Regulatory compliance and standard requirements
-
News
26 Sep 2023
Cover-ups still the norm in the wake of a cyber incident
Almost half of organisations that have experienced a cyber incident did not report it to the appropriate authorities, according to a report Continue Reading
-
E-Zine
26 Sep 2023
Preparing for post-quantum cryptography
In this week’s Computer Weekly, our latest buyer’s guide assesses the challenges for cryptography in the emerging era of quantum computing. Google Cloud experts explain how the internet giant is preparing its datacentres for a world of AI. And we examine the privacy, compliance and backup issues from generative AI. Read the issue now. Continue Reading
-
News
19 Dec 2018
Lauri Love battles police for return of computers as NCA confirms live investigation
The National Crime Agency (NCA) confirms there is a live investigation into Lauri Love in the UK, as Love brings legal action against UK police for the return of seized computer equipment Continue Reading
-
News
13 Dec 2018
ICO and government help UK businesses prepare for no-deal Brexit
The Information Commissioner’s Office (ICO) and the government are providing guidance for UK businesses, particularly SMEs, on how to prepare for a possible no-deal Brexit Continue Reading
-
News
13 Dec 2018
UK trade sector risks GDPR fines over poor data disposal
UK businesses in the trade sector are risking GDPR fines for failing to wipe data from old IT equipment, a survey shows Continue Reading
-
News
11 Dec 2018
Large disparity in NHS cyber skills and training spend
Despite government pledges to up cyber security spending across the NHS, there are still huge disparities in cyber security skills and spending on cyber security training, FoI requests reveal Continue Reading
-
Feature
05 Dec 2018
Brexit implications for data protection
Leaving the European Union will have serious implications for data protection in the UK unless adequate steps are taken, so businesses are advised to have contingency plans in place Continue Reading
-
News
05 Dec 2018
UK consumers threaten data breach backlash
Most UK and global consumers are willing to walk away from businesses that fail to look after personal data, with retailers most at risk, research shows Continue Reading
-
News
03 Dec 2018
Liberty heads for judicial review over Investigatory Powers Act
The UK's powers to conduct supsicionless bulk surveillance on individuals and organisations face a legal challenge in the high court next year Continue Reading
-
News
03 Dec 2018
UK government commits to opening up data in bid to push adoption of AI
Opening up data is vital to government plans to push adoption of artificial intelligence across all sectors of the UK economy Continue Reading
-
News
30 Nov 2018
Marriott data breach highlights basic failings
A breach of a guest reservation database of the Starwood division of the Marriott International hotel group highlights basic personal data protection failures Continue Reading
-
News
29 Nov 2018
UK cyber security strategy making ‘good progress’
The National Cyber Security Strategy is making good progress, but there is much left to be done, according to a Cabinet Office official Continue Reading
-
News
28 Nov 2018
Cyber resilience lacking due to apathy of UK leaders
An unwillingness to accept that cyber is a real threat to critical national infrastructure by UK political and business leaders has resulted in a lack of resilience, says security industry veteran Continue Reading
-
News
28 Nov 2018
CIO interview: Stephen Docherty on NHS data sharing
The Cambridge Analytica scandal raised awareness about privacy. Stephen Docherty, CIO of South London and Maudsley NHS Trust, explains why Continue Reading
-
News
27 Nov 2018
Businesses failing to win consumer trust
Businesses are still largely failing to win the trust of consumers to keep their personal data safe as data breaches continue to make headlines Continue Reading
-
News
27 Nov 2018
ICO fines Uber £385,000 for data protection failings
Like Facebook, Uber has escaped a potentially much higher fine for data protection failings because the 2016 breach that affected millions of UK customers is not covered by the GDPR Continue Reading
-
News
27 Nov 2018
GDPR is encouraging UK IT directors to pay cyber ransoms
As predicted ahead of the General Data Protection Regulation enforcement deadline, research shows that fear of fines under the new laws is making some firms more likely to pay cyber ransoms Continue Reading
-
News
26 Nov 2018
