Regulatory compliance and standard requirements
-
News
29 Aug 2025
Home Office ‘backdoor’ seeks worldwide access to Apple iCloud users’ data, court documents confirm
A court filing states that a government order against Apple would give it the capability to access communications and metadata of customers using the iCloud service anywhere in the world Continue Reading
-
Feature
28 Aug 2025
AI and backup: How backup products leverage AI
We look at how AI helps with backup, from AI analysis of backup jobs and their integrity through natural language support functionality to ransomware and anomaly detection Continue Reading
-
News
20 Sep 2023
Parliament passes sweeping Online Safety Bill but tech companies still concerned over encryption
Ofcom will consult on standards to enforce new powers, but tech companies remain concerned about the impact of the bill’s ‘spy clause’, which could require them to scan encrypted messages Continue Reading
-
News
19 Sep 2023
Braverman puts pressure on Meta to pause end-to-end encryption plans
The home secretary is calling on Meta to halt its plans to introduce encrypted messaging services on Facebook and Instagram until the company puts measures in place to detect abuse Continue Reading
-
News
19 Sep 2023
New revelations from the Snowden archive surface
A decade after Snowden exposed NSA’s mass surveillance in cooperation with the British GCHQ, only about 1% of the documents have been published – but three major facts can finally be revealed thanks to a doctoral thesis in applied cryptography by Jacob Appelbaum Continue Reading
-
News
19 Sep 2023
Nominet and European counterparts link up on intelligence sharing
The new European TLD ISAC, a collaborative project between top-level domain providers across Europe, aims to enhance their collective security posture to better protect internet users Continue Reading
-
Feature
18 Sep 2023
APAC guide to identity and access management
The rise of identity-based attacks is fuelling investments in identity and access management (IAM) tools. We examine the key capabilities of IAM, discuss implementation best practices, and explore the future of this technology Continue Reading
-
Opinion
18 Sep 2023
Security Think Tank: A user’s guide to encryption
The Security Think Tank assesses the state of encryption technology, exploring topics such as cryptographic techniques, data-masking, the legal ramifications of end-to-end encryption, and the impact of quantum Continue Reading
-
News
15 Sep 2023
TikTok fined €345m under GDPR for failing to protect children’s privacy
Data protection regulators warn social media companies to take all necessary measures to protect children’s privacy Continue Reading
-
News
15 Sep 2023
Las Vegas mainstay Caesars Palace likely paid off ransomware crew
Caesars Entertainment, owner of the lavish Roman Empire-themed Caesars Palace casino in Las Vegas, has revealed it also suffered a ransomware attack, and appears to have paid off its hackers Continue Reading
-
News
15 Sep 2023
Manchester police data breach a classic supply chain incident
The developing data breach at Greater Manchester Police follows a cyber attack on the systems of a key supplier of ID services to the force Continue Reading
-
News
14 Sep 2023
Google, Microsoft and Mozilla push browser updates to foil zero-day
A zero-day in Google’s Chrome browser was first reported by surveillance researchers at The Citizen Lab and Apple, but also affects other browsers Continue Reading
-
News
14 Sep 2023
As vehicle safety regulations loom, carmakers fret over cyber risks
Global, UN-backed car safety and security regulations come into force next year, and automotive bosses say they are not only unprepared, but “swamped” by a tide of compliance and security risks Continue Reading
-
News
13 Sep 2023
GCHQ breached privacy rights of IT professional and security researcher, human rights court rules
The European Court of Human Rights in Strasbourg finds UK intelligence services breached the privacy rights of two overseas nationals – an IT professional and a security researcher Continue Reading
-
News
13 Sep 2023
NCSC and ICO sign MoU to forge deeper collaborative links
The scope of the MoU signed by the NCSC and the ICO includes collaboration on new cyber regulations and guidance, and how to support cyber attack victims appropriately and minimise regulatory penalties Continue Reading
-
Podcast
12 Sep 2023
Podcast: ‘Data first’ a key principle of digital transformation
Chris Gorton of Syniti says organisations should put data first during digital transformation projects, and that means getting data quality, access rights and governance right Continue Reading
-
E-Zine
12 Sep 2023
The dangers of breaking encryption
