Regulatory compliance and standard requirements

Search begins for UK’s cyber security Unsung Heroes

The Security Serious cyber awareness campaign has opened nominations for the third annual cyber security Unsung Heroes awards Continue Reading

Burden of data protection rests on firms and governments

A senior executive at Singapore’s Cyber Security Agency stressed the role of corporate data governance and government regulations in raising the bar on cyber security Continue Reading

Facebook stock price falls on slowing growth forecast

Facebook’s stock price has fallen dramatically in response to a forecast of slower revenue growth in 2018 and lower-than-expected user growth for the second quarter Continue Reading

Beyond GDPR: ePrivacy could have an even greater impact on mobile

From how we monitor air pollution and manage our public transport systems, to how we enable connected cars and the next generation of 5G mobile services, the forthcoming ePR could have a lasting impact on European society Continue Reading

Australian energy sector caught in security catch-22

With regulators unwilling to accept security investments that would lead to higher tariffs, there is a chance that Australia’s National Energy Market could face increased cyber risks Continue Reading

What the ICO's Facebook fine teaches us

Legal expert Alexander Egerton considers whether the ICO’s planned £500,000 fine for Facebook is the precursor of a spate of increased fines across the board, or if it shows the ICO’s stance has not changed and will continue to target certain activities Continue Reading

Huge Singapore data breach shows need for new approach

A major data breach in Singapore underlines the need for a new approach to protecting critical data and applications, say security experts Continue Reading

GDPR drives down UK insider threat

The insider threat in European countries is falling post-General Data Protection Regulation, but continues to rise in the US, a study has revealed Continue Reading

NCSC report underlines cyber threat for legal firms

Legal firms are a top target for cyber attackers, the latest report from the National Cyber Security Centre shows, emphasising the need for comprehensive cyber defence capabilities Continue Reading

Uptick in UK privacy awareness, says ICO

The UK’s privacy watchdog, the Information Commissioner’s Office, reports increased public awareness of privacy and information rights issues Continue Reading

Uber appoints first privacy and data protection chiefs

Uber is getting its privacy and data protection house in order in the wake of damaging data breaches and in anticipation of the company’s planned stock market launch in 2019 Continue Reading

A third of organisations do not have a security expert, survey shows

Around a third of organisations are vulnerable to cyber attacks due to a lack of dedicated in-house cyber security experts, finds Gartner survey Continue Reading

New industry network to bolster data protection in ASEAN

The Data Protection Excellence network will assist organisations and individuals new to data protection laws by providing hands-on training and professional certification courses Continue Reading

Matching disaster recovery to cyber threats

While it is important to take steps to prevent cyber attacks, they can still happen. That is why disaster recovery practices are equally critical Continue Reading

Cyber attackers cashing in on ‘hidden’ attack surface

Cyber attackers are cashing in on organisations’ lack of visibility into all online interactions that can involve multiple third parties, a report reveals Continue Reading

Cloudian adds Storage Made Easy file-sync-and-share compliance

Object storage maker adds file-sync-and-share with compliance filters from Storage Made Easy to restrict movement of potentially sensitive data between endpoints and datacentres Continue Reading

Facebook could face ICO fine of up to £500,000

Facebook could face the maximum fine provided by the UK’s previous data protection laws for lack of transparency and security issues relating to the harvesting of data, the UK’s privacy watchdog has revealed Continue Reading

Lords urge Brexit negotiators to reach agreement on security

Time is running out for the UK and EU to agree on a future security relationship and if negotiators fail to find common ground, all stakeholders stand to lose, warns a Lords’ committee Continue Reading

Cyber crime: why business should report it as soon as possible

Cyber crime is affecting a growing number of businesses, yet few are reporting it. Computer Weekly lifts the veil on cyber crime reporting, looking at the who, what, when, where, how and why Continue Reading

As prime minister unveils Brexit plans, TechUK calls for deal on services

The UK tech industry wants a Brexit deal open to services, mirroring the EU trade agreement with Canada Continue Reading

