Regulatory compliance and standard requirements

Protecting your digital assets: Why it pays to invest in cyber insurance

Cyber insurance offers financial protection against the worst happening to a company’s data and digital assets, and is something few businesses can afford to be without Continue Reading

Privacy and data protection an opportunity, says entrepreneur

Organisations should see data protection and privacy compliance as an opportunity to build trust with customers, according to startup One.Thing.Less Continue Reading

GDPR cases drive bigger budgets for Nordic regulators

High-profile General Data Protection Regulation cases in Finland and Sweden have increased the workload for regulators, which are to receive an increase in funding Continue Reading

NCSC and ICO pledge to support data breach victims

The UK’s cyber security agency and privacy watchdog have agreed to work together to improve support for data breach victims and enhance cyber guidance Continue Reading

European Union to create central biometrics database

New rules will see the introduction of a repository of personal data from hundreds of millions of citizens to support law enforcement across member states Continue Reading

Politics, privacy and porn: the challenges of age-verification technology

The age-verification requirements of the Digital Economy Act are to come into force in July this year, but registering people’s personal details for accessing age-restricted content carries significant risks and challenges Continue Reading

Morrisons to launch fresh appeal against breach liability ruling

Supermarket chain Morrisons is to launch a second appeal against a High Court ruling that found it liable for a data leak by a former employee Continue Reading

Security Think Tank: Cyber attack survival not a matter of luck

How should businesses plan to survive a potential cyber attack extinction event? Continue Reading

Bounty UK fined £400,000 for sharing personal data unlawfully

UK pregnancy and parenting club fined for “unprecedented” level of unauthorised sharing of personal data by operating as a data broking service Continue Reading

Most organisations still lack incident response plans

Most companies lack incident response plans, others fail to test them and nearly half are not GDPR compliant, but some report improved security through automation, a study shows Continue Reading

UK councils team up to boost cyber security

Three UK councils and data analysis firm Splunk have teamed up to improve cyber defence capabilities and maintain their security systems Continue Reading

GDPR at a critical stage, says information commissioner

The ICO is calling on data protection officials to help kick off the next phase of the GDPR by embedding sound data governance at its annual conference, where another DPO was recognised for excellence Continue Reading

How APAC firms can tame the data beast

Companies and data management experts across Asia-Pacific reveal how they are tackling data management challenges that have been compounded by growing cloud usage and compliance requirements Continue Reading

London council fined by the ICO for disclosing personal information held on Met Police Gangs Matrix

The London Borough of Newham has been fined for disclosing the sensitive personal information of more than 200 individuals that police held information on Continue Reading

European firms see value in ‘known good’ approach to security

European data protection regulations are driving enterprise interest in an approach to security being championed by virtualisation software maker VMware, says the company’s security lead Continue Reading

Third-party Facebook apps expose 540 million users’ details

Researchers have discovered another trove of Facebook users’ details, showing there is still no control over data shared with third parties, potentially exposing Facebook to more regulatory and legal action Continue Reading

Government urges businesses and charities to up cyber security

The UK government is urging businesses and charities to take action to prevent cyber attacks as the costs go up, despite an overall reduction in breaches, partly driven by new data protection laws Continue Reading

Black Hat Asia 2019: Get ready for the cyber arms race

The arms race is now squarely in the cyber realm as defence teams and threat actors arm themselves with AI tools Continue Reading

Zuckerberg calls for new internet regulation

Facebook chief calls for new internet regulation in four key areas to define clear responsibilities for people, companies and governments, including more GDPR-aligned data protection rules Continue Reading

Mind the Brexit gap in cyber security

Leaving the EU could mean a new cyber security regime for the UK – firms need to understand how the changes might affect them Continue Reading

Singapore government to review data security in public sector

A high-level committee comprising ministers and private sector security experts will review data security practices and recommend measures to better protect citizens’ data Continue Reading

ICO kicks off sandbox beta to support innovation

The UK’s privacy watchdog has launched the first phase of an initiative aimed at enhancing data protection while supporting business innovation Continue Reading

Mind the overlap between GDPR and ePD, warns privacy lawyer

Organisations need to be aware of the overlaps between European data protection and privacy rules, and which takes precedence, a privacy lawyer warns Continue Reading

Mike Lynch heads to High Court to defend against HP allegations

The UK’s biggest fraud case commences, with the former CEO of Autonomy, Mike Lynch, attempting to clear his name Continue Reading

Small businesses hit hardest by cyber crime costs

Small businesses felt the biggest impact of the UK’s cyber crime bill in 2018, research shows Continue Reading

Facebook security policy and practices unfit, say infosec pros

Confidence in Facebook’s ability to keep users’ data safe has once again been shaken by revelations of poor password protection practices, prompting calls for a security review Continue Reading