In this week’s Computer Weekly, we detail the concerns of the BCS and other IT experts about the UK’s Online Safety Bill’s proposals to weaken end-to-end message encryption. Our buyer’s guide continues to look at the issues around integrating software-as-a-service applications, with a particular eye to the proliferation of SaaS during the Covid pandemic. Red Hat’s CEO Matt Hicks retails the company’s efforts to support generative AI. And we discover how immersive technologies can shape a brave new world of training and design. Read the issue now. Continue Reading
-
News
11 Sep 2023
Brits happy to break cyber law if the price is right
A study conducted ahead of an upcoming security trade fair reveals a slim majority of Brits would come out in favour of offensive government security ops and even engage in cyber criminality themselves in the right circumstances Continue Reading
-
News
11 Sep 2023
Polish election questioned after Pegasus spyware used to smear opposition, investigation finds
Senate committee alerts prosecutors over potential crimes by public officials involved in purchasing Pegasus spyware used to monitor and smear political opponents Continue Reading
-
News
08 Sep 2023
Deputy PM urges UK plc not to lose focus on cyber
In a speech at TechUK, deputy prime minister Oliver Dowden urges the cyber security community not to lose focus, and to do more to further collaboration across sectors Continue Reading
-
News
07 Sep 2023
UK minister fails to reassure tech companies over encryption risk
Technology companies say reassurances by government ministers that they have no intention of weakening end-to-end encrypted communication services do not go far enough Continue Reading
-
E-Zine
07 Sep 2023
CW EMEA: The value of valuing people
In this month’s CW EMEA ezine, we look at HR software and strategies that can help combat staff attrition, find out how Finland’s and Sweden’s plans to join NATO have initiated activity in the Nordic cyber security sector already, consider the data privacy challenges associated with generative AI, and find out why it is important for companies to implement new cryptography standards now in preparation for quantum-safe communication. Read the issue now. Continue Reading
-
News
07 Sep 2023
Finnish government to bolster spending on cyber-AI defences
Finland’s government will increase spending on cyber security amid heightened threats from artificial intelligence-based attacks Continue Reading
-
News
06 Sep 2023
French supreme court dismisses legal challenge to EncroChat cryptophone evidence
Defence lawyers plan to appeal to the European Court of Human Rights after the French supreme court disallowed an appeal over the legality of EncroChat evidence Continue Reading
-
News
06 Sep 2023
German court unclear whether intercepted EncroChat cryptophone messages are legally admissible
Germany’s Federal Constitutional Court is waiting to hear five complaints that could decide whether data from the hacked EncroChat phone network can be lawfully used in German courts, but situation remains unclear for now Continue Reading
-
News
05 Sep 2023
Law firm Fieldfisher launches data breach management tool
UK and European data breach law specialist Fieldfisher has enlisted legal tech specialist Lawcadia to supply a 24-hour data breach notification assessment platform Continue Reading
-
News
05 Sep 2023
Hacked Electoral Commission failed Cyber Essentials audit
The Electoral Commission failed an NCSC Cyber Essentials audit on multiple counts at about the same time as cyber criminals breached its systems in 2021, it has emerged Continue Reading
-
News
01 Sep 2023
IT experts issue new warnings over Online Safety Bill plans to weaken end-to-end encryption
BCS, The Chartered Institute for IT, argues the government is seeking a technical fix to terrorism and child abuse without understanding the risks and implications Continue Reading
-
News
30 Aug 2023
NCSC warns over possible AI prompt injection attacks
The UK’s NCSC says it sees alarming potential for so-called prompt injection attacks driven by the large language models that power AI chatbots Continue Reading
-
News
29 Aug 2023
Top-performing CISOs reserve time for professional development
Survey of chief information security officers conducted by Gartner sheds light on habits shared by the top-performing members of the profession Continue Reading
-
News
22 Aug 2023
Singapore to bolster OT security capabilities
Cyber Security Agency of Singapore teams up with Dragos and the US Cybersecurity and Infrastructure Security Agency to bolster the country’s OT security capabilities Continue Reading
-
News
21 Aug 2023
Cyber Explorers programme reaches 50,000 11-14 year olds in 18 months
The government-backed Cyber Explorers programme has reached 50,000 students in its first 18 months, and more schools are being invited to sign up for the Autumn Term Continue Reading
-
News
18 Aug 2023