Collaborative taskforce launches security intelligence network

BAE Systems, Vodafone, cyber security incubator CyLon and other partners have joined forces in unveiling a manifesto for safeguarding society in the digital age Continue Reading

ICO Grants Programme launches second round of funding

The ICO is inviting a second round of applications for funding to promote and support independent, innovative research and solutions focused on privacy and data protection Continue Reading

European Parliament calls for suspension of Privacy Shield

The Privacy Shield framework that replaced the Safe Harbour agreement for personal data transfers between the EU and the US is under increased pressure due to alleged non-compliance by US firms Continue Reading

Singapore company turns to blockchain to improve food security

SMC Nutrition is using a blockchain distributed ledger developed by a Singapore-based company to gain visibility across its supply chain and ensure food security Continue Reading

Exiting EU committee cattle-prods government on 'data adequacy'

House of Commons Select Committee for Exiting the European Union urges the government to start the process to secure a “Data Adequacy Decision” from the EU pronto Continue Reading

Feds expand Facebook data sharing probe

The US federal probe into Facebook’s data sharing practices is expanding and MEPs are considering new measures as the firm reveals it granted extended access to 61 companies and admits to another data sharing software bug Continue Reading

UK government cyber security standard welcomed

The information security community has welcomed the publication of the government’s minimum cyber security standard, which could be used by any organisation to improve its cyber defences Continue Reading

GDPR exposes breach reporting flaws

In the month since the GDPR compliance deadline, it has become clear that many organisations are not well prepared for personal data breach notifications, says PwC’s data protection lead Continue Reading

UK biometrics strategy criticised for lack of content

The long-awaited government biometrics strategy falls short of the mark, say critics, failing to provide a detailed and coherent strategy or governance framework Continue Reading

British Muslim considers appeal after court rules repeated terrorism stops are legal

Muzaffar Abdullah, a 37-year-old gas engineer who has been stopped and questioned by police at airports at least 10 times, is considering an appeal after being found guilty of wilful obstruction for refusing to answer questions under controversial terrorism legislation. He received a conditional discharge. Continue Reading

AI and other tech key to post-Brexit success, says Matt Hancock

Digital secretary Matt Hancock highlights the importance of emerging technologies to the future of the UK at the opening of London’s cyber security innovation centre Continue Reading

Global IoT security standard remains elusive

Despite the lack of a global internet of things security standard, existing security frameworks are on the same page in areas such as device upgradability and data stewardship Continue Reading

British Muslim challenges use of intelligence databases for repeated police stops

Muzaffar Abdullah is challenging police use of intelligence databases to repeatedly stop and question Muslims, after being arrested for refusing to answer questions under Schedule 7 of the Terrorism Act 2000. His lawyers say he had been stopped at least 10 times before and the police should have known he had no connection to terrorism Continue Reading

UK privacy groups join call on EU to halt comms data collection

UK-based privacy groups have joined calls for a halt to the collection of communications data by European Union member states Continue Reading

Singapore remains hotbed for cyber threats

Singapore was a victim of advanced persistent threats, phishing and website defacements in 2017, according to the latest threat landscape report by the Cyber Security Agency Continue Reading

Microsoft becomes devoted to open source developers

In this week’s Computer Weekly, after Microsoft’s recent acquisition of GitHub, we examine the software giant’s tools for embracing open source developers. Secretary of state for digital, culture, media and sport Matt Hancock talks about growing the UK digital economy and supporting the tech sector. And we look at SAP’s next steps for its “intelligent enterprise” strategy. Read the issue now. Continue Reading

AI is key to keeping IBM compliant with GDPR

Artificial intelligence is vital for keeping IBM compliant with the principles of the General Data Protection Regulation, which, in turn, provides opportunities for business, says the company’s data protection officer Continue Reading

NCSC urges action after Dixons Carphone breach

The National Cyber Security Centre (NCSC) is urging UK business to improve data protection capabilities after Dixons Carphone revealed that millions of payment card and personal data records may have been compromised in a cyber breach Continue Reading