Unprecedented actions by Commons committee augur badly for Facebook
House of Commons’ serjeant-at-arms effectively arrested the CEO of a US software company and frogmarched him to Parliament, where he was told he would be imprisoned if he failed to hand over papers on Facebook Continue Reading
-
News
22 Nov 2018
ICO finds Metropolitan Police's Gangs Matrix seriously breaches data protection laws
A year-long ICO investigation has highlighted major problems with how the Metropolitan Police handles and shares the personal data of individuals on its Gangs Matrix Continue Reading
-
News
20 Nov 2018
Dutch audit finds Microsoft Office leaks confidential data
The diagnostics Microsoft Office collects from users should be a source of concern for any government CISO, according to a DPIA audit Continue Reading
-
News
20 Nov 2018
Police challenged over refusal to disclose files on WikiLeaks staff
Lawyers will challenge the Metropolitan Police Service today to confirm or deny whether it holds correspondence with US law enforcement about three WikiLeaks staff – including two UK citizens – in a freedom of information tribunal Continue Reading
-
News
19 Nov 2018
Government lacks cyber resilience leadership, according to MPs
The government lacks political leadership and urgency in dealing with cyber threats, according to Joint Committee on National Security Strategy, calling for a minister in charge of delivering cyber resilience Continue Reading
-
News
17 Nov 2018
Credit card fraud in ANZ showing no signs of abating
The value of fraudulent transactions more than doubled that of legitimate purchases during the third quarter this year Continue Reading
-
News
16 Nov 2018
Three factors marginalising the CISO role
Chief information security officers are typically marginalised due to three factors, and de-coupling the technical and managerial aspects of the job will enable empowerment, says consultant Continue Reading
-
News
16 Nov 2018
Many firms still stuck in GDPR prep phase six months after its initiation
Six months after the GDPR compliance deadline, many companies are struggling to make data protection principles part of everyday business, says PwC’s GDPR and data protection lead Continue Reading
-
News
16 Nov 2018
Why is hiring a government chief security officer such a tricky business?
Security bosses and CIOs weigh in on why they think the government is struggling to recruit a chief security officer Continue Reading
-
15 Nov 2018
Global IoT security standard remains elusive
Despite the lack of a global internet of things security standard, existing security frameworks are on the same page in areas such as device upgradability and data stewardship. Continue Reading
-
News
15 Nov 2018
Members of Parliament should back EU Withdrawal Agreement, says industry
Industry experts say the government’s EU Withdrawal Agreement is far from perfect and still requires more clarity, but call on MPs to back it, as it’s better than a No-Deal Brexit Continue Reading
-
News
15 Nov 2018
DeepMind won’t share patient data with Google ‘at this stage’, says company’s health boss
Amid concerns and questions around Google’s takeover of the DeepMind’s Streams app, Dominic King, the company’s health lead, promises that ‘at this stage’, nothing will change, and it won’t share any patient data with the internet giant Continue Reading
-
Feature
14 Nov 2018
It’s complicated: How enterprises are approaching IAM challenges
Identity and access management challenges are evolving with digital transformation. Computer Weekly explores some of the ways organisations are ensuring the right people gain the right access to the right resources Continue Reading
-
News
13 Nov 2018
Thailand’s Democrat Party holds election with blockchain
The Zcoin blockchain was used to store file hashes of voting data and identities of voting members of Thailand’s main opposition party Continue Reading
-
News
12 Nov 2018
EU regulation set to advance single market for non-personal data
The European Union Council and Parliament have approved a regulation, to take effect in six months’ time, to ensure the free movement of non-personal data, such as IoT data, across the bloc Continue Reading
-
News
08 Nov 2018
GDPR a challenge to AI black boxes
Most artificial intelligence “black boxes” do not comply with EU data protection laws and will have to be re-engineered, warns security researcher and consultant Continue Reading
-
News
08 Nov 2018
Increasing value of personal data a 21st century challenge