NatWest customer calls bank’s handling of breach of his data ‘disgusting’
A second NatWest customer has contacted Computer Weekly after finding out from a whistleblower that his sensitive personal data has been in her home for 14 years Continue Reading
-
News
18 Aug 2023
MongoDB secures IRAP certification
MongoDB’s certification from Australia’s Information Security Registered Assessor Program will pave the way for federal government agencies to use its Atlas database service for protected workloads Continue Reading
-
News
17 Aug 2023
Top marks for graduates of CIISec vocational cyber course
132 young people who sat the UK’s first Extended Project Qualification in Cyber Security have received their results today Continue Reading
-
News
16 Aug 2023
CyberArk eyes growth beyond PAM
CyberArk is seeing exponential growth in the broader identity security market as the company expands its capabilities beyond privileged access management Continue Reading
-
Tip
16 Aug 2023
6 open source GRC tools compliance professionals should know
Organizations must meet a variety of regulatory compliance requirements today. Here's a look at six open source GRC tools and related resources that might help. Continue Reading
-
News
16 Aug 2023
ITAM influence on cyber risk becoming a factor in credit ratings
Credit agency S&P Global Ratings warns that organisations that pay inadequate attention to IT asset management as a factor in their cyber risk management processes may find their creditworthiness takes a dive Continue Reading
-
News
15 Aug 2023
Norfolk and Suffolk police hit by FoI-linked data breach
Latest UK police data breach relates to crime suspects, victims and witnesses across East Anglia, and comes just days after a similar incident at the Northern Irish service Continue Reading
-
News
14 Aug 2023
NatWest offers compensation to customer affected by data breach exposed by whistleblower
NatWest bank has offered compensation to a former customer affected by a data breach alongside around 1,600 other former and current customers Continue Reading
-
News
14 Aug 2023
US Cyber Board to probe cloud security after latest Exchange hack
CSRB review of cloud security comes in the wake of a major Chinese cyber attack on US government bodies orchestrated through Microsoft’s cloud services Continue Reading
-
News
09 Aug 2023
Northern Irish police expose staff data in botched FoI response
Human error is being blamed for the leak of personally identifiable information on all serving officers and civilian staff at the Police Service of Northern Ireland Continue Reading
-
News
08 Aug 2023
UK voter data hacked in cyber attack on election watchdog
An unknown threat actor who attacked the UK’s Electoral Commission had access to data on millions of UK voters for over a year, the watchdog has revealed Continue Reading
-
News
04 Aug 2023
Biden’s SBOM mandate a ‘shot heard around the world’, report says
Two years and three months after Joe Biden mandated new standards in supply chain security, over 40% of UK respondents to a survey say they have implemented new SBOM policies in direct response Continue Reading
-
Definition
03 Aug 2023
SOC 2 (System and Organization Controls 2)
SOC 2 (System and Organization Controls 2), pronounced "sock two," is a voluntary compliance standard for ensuring that service providers properly manage and protect the sensitive data in their care. Continue Reading
-
News
03 Aug 2023
Microsoft attacked over ‘grossly irresponsible’ security practice
The CEO of Tenable has launched a scathing attack on Microsoft, asserting that the organisation is deliberately keeping its Azure cloud customers in the dark about dangerous vulnerabilities and accusing it of a culture of ‘toxic obfuscation’ Continue Reading
-
Opinion
02 Aug 2023
Vigilance advised if using AI to make cyber decisions
The AI arms race is heating up, and the battle lines are being redrawn. Still, organisations should proceed cautiously and remain vigilant in scrutinising AI’s ability to ensure accurate, safe, and informed decision-making. Continue Reading
-
Definition
28 Jul 2023
compliance audit
A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines. Continue Reading
-
Opinion
28 Jul 2023
Does AI have a future in cyber security? Yes, but only if it works with humans
Do AI and ML hold the promise of helping cyber pros achieving the holy grail of operating quicker, cheaper, and with higher efficiency? We shouldn’t hold our breath, says Nominet’s Paul Lewis Continue Reading
-
News
28 Jul 2023
How Indian organisations are keeping pace with cyber security
Indian organisations are shoring up their defences to improve their cyber resilience amid intensifying cyber threats targeted at key sectors such as healthcare and logistics Continue Reading
-
News
27 Jul 2023
US cyber breach reporting rules to have global impact