UK police should not deploy live facial recognition technology until issues are resolved, MPs told

The Science and Technology Committee has heard from the information and biometrics commissioners about the flawed use of live facial recognition technology by UK police Continue Reading

Brexit complicating already complex data protection

GDPR impact is yet to be felt and data protection is set to become increasingly complex, with Brexit adding even more complexity that could be overwhelming, warns head of international privacy association Continue Reading

National Cyber Security Programme at risk of missing targets

The National Audit Office has sharply criticised the Cabinet Office over failings in how it set up the National Cyber Security Programme that mean it may struggle to meet its goals Continue Reading

Met Police collaborated with US prosecutors in WikiLeaks investigation

The Metropolitan Police has confirmed it exchanged information on WikiLeaks staff in the UK with the US Department of Justice, which is conducting criminal investigations into the organisation Continue Reading

ICO pledges to support innovation

UK data privacy watchdog is increasingly gearing up to support innovation to ensure developers of tech and digital services do not lose society’s trust Continue Reading

Security Think Tank: Is it true you can't manage what you don't measure?

What should be the key cyber security risk indicator for any business? Continue Reading

ICO data raises doubts over UK firms’ ability to manage breaches

Most ICO data breach reports late and incomplete prior to full GDPR implementation, FoI request data reveals, raising doubts about breach prevention, detection and response capabilities Continue Reading

CW Europe: Robots deliver savings for Dutch postal service

In this issue we look at how Dutch delivery company PostNL is reaping huge efficiency savings by using robotic technology to automate time-consuming administrative tasks, Facebook’s opposition to the referral of questions about the legality of data transfers between Europe and the US to the European Court of Justice, and how Oslo is thriving from a unique combination of business agility, a cultural receptiveness to technology, and a social desire to do good. Read the issue now. Continue Reading

ICO head still in top three of DataIQ data leader list

The UK’s information commissioner remains in the top three data leaders after claiming top spot in 2018 in the DataIQ 100 list of most influential data leaders, but GDPR is not the only focus in the industry Continue Reading

Zuckerberg commits to Facebook becoming privacy-focused

After a storm of controversy and criticism over the way Facebook fails to protect users’ privacy, the company’s chief says he plans to transform it into a privacy-focused platform Continue Reading

Singapore can now certify security products based on Common Criteria

The city-state is has attained the status of a Certificate Authorising Nation, enabling it to evaluate and certify security products under the Common Criteria standard Continue Reading

Cyber awareness of UK boards found wanting

Boards of many of the UK’s biggest firms must do more to be cyber aware, according to a government report. Continue Reading

Facebook asked George Osborne to influence EU data protection law

Facebook COO Sheryl Sandberg invited one of the chancellor’s children to Facebook’s office as part of a intensive lobbying programme to influence European data protection legislation Continue Reading

Facebook facing 10 GDPR investigations in Ireland

Ireland’s Data Protection Commission has revealed it has 10 active probes into Facebook, Instagram and WhatsApp, as well as Apple, LinkedIn and Twitter, on its books Continue Reading

GDPR: Irish Data Protection Commission may show where the WWW is heading

The Irish Data Protection Commission's (DPC) annual report makes interesting reading, given that the World Wide Web is celebrating its 30th birthday this month. People regularly give away vast ... Continue Reading

Most UK consumers say Facebook should be regulated

Nearly three-quarters of UK consumers feel the social platform is damaging people’s mental health, survey shows Continue Reading

Wearable technology in the workplace and data protection law

Wearable technology is slowly creeping into the workplace to monitor staff performance and health, but do employers understand the legal implications? We assess the data protection implications Continue Reading

EU gathers momentum in cyber security legislation and cooperation

The past two years have seen a step-change in the rate at which the European Union is putting legislation in place to support improved cyber security standards, collaboration and sharing of resources, says digital commissioner’s representative Continue Reading

Android now Fido2 certified

Mobile operating system’s certification accelerates global migration beyond passwords, says Fido Alliance, which seeks to eliminate the world’s dependence on password-based security Continue Reading

Facebook planned to spy on Android phone users, internal emails reveal

Facebook planned to use its Android app to track the location of its customers and to allow advertisers to send political advertising and invites to dating sites to ‘single’ people, confidential documents show Continue Reading

UK committed to working with EU cyber security partners

NCSC CEO uses cyber security conference in Brussels to set out his agency’s position on Brexit, 5G security, Huawei, market incentives and international cooperation on active cyber defence Continue Reading

IT Priorities 2019: Cyber security and risk management among top priorities for 2019

This year’s Computer Weekly/TechTarget IT Priorities research shows that cyber security and risk management are among the top investment priorities Continue Reading

Finding security in the cloud

When choosing a cloud security provider, enterprises will need to consider the level of data privacy and data security risk involved Continue Reading

