Bailey, judge informs the WikiLeaks founder he could be removed and potentially banned from court for interrupting witnesses Continue Reading
-
News
07 Sep 2020
Court rejects request to exclude ‘11th hour’ US evidence against WikiLeaks founder Julian Assange
Lawyers for Julian Assange say the US has introduced an 11th hour indictment against the WikiLeaks founder that provides additional grounds for his extradition Continue Reading
-
News
07 Sep 2020
Government DPOs challenged by volume of GDPR work
Data protection officers working across the UK government are finding it tough to keep up with the increased workload generated by GDPR, according to a report Continue Reading
-
News
06 Sep 2020
Why predictive threat intelligence is key
Threat intelligence startup Cyfirma is using virtual agents to gather intelligence on potential cyber attacks that are being coordinated in underground forums before they occur Continue Reading
-
Opinion
04 Sep 2020
Security Think Tank: Beware security blind spots at the edge
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
02 Sep 2020
Northumbria University suffers major disruption after cyber attack
Some exams cancelled as university appoints external specialists to investigate incident Continue Reading
-
Opinion
02 Sep 2020
Sharing responsibility: Why we need to work together to keep the cloud secure
The education sector has been fundamentally altered by months of lockdown, with cloud services topping must-have lists for academic staff, but now it’s time to consider security Continue Reading
-
News
01 Sep 2020
Vint Cerf: Why everyone has a role in internet safety
The Covid-19 pandemic has demonstrated the power of internet connectivity. Vint Cerf talks to Computer Weekly about the challenges the internet now faces Continue Reading
-
Opinion
01 Sep 2020
Security Think Tank: Security at the distributed edge
That datacentre security is a complex subject is not in doubt, and given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
28 Aug 2020
Benefit fraud: Underground trade in stolen identities revealed
A roaring underground trade in stolen identities is undermining the Universal Credit system and could potentially defraud it out of millions of pounds Continue Reading
-
News
27 Aug 2020
DDoS downs New Zealand stock exchange for third day
Distributed denial of service attack from overseas has left stock exchange offline for days Continue Reading
-
News
27 Aug 2020
NHS whistleblowers’ anonymity at mercy of inadequate trust IT policies and processes
They were clapped in the streets for their bravery at the height of the Covid-19 pandemic, but some NHS staff who raise workplace concerns are suffering abuse as a result Continue Reading
-
Opinion
26 Aug 2020
What are the latest GDPR security breach enforcement trends?
A cyber breach specialist from Fieldfisher runs the rule over the latest trends in cyber security, data protection and GDPR Continue Reading
-
News
25 Aug 2020
TikTok takes Trump to court
Under-fire video app TikTok files a formal complaint in the federal courts challenging the Trump administration’s attempt to ban it in the US Continue Reading
-
Feature
24 Aug 2020
Getting physical with datacentre security
Whether it is natural disasters, terrorism or break-ins, datacentres will be vulnerable to a range of risks unless they are physically secured. Here’s how you can improve the physical security of your datacentre Continue Reading
-
News
21 Aug 2020
TikTok’s GDPR compliance probed amid accusations of data misuse
Dutch privacy organisation SOMI claims TikTok falls short in protecting young users, and that it is likely violating GDPR Continue Reading
-
News
21 Aug 2020
MPs accuse ICO of failing to do its job on contact-tracing data
Cross-party group of MPs say the ICO has failed to enforce data protection standards or hold the government to account over the unlawful Test and Trace programme Continue Reading
-
News
21 Aug 2020
Australian regulator sues RI Advice for cyber security lapses
The Australian Securities and Investments Commission is suing RI Advice for cyber security breaches at the financial firm’s authorised representatives Continue Reading
-
News
20 Aug 2020
UKAS rejects ISO certification concerns
UK’s certification body says refreshed guidance is in place to cover the possibility of lapsed ISO certifications Continue Reading
-
News
20 Aug 2020
Social media data leak highlights murky world of data scraping