The increasing value of personal data presents the challenge of managing a personal data economy, says identity and security expert Continue Reading
-
News
07 Nov 2018
Cyber security high on European Commission agenda
The European Commission is recognising the growing importance of cyber security to the digital economy and is increasing funding to support research, resilience and cooperation Continue Reading
-
Opinion
06 Nov 2018
Making the UK the safest place to live and work online
Government, industry and individuals all have to play their part in enhancing cyber security practices Continue Reading
-
News
05 Nov 2018
Banking sector leading CIAM innovation, say Big Four
Maturity in consumer identity and access management (CIAM) differs from sector to sector, with the banking sector taking the lead in terms of innovation, according to the Big Four accounting firms Continue Reading
-
News
02 Nov 2018
DevSecOps not limited to coding, says analyst
DevSecOps is seen as a way of ensuring application security, but security leaders must understand that embedding a security culture and taking the inter-dependencies of new development frameworks into account is key, says KuppingerCole Continue Reading
-
News
02 Nov 2018
Facebook to appeal EU-US data transfer ruling in Irish Supreme Court
Facebook will appeal a decision by the Irish High Court to refer questions over the legality of EU-US data transfers to the European Court of Justice in January, as the Dublin court rejects attempt by a UK IT expert to join the case Continue Reading
-
News
02 Nov 2018
Radisson hotel group could be GDPR test case
Privacy watchers say the breach of personal data of members of the Radisson Hotel Group’s loyalty scheme could be an interesting test case for how the GDPR will be applied Continue Reading
-
News
01 Nov 2018
Key elements to success in consumer identity management
Success in consumer identity management is not just about getting the technology right, it is also about keeping in mind the consumer needs, preferences and concerns, says KuppingerCole Continue Reading
-
News
31 Oct 2018
GDPR driving data protection maturity
The EU data protection laws are helping to drive data protection maturity internationally, but five months after enforcement many companies are still playing catch-up, says consultant Continue Reading
-
News
30 Oct 2018
Australia’s data breaches are a ‘sign of naiveté’
McAfee executive attributes Australia’s poor cloud security record to the lack of data protection measures amid “new and confusing” cloud configurations Continue Reading
-
Opinion
26 Oct 2018
As data volumes grow, backup needs analytics, says StorageCraft CEO
Backup appliance maker’s CEO says backup needs analytics so customers can prioritise restore of critical data in a world where volumes increase by 50% a year Continue Reading
-
News
26 Oct 2018
IoT ecosystem needs to be investigated, say experts
A conference of IoT experts convened by Enisa and Europol has made key recommendations to ensure security vulnerabilities do not overshadow benefits Continue Reading
-
Opinion
25 Oct 2018
Mitigating third-party cyber risks in a new regulatory environment
GDPR and the NIS Directive increase the focus on managing cyber security throughout the supply chain. Organisations need to check their suppliers are compliant Continue Reading
-
News
25 Oct 2018
MEPs call for action in wake of Facebook-Cambridge Analytica scandal
European members of parliament demand action to protect citizens’ privacy from abuses such as those uncovered in the Facebook-Cambridge Analytica data sharing scandal Continue Reading
-
News
25 Oct 2018
ICO issues maximum £500,000 fine to Facebook
The UK privacy watchdog has confirmed that Facebook has escaped a fine of more than $1bn under the GDPR, but will face the maximum under the DPA for failing to protect users’ personal information Continue Reading
-
News
25 Oct 2018
Cathay Pacific under fire over breach affecting 9.4 million passengers
Hong Kong-based airline reveals massive data breach of the most sensitive personal data of passengers five months after loss was confirmed Continue Reading
-
News
25 Oct 2018
Becrypt security platform helps ease cloud adoption
Becrypt’s secure operating system is driving a new service aimed at helping organisations reduce cost and increase agility in using cloud-based services and online applications Continue Reading
-
News
23 Oct 2018
Morrisons loses appeal against data breach liability ruling
Supermarket chain has lost its appeal against a High Court ruling that found it liable for a data leak by a former employee, underlining the importance of managing insider threats Continue Reading