Australian government warns of blockchain gaps

Digital Transformation Agency dispels some myths around blockchain, calling for government agencies to be cautious about using the technology Continue Reading

Dutch developer offers businesses nuclear security option for communications

Startup that created the secure platform for communication between world leaders at the 2014 Nuclear Security Summit in the Netherlands seeks to revolutionise business mail Continue Reading

APAC healthcare providers losing $23m to cyber attacks

Healthcare organisations in the Asia-Pacific region could lose an average of $23.3m to cyber attacks, including losses from productivity and customer churn, a study finds Continue Reading

A guide to choosing cloud-based security services

Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security Continue Reading

Security Think Tank: Approach UTM with caution

How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading

Data breaches in Australia show no sign of abating

Australia’s privacy watchdog recorded over 800 cases of data breaches, nearly one year into the country’s mandatory data breach notification regime Continue Reading

Civil liberties groups to challenge bulk surveillance and intelligence sharing in Strasbourg

Coalition of campaigning groups wins the right to challenge the UK’s use of bulk surveillance powers, which allows suspicionless surveillance of the population and sharing of intercepted data with overseas intelligence agencies, in European Court of Human Rights Continue Reading

Security Think Tank: Many routes to UTM to boost security capabilities

How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading

Innocent people arrested following surveillance blunders, IPCO reveals

Interception of communications commissioner Adrian Fulford warns of “grave” repercussions for people wrongly identified as suspects due to errors made when government bodies access email, phone and telephone data Continue Reading

ICO to audit Leave.EU and Eldon Insurance

UK privacy watchdog will audit the data protection practices at Leave.EU and Eldon Insurance and has confirmed fines for both companies for unlawful marketing messages Continue Reading

Airbus investigates personnel data breach

Intruders were detected in the information systems of manufacturer’s commercial aircraft business, highlighting the need for a new approach to data protection Continue Reading

Facebook profit up despite privacy failings

Social media giant reports profit gains for the last quarter and the past year, despite a string of privacy blunders that came to light in 2018 Continue Reading

Unconfigured IoT is a security risk, warns researcher

Internet of things researcher says unconfigured internet-connected devices are a largely unrecognised cyber security risk to businesses and consumers, and welcomes the increased likelihood of UK IoT legislation Continue Reading

No-deal Brexit would undermine digital economy, BCS warns

Skills, funding and the free flow of data are all at risk, says the chartered institute for IT Continue Reading

Data protection practices still poor, survey shows

Despite concerns over privacy and data protection and a greater understanding of best security practices, individuals and businesses are still falling short, a survey reveals Continue Reading

Minister urges UK firms to prepare for no-deal Brexit

On International Data Protection Day, the UK’s digital minister has added her voice to calls by the data protection watchdog for UK firms to prepare for a no-deal Brexit Continue Reading

Brexit and data protection: What’s next?

PA Consulting assesses how a no-deal Brexit would affect the flow of data from the UK into and out of Europe Continue Reading

ICO adds to guidance on ‘no-deal’ Brexit

The UK’s privacy watchdog has been advising UK firms to prepare for a no-deal Brexit and has added some guidance for SMEs Continue Reading

Former EU data protection tsar joins ICO

Former EU data protection supervisor joins the UK’s privacy watchdog as non-executive director, strengthening its commitment to international work Continue Reading

A cloud compliance checklist for the GDPR age

The cloud is supposed to make things simpler, but when it comes to compliance, things can get complex. Here is a look at the essential elements of a cloud compliance strategy Continue Reading

Poor practices expose 24 million financial records

Failure to maintain appropriate security controls has again led to the exposure of millions of sensitive data records, this time from the banking world Continue Reading

IoT application vulnerabilities leave devices open to attack

Barracuda Networks calls for internet of things devices to be subject to regular security review after researchers detail the application vulnerabilities of an internet-connected security camera Continue Reading

How to prepare for the UK’s uncertain Brexit terms

Analyst firm Gartner looks at the main business continuity plans that need to be in place Continue Reading

Thales eSecurity spins out nCipher

After just over a decade, Thales eSecurity has announced that it has spun out HSM specialist nCipher, the UK-based encryption firm it acquired for $100m in 2008 Continue Reading

Business failing to see strategic value of cyber security

UK businesses are failing to get value out of cyber security because they fail to see its strategic importance and often have a negative attitude towards security professionals, a study has revealed Continue Reading

AWS now accredited to run protected workloads in Australia

Accreditation from the Australian Cyber Security Centre will enable organisations to store and process sensitive data in the Amazon Web Services Sydney region Continue Reading

Facebook’s objections to court concerns over privacy more about ‘optics’ than facts

Facebook’s challenge to a High Court ruling that raises serious concerns about data transfers between Europe and the US is more about appearance than facts, lawyers for the Irish Data Protection Commission told Dublin's Supreme Court Continue Reading