Organisations that operate as Foreign Private Issuers in the US will have to get to grips with strict new cyber breach reporting regulations handed down by the SEC in Washington Continue Reading
-
News
27 Jul 2023
Meta results show impact of data fines and datacentre upgrade strategy
The owner of Facebook is battling with regulators over transferring EU data to the US. It is also seeing less improvements on CPUs Continue Reading
-
News
27 Jul 2023
Ant Group teams with NTU to advance privacy-preserving technologies
The Chinese fintech giant is partnering with Singapore’s Nanyang Technological University on a cryptographic protocol that ensures the privacy of transacting parties Continue Reading
-
News
26 Jul 2023
UK organisations lack confidence to carry out basic cyber tasks
Amid a shortfall of more than 10,000 cyber pros, UK businesses are still finding it difficult to fill their cyber security skills gaps, with even those in charge of security saying they lack confidence in themselves Continue Reading
-
News
25 Jul 2023
Cisco, BT and others launch network security coalition
Network Resilience Coalition focuses on bringing together global expertise to improve data and network security Continue Reading
-
News
25 Jul 2023
Tetra radio users’ comms may have been exposed for years
A number of flaws in the encryption algorithms used in the secure Tetra radio communications standard have potentially left users exposed to snooping Continue Reading
-
News
24 Jul 2023
Tribunal investigates complaint that journalists’ phones were unlawfully monitored
The Investigatory Powers Tribunal has agreed to investigate complaints by Northern Ireland investigative journalists Trevor Birney and Barry McCaffrey that they were unlawfully placed under surveillance Continue Reading
-
Definition
24 Jul 2023
802.11
802.11 is a family of evolving specifications for wireless local area networks (WLANs) developed and maintained by a working group of IEEE. Continue Reading
-
News
24 Jul 2023
Security AI and automation may reduce cost of data breaches
Organisations that go all in on security AI and automation tend to incur lower financial costs when they experience a data breach incident, according to an IBM report Continue Reading
-
News
24 Jul 2023
Why cyber security should be part of your ESG strategy
The impact of data breaches and cyber threats on businesses, societies and the environment makes cyber security a key consideration in an environment, social and governance strategy Continue Reading
-
Feature
21 Jul 2023
Handbook helps Dutch organisations migrate to quantum-safe communication
Organisations must start implementing new cryptography standards – as migration is a lengthy process Continue Reading
-
Opinion
21 Jul 2023
The problem with ‘secure’ messaging
Secure instant messaging is becoming a norm for business communications but it raises three important security and compliance questions Continue Reading
-
Definition
21 Jul 2023
invitation to tender (ITT)
An invitation to tender (ITT) is a formal document that is issued by a company or an organization inviting suppliers or contractors to submit a bid for a project or service. Continue Reading
-
Feature
21 Jul 2023
What the Product Security and Telecommunications Infrastructure Act means for UK industry
For years, many network-connected devices have lacked adequate security, putting their users and others at risk of cyber attacks. The UK’s PSTI Act aims to prevent this by mandating minimum security requirements, but what impact will this have on industry? Continue Reading
-
News
21 Jul 2023
Government boosts protection for encryption in Online Safety Bill but civil society groups concerned
House of Lords adopts amendment to require Ofcom to commission a report before requiring technology companies to scan encrypted messages, but drops proposals for judicial oversight Continue Reading
-
News
20 Jul 2023
How the DSMA balances security and privacy with press freedom
In a world of information sharing and 24-hour news cycles, the Defence and Security Media Advisory committee have to balance national security and data privacy with freedom of the press Continue Reading
-
Opinion
19 Jul 2023
At the gates – How to survive the era of cyber insecurity
Businesses face more legal risks, a mine field of regulation, and individual liability for failures. Getting the basis right is more important than ever. Continue Reading
-
News
19 Jul 2023
Half of cyber pros engage in risky behaviour at work, report claims
Approximately 55% of security professionals say they have engaged in behaviours they would more usually advise against in the workplace, according to a report Continue Reading
-
News
19 Jul 2023
Cyber criminal AI tool WormGPT produces ‘unsettling’ results