-
News
19 Oct 2018
Learn lessons from attacks, says McAfee investigations chief
Organisations should use every cyber attack as an opportunity to learn, identify weaknesses and improve security posture, according to McAfee’s head of cyber investigations Continue Reading
-
News
18 Oct 2018
NHS standards framework aims to set the bar for quality and efficiency
NHS Digital’s standards framework sets out renewed commitment to implement and use open standards across the NHS Continue Reading
-
News
18 Oct 2018
Time to implement new cyber security protections, says McAfee CEO Chris Young
Convergence of threats and technologies and an increasingly complex regulatory environment are driving the need to implement new cyber security protections, says McAfee chief Continue Reading
-
News
16 Oct 2018
UK faces 10 cyber attacks a week as hostile states step up hacking, says NCSC
The UK’s National Cyber Security Centre has thwarted more than 1,600 attacks over the past two years – many by hostile nation states Continue Reading
-
News
15 Oct 2018
Tech companies should not be under legal duty to remove terrorist material, says watchdog
The internet should not be a safe place for terrorists, but making it compulsory for technology companies to trawl for radical content risks interfering with the rights of innocent people, says Max Hill QC, the independent reviewer of terrorism legislation Continue Reading
-
News
15 Oct 2018
Good data governance is good business
Organisations are failing to understand the importance of getting their data relationship with customers right and seeing the business opportunities that it enables, an industry analyst warns Continue Reading
-
News
15 Oct 2018
Apple challenges Australia’s proposed decryption law
Tech giant Apple argued that the lack of judicial oversight could reduce customer trust and security, among other reservations over Australia’s draft decryption legislation Continue Reading
-
News
11 Oct 2018
MEPs urge Facebook to roll out election fraud prevention measures
Facebook is coming under pressure from European lawmakers to do more to prevent its user data from being misappropriated during elections Continue Reading
-
News
10 Oct 2018
Detail of Dutch reaction to Russian cyber attack made public deliberately
Four Russian intelligence officials were expelled from the Netherlands after an attempted hack on the global chemical weapons watchdog. The Dutch government has been open about the detail Continue Reading
-
Opinion
09 Oct 2018
Security Think Tank: Monitoring key to outcomes-based security
What is the first step towards moving from a tick-box approach to security to one that is outcomes-based, and how can an organisation test if its security defences are delivering the desired outcome? Continue Reading
-
News
08 Oct 2018
High Court blocks Google iPhone privacy lawsuit
The UK High Court has thrown out a group action lawsuit against Google for tracking iPhone browsing data, but campaign group Google You Owe Us, which brought the litigation, will appeal the decision Continue Reading
-
News
08 Oct 2018
ICO hits Heathrow Airport with £120,000 data breach fine over lost USB stick
Information Commissioner’s Office fines airport after a member of the public came across a USB stick containing sensitive personal information about airport staff Continue Reading
-
Opinion
08 Oct 2018
Customers need to be at the centre of GDPR plans
Responding to a breach is not just about data, it is about taking care of, and protecting, customers Continue Reading
-
News
05 Oct 2018
GDPR case work swamps Denmark’s data protection agency
The agency investigating alleged breaches of GDPR in Denmark is recruiting additional resources to cope with the increase in work Continue Reading
-
Opinion
04 Oct 2018
Security Think Tank: Use Cyber Essentials to kick-start outcomes-based security
What is the first step towards moving from a tick-box approach to security to one that is outcomes-based and how can an organisation test whether its security defences are delivering the desired outcome? Continue Reading
-
News
01 Oct 2018
Facebook could face up to $1.6bn fine for data breach
Facebook is under increased pressure to demonstrate that users’ personal data is protected as it faces a potential fine of more than a billion dollars for a data breach affecting millions of users Continue Reading
-
News
28 Sep 2018
EU sees eIDAS regulation come into full force