Dixons Carphone admits 'falling short' on data protection

Dixons Carphone has warned that millions of credit card and personal data records may have been compromised in a cyber breach Continue Reading

Privacy Shield under threat by US non-compliance

The Privacy Shield framework that replaced the Safe Harbour agreement for personal data transfers between the EU and the US is under threat due to non-compliance by US firms Continue Reading

Email-based cyber attacks gathering momentum

Email-based cyber attacks are gathering momentum and the cost of these attacks are rising, with several hidden costs, a survey of IT professionals in Europe, Middle East and Africa reveals Continue Reading

Singapore career website hit by PageUp malware scare

A Singapore government career website was among others affected by a malware attack on an Australian recruitment technology supplier Continue Reading

How Australia is keeping pace with ICS threats

Besides bridging the security gap between IT and operational technology teams, Australia is driving efforts to bolster the security of IoT devices Continue Reading

Security Think Tank: Data flow visibility is essential to security

Why is it important to know where data flows, with whom it is shared and where it lives at rest, and what is the best way of achieving this? Continue Reading

Coinrail cyber heist highlights need for exchange security

A cyber heist at South Korea’s Coinrail has prompted fresh calls for industry regulations to drive better cyber security at cryptocurrency exchanges Continue Reading

APAC remains a hotbed for software piracy

The Asia-Pacific region is still seeing the highest use of unlicensed software installations globally, making enterprises more susceptible to cyber attacks from malware Continue Reading

European Court hearing into EU-US data transfer system will not happen for at least 18 months

By Kevin Cahill The European Court of Justice may not have a hearing into crucial questions about the legality of the EU-US data transfer system for at least 18 months according to a spokesperson ... Continue Reading

Businesses must report cyber crime, panel urges

By reporting cyber crimes, private enterprise can help improve national and international cyber defences and bring criminals to justice, according to an expert panel Continue Reading

IT spending reaches 10-year high as CIOs struggle with digital technology strategy

IT leaders have seen their budgets and headcounts rise for the first time in 10 years, but face challenges implementing their digital strategies Continue Reading

Security Think Tank: Understand data for risk-based protection

Why is it important to know where data flows, with whom it is shared and where it lives at rest, and what is the best way of achieving this? Continue Reading

GDPR and backup: A potential minefield easily avoided

The right to be forgotten will be impossible in backups and snapshots, but systems can be built that automate for compliance, says Andy Barratt of security consultancy Coalfire Continue Reading

We need to design for security and privacy, says Martha Lane Fox

The digital future is bright, but only if society works through a gear change in its relationship with technology, and demands products and services that are secure and private by design, says internet service pioneer Continue Reading

Nexsan adds Assureon Cloud Transfer for hybrid cloud archiving

Nexsan archiving appliances add hybrid cloud capability to AWS and Azure cloud for unstructured data, targeting users that want to retain files on-site with cloud access Continue Reading

One-third of firms would pay ransoms rather than invest in security

Report says businesses are still making the same mistakes, failing to make any progress in crucial areas such as cyber security awareness and preparedness Continue Reading

Security Think Tank: Data controllers are essential in modern business environment

Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this? Continue Reading

Business still not addressing insider threat

Businesses are still not addressing inside threats when it comes to cyber security, leaving themselves wide open to data breaches as a result, according to a security analyst Continue Reading

Max Schrems’s NOYB initiates GDPR action

A privacy NGO led by Austrian lawyer Max Schrems is among the first to file complaints under the GDPR against Google, Instagram, WhatsApp and Facebook Continue Reading

GDPR may not be perfect, but it’s an important milestone in data protection

It's GDPR day, and TechUK's CEO Julian David writes about what is an important milestone in data protection in the digital world Continue Reading

GDPR puts people first, says ICO

The day of 25 May 2018 marks the biggest change to UK data protection law in a generation, with benefits for businesses and consumers, according to the UK privacy watchdog Continue Reading