A newly discovered generative AI tool dubbed WormGPT is being sold to the cyber criminal underground via the dark web, and poses a significant danger, researchers warn Continue Reading
-
Opinion
19 Jul 2023
Prepare for quantum to fundamentally change PKI effectiveness
Encryption has always been a fundamental aspect of Public Key Infrastructure but the rise of quantum computing poses a significant threat to this. Thales' John Cullen says post-quantum cryptography may hold the key to safeguarding the future. Continue Reading
-
News
18 Jul 2023
NATO membership to drive Nordic cyber security sector growth
The Nordic cyber security sector will see increasing demand as Finland and Sweden joint NATO Continue Reading
-
Opinion
17 Jul 2023
The essential role of PETs in unlocking the trillion dollar SaaS market
Ahead of the Eyes-Off Data Summit in Dublin, Jack Fitzsimons of Oblivious AI explains why so-called Privacy Enhancing Technologies or PETs may hold the key to unlocking the full potential of SaaS in the enterprise Continue Reading
-
News
17 Jul 2023
Police Scotland use cloud for biometric data despite clear risks
Police Scotland confirms it has stored significant volumes of biometric data on a cloud-based digital evidence sharing system despite major ongoing data protection concerns, bringing into question the effectiveness of the current regulatory approach and the overall legality of using hyperscale public cloud technologies in a policing context Continue Reading
-
Opinion
14 Jul 2023
Improve business outcomes by managing data and analytics risk
An effective data and analytics risk and control environment requires a full understanding of data, analytics and AI risks, related risk decisions and their impact on business outcomes Continue Reading
-
News
13 Jul 2023
MPs launch inquiry into government use of data
The Public Administration and Constitutional Affairs Committee is to investigate the possibility of reforming the way government collects and analyses data, and whether the UK census could be scrapped Continue Reading
-
News
12 Jul 2023
Forensic Institute provides Hansken viewing method for Dutch lawyers
Dutch lawyers can now view crypto communication in criminal cases from their own workplace via digital search engine Hansken. Previously, this had to be done at an external location Continue Reading
-
News
12 Jul 2023
Ofcom’s online safety preparedness efforts hobbled by government
Despite Ofcom’s progress so far, UK government changes to the scope and timetable of the Online Safety Bill are hobbling the ability of the regulator to successfully prepare for the new regime Continue Reading
-
News
12 Jul 2023
Whistleblower contacts NatWest customers affected by a decade-old data breach
Former worker says contacting the people affected by the data breach is her last resort after the bank and regulators appear satisfied that the sensitive data file is safe stored under her bed Continue Reading
-
News
11 Jul 2023
EU formally grants data adequacy to US
The European Commission has formally granted the US data adequacy, allowing companies and organisations to freely transfer personal data across the Atlantic via the EU-US Data Privacy Framework. But privacy activist Max Schrems has already committed to legally challenging the decision Continue Reading
-
News
11 Jul 2023
Malicious URL volumes soar as cyber criminals pull on Threads
Malicious actors have been quick to exploit the buzz around Meta’s newly launched Threads platform, with thousands of new suspicious domains registered exploiting its branding Continue Reading
-
Feature
11 Jul 2023
Norwegian data privacy experts sound alarm over generative AI
Hundreds of millions of people embrace generative artificial intelligence, blissfully ignorant of what it’s doing to data privacy. Continue Reading
-
News
07 Jul 2023
Suspicious email reported every five seconds in UK
National Cyber Security Centre report reveals a suspicious email was reported by UK citizens and organisations every five seconds last year Continue Reading
-
News
06 Jul 2023
VMware ramps up on sovereign cloud in APAC
VMware is working with local partners to deliver sovereign cloud services in the region, amid growing sovereignty interests among governments and the need maintain business continuity Continue Reading
-
News
06 Jul 2023
Biometrics watchdog calls for public space surveillance review
The biometrics and surveillance camera commissioner is calling for a review of public space surveillance to gain a clearer picture about the proliferation of Chinese surveillance technology across the public sector, but warns against applying double standards on companies just because they are from China Continue Reading
-
News
06 Jul 2023
Meta’s Threads hits app stores, but no EU launch in sight