A data brokerage left its database of 235 million Instagram, TikTok and YouTube profiles exposed to anybody who cared to access it Continue Reading
-
News
19 Aug 2020
HMRC investigates over 10,000 Covid-19 phishing reports
HM Revenue & Customs received thousands of reports of coronavirus phishing scams exploiting its name during April, May and June Continue Reading
-
News
19 Aug 2020
Coronavirus: Thousands of ISO certifications set to lapse
Delays and postponements in the auditing process are putting hard-earned security and data protection certifications at risk of lapsing Continue Reading
-
News
19 Aug 2020
Marriott slapped with class action lawsuit over 2018 breach
Group action brings together millions of victims who stayed at the Starwood hotel chain over a four-year period Continue Reading
-
News
18 Aug 2020
Carnival cruise lines hit by ransomware, customer data stolen
Cruise ship operator is likely to be the victim of a major data breach after customer information is apparently stolen in a ransomware attack Continue Reading
-
News
18 Aug 2020
Reports Oracle to enter TikTok bidding war
Oracle may be about to make a bid to acquire the US operations of TikTok from its Chinese parent ByteDance, according to the FT Continue Reading
-
News
17 Aug 2020
The Security Interviews: How Crest is remaking the future of consultancy
Crest president Ian Glover taught himself cyber security while working on government computing systems in the 1970s and 1980s. Now he is on a decade-spanning mission to change security consultancy models Continue Reading
-
News
14 Aug 2020
ICO acknowledges GDPR concerns over A-level results scandal
Information Commissioner’s Office says it has engaged with exams regulator Ofqual after its use of an algorithm to calculate A-level grades backfired Continue Reading
-
News
14 Aug 2020
Oracle and Salesforce sued over online ad tracking
Class action lawsuits filed in Amsterdam and London will accuse Oracle and Salesforce of breaching GDPR in their processing and sharing of personal data to sell online advertising Continue Reading
-
News
13 Aug 2020
APAC consumers do not feel responsible for data security
Just one in four consumers believe they should protect their own data, underscoring the tightrope between security and convenience that organisations have been walking on Continue Reading
-
News
12 Aug 2020
EU and US start discussions on ‘enhanced’ Privacy Shield data-sharing agreement
Talks begin on a successor to the Privacy Shield EU-US data-sharing agreement declared unlawful in July 2020 – a decision by the European Court of Justice that left thousands of businesses facing legal uncertainty Continue Reading
-
News
12 Aug 2020
Police use of facial recognition found ‘unlawful’ in court
In a landmark decision, the Court of Appeal has ruled that South Wales Police’s facial recognition deployments breached human rights and data protection laws Continue Reading
-
Opinion
11 Aug 2020
Why data exports from the EU will be challenging without Privacy Shield
Organisations exporting data to the US under Privacy Shield or overseas generally, whether under standard contractual clauses or binding corporate rules, need to urgently review the legal basis of these transfers Continue Reading
-
News
11 Aug 2020
French data protection authorities to probe TikTok as suitors circle
France’s CNIL has confirmed a new investigation into TikTok’s data protection practices Continue Reading
-
News
11 Aug 2020
Hospitality sector is failing on contact-tracing obligations
Cyber security experts urge the government to do more to help small hospitality businesses improve their contact-tracing data-handling practices Continue Reading
-
News
07 Aug 2020
Data Standards Authority publishes guidance on government data sharing
The Data Standards Authority (DSA) wants government departments to use new open data standards when sharing data, with the aim of improving public services Continue Reading
-
News
07 Aug 2020
TikTok to be banned in US in 45 days
Trump says his Executive Orders against Chinese mobile apps are in the interests of dealing with a national emergency Continue Reading
-
Feature
07 Aug 2020
How to achieve resilience – the modern uptime trinity
IT leaders can take responsibility for ensuring their organisations are resilient during times of crisis. There are no quick fixes, but if you think it is expensive to ensure resilience in your IT systems, try frequent failure instead Continue Reading