Commitment is the watchword on GDPR D-Day

New rules for protecting European citizens’ personal data are now enforceable by law, and organisations are being advised to focus broadly on commitment rather than narrowly on compliance Continue Reading

Stronger rules on data protection by EU institutions agreed

On the eve of the GDPR compliance deadline, European politicians agree new rules to strengthen data protection in EU organisations Continue Reading

Security experts weigh in on GDPR checklists

Security experts give their views on what final checks businesses should be doing on the eve of the General Data Protection Regulation compliance deadline, while a survey reveals almost half of Brits have not heard of it Continue Reading

New UK Data Protection Act not welcomed by all

Legislation makes the UK one of the first countries to implement the GDPR in local law, but some have criticised it as a “lost opportunity” Continue Reading

UK calls for new data-sharing model with EU

The UK has proposed a new data-sharing model to ensure ongoing data protection collaboration and free flow of data between the EU and the UK post-Brexit Continue Reading

Compliance in the cloud: Avoiding the cloud compliance trap

When you hand over data to a cloud provider, you don’t hand over responsibility for legal and regulatory compliance. Beware of falling into a cloud compliance trap Continue Reading

Application and device security under the spotlight

The security of internet-connected devices and associated applications has become a significant concern, prompting suggestions legislation may be required, while the UK government’s recent Secure by Design review suggests several solutions, including legislative measures Continue Reading

Facebook is ready for GDPR, says Zuckerberg

Facebook chief Mark Zuckerberg has claimed the social network is ready for GDPR, but failed to give any answers to the most probing questions posed by European MEPs Continue Reading

GDPR is here – are you ready?

The EU’s new data protection regulation, GDPR, comes into force this week. In this edition of Computer Weekly, we ask if companies are ready for it and look at what happens if you’re not yet compliant. Our latest buyer’s guide examines digital transformation and the role of the CIO. And we find out how technology is changing the traditional sport of cricket. Read the issue now. Continue Reading

Finland government examines centralised cyber defence

The Finnish government is attempting to centralise its fight against increasing cyber threats to its infrastructure Continue Reading

Google sued for £3.2bn for tracking UK iPhone browsing

A lawsuit by a group called Google You Owe Us is seeking compensation from Google for tracking millions of UK iPhone users’ browsing data Continue Reading

ICO fines University of Greenwich £120,000

The UK privacy watchdog has issued a monetary penalty against the University of Greenwich for a "serious" security breach Continue Reading

ICO could use new GDPR powers in Facebook probe

UK privacy watchdog is considering using new powers in its investigation of Facebook, while the government is considering new laws to police social media firms Continue Reading

Most UK marketers GDPR ready, but not all firms have a plan

Most UK marketers believe they are ready for GDPR, but a worrying number believe their employers may not be, as businesses are urged to embrace the positives a week before the compliance deadline Continue Reading

BYOD in UK SMEs linked to security incidents

Bring your own device practices have been identified as a cyber security risk for six in 10 SMEs in research published a week ahead of the GDPR compliance deadline Continue Reading

GDPR compliance: Addressing the overlooked in enterprise IT infrastructures

As the GDPR compliance deadline approaches, enterprises need to ensure they have looked beyond the headline-grabbing aspects of the regulation so they do not fall foul of the incoming data protection regulations Continue Reading

Use GDPR to propel business forward, says ICO

GDPR is about a new way of doing things that businesses can use to their advantage, and cyber security is a key element, according to the Information Commissioner’s Office Continue Reading

GDPR impact on Whois data raising concern

The negative impact of the GDPR on internet domain registration information is raising concern in cyber security circles because the data is key to cyber crime fighting operations Continue Reading

Most firms see GDPR as an opportunity

A growing number of organisations consider the GDPR to be an opportunity to improve the way they handle data privacy and security, while leaders are using it as an opportunity for full business transformation, a study shows Continue Reading

Cage director Rabbani heads for Supreme Court after appeals court rules password demands lawful

Muhammad Rabbani, director of campaigning group Cage, will appeal to the Supreme Court after Court of Appeal rules that police did not act unlawfully by demanding his computer and mobile phone passwords under Section 7 of the Terrorism Act Continue Reading