Meta’s Twitter competitor makes its debut and signs up millions of users in just 12 hours, but concerns over compliance with the EU’s Digital Markets Act have sunk a pan-European launch for now Continue Reading
-
News
05 Jul 2023
Germany: European Court of Justice hears arguments on lawfulness of EncroChat cryptophone evidence
The European Court of Justice will decide whether the collection and sharing of data intercepted by law enforcement from EncroChat crypto phone network is compatible with European law Continue Reading
-
News
05 Jul 2023
UK public increasingly concerned over NHS data sovereignty
Amid security concerns and AI advances, a majority of the British public still trusts the NHS to store and analyse their health data, but would prefer it remains domiciled in the UK Continue Reading
-
News
04 Jul 2023
EU judgment sinks Meta’s argument for targeted ads
The EU Court of Justice has issued a significant judgment against Meta, ruling that national anti-trust bodies can investigate GDPR breaches, disrupting the platform’s entire basis for carrying out targeted advertising Continue Reading
-
News
30 Jun 2023
AI can never be given control over combat decisions, Lords told
Artificial intelligence is technically incapable of distinguishing between the complex contextual factors of combat situations, and will likely never be able to, according to legal and software experts Continue Reading
-
Opinion
30 Jun 2023
The time to implement an internal AI usage policy is now
As with any emerging technology, AI’s growth in popularity establishes a new attack surface for malicious actors to exploit, thereby introducing new risks and vulnerabilities to an increasingly complex computing landscape. Continue Reading
-
News
28 Jun 2023
Charity demands transparency in digital universal credit system
The digital universal credit system needs overhauling to ensure greater transparency over benefit claims and more effective means of redress when things go wrong, says child poverty charity Continue Reading
-
News
28 Jun 2023
GDPR tax reclaim scheme preys on fears of SMEs
IT suppliers are a target of companies offering a tax reclaim scheme that preys on small businesses’ fears around General Data Protection Regulation compliance Continue Reading
-
News
27 Jun 2023
3,600 potential cyber security experts apply to government scheme
The UK government’s Upskill in Cyber programme is reporting great success just a month after launch, with almost half of applicants women Continue Reading
-
Opinion
26 Jun 2023
ChatGPT’s phishing ‘problem’ may not be overstated
Some data now suggests that threat actors are indeed using ChatGPT to craft malicious phishing emails, but the industry is doing its best to get out in front of this trend, according to the threat intelligence team at Egress Continue Reading
-
News
23 Jun 2023
ICO under fire for taking limited action over serious data breaches
The ICO has come under fire from lawyers and data protection specialists for just issuing written warnings to two public bodies over serious data breaches that placed people’s lives at risk Continue Reading
-
Feature
23 Jun 2023
Generative AI: Data privacy, backup and compliance
We look at generative AI and the risks it poses to data privacy for the enterprise, implications for backup, and potentially dangerous impacts on compliance Continue Reading
-
News
23 Jun 2023
Phishing and ransomware dominate Singapore’s cyber threat landscape
Phishing and ransomware attacks continued apace in Singapore last year amid signs of improving cyber hygiene Continue Reading
-
News
21 Jun 2023
Nearly quarter of a million malicious websites reported and removed through NCSC service
A suspicious email and text message reporting service in the UK has directly led to a quarter of a million malicious websites being removed Continue Reading
-
Podcast
21 Jun 2023
Podcast: Cloud security, compliance and data classification
The rise of cloud has led to a proliferation of enterprise data and a rise in risk. We talk to Vigitrust CEO Mathieu Gorge about how to ensure compliance in a multicloud world Continue Reading
-
Feature
20 Jun 2023
ChatGPT is creating a legal and compliance headache for business
ChatGPT’s increased use in the workplace has led many to question its legal and compliance implications for businesses. Experts warn that the software poses major security and copyright risks Continue Reading
-
Definition
19 Jun 2023
PCI compliance
PCI compliance is adherence to the set of policies and procedures developed to protect credit, debit and cash card transactions and prevent the misuse of cardholders' personal information. Continue Reading
-
News
15 Jun 2023
NCSC warns over ‘enduring’ LockBit threat
Although its activity volumes have been lower of late, LockBit is still a highly dangerous ransomware gang and is now the subject of a new international cyber advisory Continue Reading