A regulation aimed at cutting red tape to enable a digital single market in Europe will soon be in full force, but it could present some challenges to the UK after Brexit Continue Reading
-
Feature
27 Sep 2018
Prepare now for quantum computers, QKD and post-quantum encryption
The predicted processing power of quantum computers is likely to make existing encryption algorithms obsolete. Quantum key distribution (QKD) is a possible solution - we investigate whether QKD is viable Continue Reading
-
News
26 Sep 2018
ICO threatens fines for outstanding fees
The UK’s privacy watchdog has issued warning letters to organisations, including some NHS trusts and government organisations, for failing to pay a new data protection fee Continue Reading
-
News
26 Sep 2018
Financial services firms face potential security bombshell
UK financial services are facing a security crisis over outdated services and applications, a survey shows Continue Reading
-
News
25 Sep 2018
PCI DSS compliance falls despite security benefit
Despite the benefits of the payment card industry security standard, there is a concerning downward trend in compliance, a report reveals Continue Reading
-
News
19 Sep 2018
Europol cyber crime report highlights emerging threats to enterprise security
Research highlights increase in sophistication of ransomware attacks, while revealing details of new and emerging threats to enterprises Continue Reading
-
Podcast
14 Sep 2018
Printing, document capture and compliance risk in the GDPR era
Printers, scanners and mobile devices that capture data from documents all store data in some way or other. How can you be sure to be compliant with GDPR with regard to that data? Continue Reading
-
News
13 Sep 2018
No Deal Brexit may hinder free flow of personal data from EU to UK
The government’s No Deal Brexit planning document on data protection warns free flow of personal data from EU isn’t guaranteed, and organisations must take action to ensure they will still be able receive data from Europe Continue Reading
-
News
13 Sep 2018
GCHQ mass surveillance regime was in breach of human rights law, European court rules
The European Court of Human Rights in Strasbourg has ruled that the UK’s collection of bulk interception of communications data lacked adequate oversight and safeguards and was in breach of human rights law Continue Reading
-
News
12 Sep 2018
FCA warns it cannot manage financial crime risks without sharing data with EU
FCA admits it will be unable to manage financial crime effectively if it cannot share data with EU authorities. Continue Reading
-
News
11 Sep 2018
British Airways data breach: Security researchers name suspects and query attack timeline
Security researchers claim to have pinpointed the cause and perpetrators of the British Airways data breach, and also claim the attackers may have had access to its customer data for far longer than previously thought Continue Reading
-
News
10 Sep 2018
Cyber criminals outspend businesses in cyber security battle
Cybercriminals are flexing their financial might and UK organisations are facing more attacks as a result Continue Reading
-
News
07 Sep 2018
BA praised for swift GDPR-aligned action on data breach
British Airways has been praised for its swift response to a customer data breach, which could be the first test case under the EU’s GDPR and new UK GDPR-aligned data protection laws Continue Reading
-
News
03 Sep 2018
Majority of UK firms not insured for data breaches
Many UK firms are not insured against information security breaches and data loss, and would have to spend £1m on average to recover from a breach, a report reveals Continue Reading
-
News
30 Aug 2018
Blockchain gains foothold in Australia
A number of blockchain projects are under way in Australia, but questions remain about whether the technology is wanted Continue Reading
-
News
29 Aug 2018
Improving security is top driver for ISO 27001
Organisations are implementing the ISO 27001 standard in recognition of the fact that cyber attacks are increasingly inevitable and that it is best to be well-prepared to fend off attacks and mitigate their effect Continue Reading
-
News
28 Aug 2018
Challenge to anti-GDPR immigration exemption in DPA to go ahead
Two human rights groups are challenging a controversial clause in new UK data protection legislation that they say is in conflict with the EU’s Charter of Fundamental Rights and undermines the General Data Protection Regulation Continue Reading
-
News
23 Aug 2018
Australian government agency trials secure cloud service