BSI launches kitemark for internet of things devices

The British Standards Institution has launched a new kitemark for IoT devices, designed to improve consumer trust in the technology Continue Reading

It’s not too late to get GDPR ready

With the GDPR compliance deadline on 25 May 2018, there is little time to get ready, but it is not too late, according to the IAPP, which provides a checklist to help organisations ensure they are in the best position possible for the deadline Continue Reading

Police Scotland did not inform public of mobile phone searches

Members of the Scottish Parliament heard that Police Scotland did not conduct impact assessments or give explanations to the public when they were accessing private data on their mobile phones Continue Reading

Hacking the internet of things just got easier – it’s time to look at your security

Are you taking security for internet-connected devices seriously enough? Continue Reading

CW Benelux: Rotterdam charts course to become world’s smartest port

The Port of Rotterdam in the Netherlands is using internet of things and artificial intelligence technology from IBM in a bid to become the world’s smartest port. Also read how companies in the Netherlands are only partly ready for the country’s version of the EU’s General Data Protection Regulation (GDPR), and why the European Central Bank thinks cash will remain in use in the Eurozone for a very long time. Continue Reading

Embrace GDPR to remain competitive, says OWI

The EU’s General Data Protection Regulation is set to raise the bar internationally for data protection and should be embraced to remain competitive, says report Continue Reading

CNI providers face hefty fines for cyber security failings

UK providers of critical national infrastructure face hefty fines for cyber security failings from 10 May 2018 Continue Reading

Breach disclosure time still high, report shows

Companies are getting faster at disclosing breaches, but the average is still too high in the light of the GDPR and other breach disclosure regulations, a report shows Continue Reading

Financial sector cyber-related laws are a bellwether, says Deloitte

As the regulatory landscape becomes more complex, organisations should look to the financial sector to see what else is coming, as well as focus on three key areas of GDPR compliance, according to Deloitte Continue Reading

City Police use Lego simulation to teach businesses cyber security

City of London Police are offering to train business leaders and IT security in cyber security using a Lego simulation that is surprisingly close to real life Continue Reading

Cambridge Analytica closure will not halt probe, says ICO

The London-based data mining firm at the heart of the Facebook data exploitation scandal has announced it is closing, but the ICO says the probe into its actions will still go ahead Continue Reading

ARM aims to boost physical security of IoT

Chipmaker ARM announces microprocessor aimed at improving the physical security capabilities of devices making up the internet of things Continue Reading

Workday to continue investing heavily in APAC

Cloud applications supplier has increased its investments in the region by more than 50% in the past year, and is looking to maintain its double-digit growth in international markets Continue Reading

UK critical services need to up cyber defences to avoid fines

UK critical infrastructure providers could be liable for fines of millions of pounds if they do not improve their cyber defences and resilience of their IT infrastructure, a study reveals Continue Reading

Security Think Tank: Reducing dwell has never been more important

Why is reducing cyber attacker dwell time important, and how should this be tackled? Continue Reading

Security Think Tank: GDPR compliance one good reason to cut attacker dwell time

Why is reducing cyber attacker dwell time important, and how should this be tackled? Continue Reading

Only 5% of charities are ready for GDPR, survey shows

A survey shows relatively few charities are prepared for new data protection regulations, highlighting several areas for improvement Continue Reading

Most organisations unprepared for GDPR, survey finds

Despite the vast majority of businesses agreeing that GDPR affects them, only 5% say they are fully prepared for it, according to a BSI survey Continue Reading

DWP to spend nearly £15m on GDPR

A single government department plans to spend nearly £15m on preparing for new European data protection legislation, a report reveals Continue Reading

GDPR: Put your data in Azure cloud, says Microsoft chief

Tech giant reports strong growth in its cloud business in third-quarter 2018 fiscal results Continue Reading

British banks target Israeli security technology

British banks are turning to Israel’s high-tech sector to protect against cyber attacks Continue Reading