Time to deploy strong authentication, says Fido

The time has come for organisations to deploy cryptographically backed strong authentication, according to the Fido Alliance, which seeks to eliminate the world’s dependence on password-based security Continue Reading

€50m GDPR fine for Google is a wake-up call for tech giants

The French data protection authority has fined Google €50m for contravening EU data protection laws, which has been hailed as a warning for tech giants and other data handling firms Continue Reading

Podcast: How to get ready for the California Consumer Privacy Act

If you have any customers in California, you need to know about that state’s equivalent to GDPR. Mathieu Gorge of Vigitrust talks through what you need to achieve compliance Continue Reading

Home Office vetoes privacy campaigner from senior post in surveillance watchdog

The Home Office refuses academic and privacy campaigner, Eric King, security clearance for a senior role at the intelligence services watchdog, despite high-level backing from officials Continue Reading

Five issues for SMEs to consider when adopting encryption

Encryption is still considered difficult to deploy and use as a data protection method, especially by small businesses, but considering five key factors can make adoption easier, says Becrypt Continue Reading

Prepare for no-deal Brexit, says ICO

The UK data protection authority is urging businesses to prepare for a no-deal Brexit to ensure there is no interruption in data flows from Europe Continue Reading

New Zealand faces more state-sponsored attacks

Nearly four in 10 cyber security incidents recorded by the National Cyber Security Centre were the work of state-sponsored threat actors Continue Reading

The rise of DevSecOps

The increasing complexity of security threats facing enterprises is leading to DevSecOps approaches, which combine operations and development with security, so that all business units are involved in security operations Continue Reading

Less than half of firms able to detect IoT breaches, study shows

UK firms have one of the lowest internet-of-things device breach detection capabilities in Europe, a study reveals Continue Reading

SingHealth and IT supplier fined S$1m for data breach

Singapore’s data protection commission considered the fact that both SingHealth and its IT supplier fell prey to sophisticated threat actors, among other factors, when meting out the fine Continue Reading

Right to be forgotten is not global, says EU court adviser

The right to be forgotten should apply only in the European Union, according to the chief adviser to the European Court of Justice Continue Reading

Podcast: Storage and compliance priorities in 2019

Mathieu Gorge, CEO of Vigitrust, looks ahead to key areas in compliance in 2019, including mushrooming data volumes, GDPR fines and the California Consumer Privacy Act Continue Reading

Technology innovation in music

In this week’s Computer Weekly, we visit the first hackathon at Abbey Road Studios, once home to The Beatles, to find out how tech startups hope to revolutionise music creation. Our latest buyer’s guide examines the technologies and benefits of perimeterless network security. And we look ahead to the key CIO skills and jobs trends for 2019. Read the issue now. Continue Reading

Security Think Tank: Meeting the security challenge of multiple IT environments

How can organisations combine software defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading

Data breaches affected more than a billion people in 2018

The personal information of more than a billion people was compromised in 2018 as companies holding the data failed to keep it safe Continue Reading

IT regulators and practitioners need common language

There needs to be greater understanding between lawmakers and technologists to ensure regulations do not have unintended consequences, says a US computer security researcher and bug bounty pioneer Continue Reading

Fortinet to lead cyber security discussion at WEF annual summit

The head of cyber security firm Fortinet has been named as a discussion leader at the upcoming World Economic Forum annual meeting in Davos, Switzerland Continue Reading

Can we live without passwords?

Can you imagine a future in which we can be secure online without having to remember an unwieldly list of passwords? Solutions are emerging that could make passwords redundant, but there will be other security problems to resolve Continue Reading

Marriott data breach losses could be over half a billion dollars

Direct losses related to a huge data breach at US hotel group could reach $600m Continue Reading

Lauri Love battles police for return of computers as NCA confirms live investigation

The National Crime Agency (NCA) confirms there is a live investigation into Lauri Love in the UK, as Love brings legal action against UK police for the return of seized computer equipment Continue Reading

ICO and government help UK businesses prepare for no-deal Brexit

The Information Commissioner’s Office (ICO) and the government are providing guidance for UK businesses, particularly SMEs, on how to prepare for a possible no-deal Brexit Continue Reading

UK trade sector risks GDPR fines over poor data disposal

UK businesses in the trade sector are risking GDPR fines for failing to wipe data from old IT equipment, a survey shows Continue Reading

Large disparity in NHS cyber skills and training spend

Despite government pledges to up cyber security spending across the NHS, there are still huge disparities in cyber security skills and spending on cyber security training, FoI requests reveal Continue Reading

Brexit implications for data protection

Leaving the European Union will have serious implications for data protection in the UK unless adequate steps are taken, so businesses are advised to have contingency plans in place Continue Reading