The Digital Transformation Agency has become the first government agency in Australia to test the use of Microsoft Office 365 in a secure cloud environment Continue Reading
-
News
22 Aug 2018
Nearly a third of organisations still not GDPR ready
As the UK and other states implement the EU’s GDPR, many organisations admit they are still not fully compliant, but most claim to be able to respond to data subject access requests Continue Reading
-
Opinion
22 Aug 2018
Better the data you know – how GDPR is affecting UK tech companies
As the dust settles from the General Data Protection Regulation, the implications for technology firms in the UK are becoming clearer Continue Reading
-
News
22 Aug 2018
Superdrug denies data breach
Superdrug has warned online customers it believes may have had personal details exposed, but claims its systems were not compromised, in what could be the first GDPR-related extortion attempt Continue Reading
-
News
21 Aug 2018
New Zealand to run national cyber security exercise
The island-nation will test the resilience of its critical infrastructure in November 2018, bringing together multiple agencies to protect assets of national significance Continue Reading
-
News
21 Aug 2018
Malaysia’s financial sector warms up to cloud, but lacks security leadership
Almost two-thirds of Malaysia’s financial services firms are developing a cloud strategy, but not all have a security plan in place Continue Reading
-
News
20 Aug 2018
Planned Australian law raises tech firms’ security concerns
A digital industry group representing some of the world’s largest tech firms is opposed to proposed Australian laws aimed at compelling them to help security agencies and police Continue Reading
-
News
16 Aug 2018
Trump sparks speculation after repealing cyber attack restraints
The US president has sparked speculation about US policy on launching cyber attacks by repealing Obama-era restraints, underlining the need for international rules on cyber warfare Continue Reading
-
News
14 Aug 2018
UK banks under pressure to improve downtime reporting under new FCA rules
To make it easier for customers to compare and switch between current account providers, UK banks are under pressure to improve their reporting processes for downtime and security incidents Continue Reading
-
News
13 Aug 2018
ICO strengthens commitment to technology and innovation
Information Commissioner’s Office has demonstrated its commitment to technology and innovation by appointing a new executive director to focus on this area Continue Reading
-
News
13 Aug 2018
UK firms concerned about cyber arms race
Continuous investment and activity are key in the cyber arms race, according to Databarracks, as research shows UK firms are worried about keeping up with security challenges Continue Reading
-
News
12 Aug 2018
Over 146 billion records to be stolen over next five years
The US will bear the brunt of data exfiltration efforts by cyber criminals, though Asia-Pacific nations such as Singapore will not be spared Continue Reading
-
News
10 Aug 2018
Butlin’s warns of potential personal data breach
Holiday camp chain blames cyber breach on a phishing attack, implying that attackers were able to steal user credentials to access customer data – and underlining the need for security awareness training Continue Reading
-
News
09 Aug 2018
ICO fines Emma’s Diary £140,000
The UK’s privacy watchdog has fined a marketing company for illegally collecting and selling personal information for political campaigning Continue Reading
-
News
08 Aug 2018
Australia calls for interventionist approach in new cyber agenda
The Australian government is forming a cyber defence network comprising security agencies and private sector partners to support a more interventionist approach towards cyber security Continue Reading
-
News
07 Aug 2018
Starbucks to advise on development of bitcoin trading platform
Coffee giant Starbucks has joined a group of firms advising Intercontinental Exchange on the development of a digital assets platform Continue Reading
-
Opinion
06 Aug 2018
Security Think Tank: Outsource responsibility, not accountability
What critical security controls can be outsourced and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately? Continue Reading
-
News
06 Aug 2018
Half of UK consumers to exercise GDPR rights within a year
More than half of UK consumers will exercise their General Data Protection Regulation rights within a year and almost two-thirds will retract or review data use because of the Facebook-Cambridge Analytica scandal, a study shows Continue Reading